USN-5174-2: Samba regression<\/p>\n
USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a
\nregression in Kerberos authentication in certain environments.<\/p>\n
Please see the following upstream bug for more information:
\nhttps:\/\/bugzilla.samba.org\/show_bug.cgi?id=14922<\/p>\n
This update fixes the problem.<\/p>\n
Original advisory details:<\/p>\n
Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client
\n connections. A remote attacker could possibly use this issue to downgrade
\n connections to plaintext authentication. (CVE-2016-2124)<\/p>\n
Andrew Bartlett discovered that Samba incorrectly mapping domain users to
\n local users. An authenticated attacker could possibly use this issue to
\n become root on domain members. (CVE-2020-25717)<\/p>\n
Andrew Bartlett discovered that Samba did not properly check sensitive
\n attributes. An authenticated attacker could possibly use this issue to
\n escalate privileges. (CVE-2020-25722)<\/p>\n
Joseph Sutton discovered that Samba incorrectly handled certain TGS
\n requests. An authenticated attacker could possibly use this issue to cause
\n Samba to crash, resulting in a denial of service. (CVE-2021-3671)<\/p>\n
The fix for CVE-2020-25717 results in possible behaviour changes that could
\n affect certain environments. Please see the upstream advisory for more
\n information:<\/p>\n
https:\/\/www.samba.org\/samba\/security\/CVE-2020-25717.html USN-5174-2: Samba regression USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https:\/\/bugzilla.samba.org\/show_bug.cgi?id=14922 This update fixes the problem. Original advisory details: Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. (CVE-2016-2124) Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. (CVE-2020-25717) Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. (CVE-2020-25722) Joseph Sutton discovered that Samba incorrectly handled certain TGS requests. An authenticated attacker could possibly use this issue to cause Samba to crash, resulting in a [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-44592","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/44592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=44592"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/44592\/revisions"}],"predecessor-version":[{"id":44593,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/44592\/revisions\/44593"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=44592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=44592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=44592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nSource: USN-5174-2: Samba regression<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"