Debian Bullseye DSA-5003-1 Moderate: Samba Privilege Escalation Threats
debian
November 9, 2021
Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix
Summary
CVE-2016-2124
Stefan Metzmacher reported that SMB1 client connections can be
downgraded to plaintext authentication.
CVE-2020-25717
Andrew Bartlett reported that Samba may map domain users to local
users in an undesired way, allowing for privilege escalation. The
update introduces a new parameter "min domain uid" (default to 1000)
to not accept a UNIX uid below this value.
CVE-2020-25718
Andrew Bartlett reported that Samba as AD DC, when joined by an
RODC, did not confirm if the RODC was allowed to print a ticket for
that user, allowing an RODC to print administrator tickets.
CVE-2020-25719
Andrew Bartlett reported that Samba as AD DC, did not always rely on
the SID and PAC in Kerberos tickets and could be confused about the
user a ticket represents. If a privileged account was attacked this
could lead to total domain compromise.
CVE-2020-25721
Andrew Bartlett reported that Samba as a AD DC did not provide a way
for Linux applications to obta...
PREVIOUS
NEXT
Package: samba
CVE ID: CVE-2016-2124 CVE-2020-25717 CVE-2020-25718 CVE-2020-25719
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!