The version of samba installed on the remote host is prior to 4.10.16-20.62. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1642 advisory.

    It was found that the Kerberos Key Distribution Center (KDC) delegation feature, Service for User (S4U),     did not sufficiently protect the tickets it's providing from tempering. A malicious, authenticated service     principal allowed to delegate could use this flaw to impersonate a non-forwardable user. (CVE-2020-17049)

    A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client     had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or     printer) instead of client-supplied data. The client cannot control the area of the server memory written     to the file (or printer). (CVE-2022-32742)

    A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By     encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling     full domain takeover. (CVE-2022-32744)

    A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP     add or modify the request, usually resulting in a segmentation fault. (CVE-2022-32745)

    A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP     message values freed by a preceding database module, resulting in a use-after-free issue. This issue is     only possible when modifying certain privileged attributes, such as userAccountControl. (CVE-2022-32746)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Amazon Linux AMI : samba (ALAS-2022-1642)

high Nessus Plugin ID 168596

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.5 Jan 9, 2026, 4:08 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploit framework core" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202601091608
Version 1.4 Dec 12, 2024, 9:55 AM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Plugin metadata Plugin Feed: 202412120955
Version 1.3 Dec 29, 2022, 11:58 AM IAVM reference Plugin Feed: 202212291158
Version 1.2 Dec 10, 2022, 1:49 PM New Plugin Feed: 202212101349