Skip to main content

Authentication Bypass by Spoofing


Severity High
Score 8.8/10


A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover. This issue affects versions 4.3.x prior to 4.14.14, 4.15.x prior to 4.15.9, and 4.16.x prior to 4.16.4.

  • LOW
  • HIGH
  • NONE
  • LOW
  • HIGH
  • HIGH

CWE-290 - Authentication Bypass by Spoofing

This attack-focused weakness is caused by improperly implemented authentication schemes that are subject to spoofing attacks.

Advisory Timeline

  • Published