Affected: Heimdal Kerberos with DES encryption: Summary: There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal.
CVE-2022-3437 impacts DES encryption. SAS uses LDAP sasl and SMB to talk to AD however in current versions of SAS, DES is disabled by default.
原因
CVE-2022-3437
解决办法
Safeguard Authentication Services (SAS) does not configure DES by default and it's not recommended that DES encryption is used.
Change Request 386039 has been raised to investigate applying the Heimdal patch for CVE-2022-3437 to a future version of SAS.