[Samba] Does CVE-2022-32744 apply if your Samba server is not a KDC?

Jim Brand JHBRAND at up.com
Sun Dec 11 12:40:45 UTC 2022


This is in reference to https://www.samba.org/samba/security/CVE-2022-32744.html

Our KDC's are on Windows, not Linux so I assume we are not vulnerable here.   And we do not need this setting in smb.conf

kpasswd port = 0

Thanks,
Jim Brand



This email and any attachments may contain information that is confidential and/or privileged for the sole use of the intended recipient. Any use, review, disclosure, copying, distribution or reliance by others, and any forwarding of this email or its contents, without the express permission of the sender is strictly prohibited by law. If you are not the intended recipient, please contact the sender immediately, delete the e-mail and destroy all copies.


More information about the samba mailing list