Explore top 10 tips to secure your open-source projects now. Read More
×
USN-5142-1 introduced a regression in Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes
introduced a regression in Kerberos authentication in certain environments.
Please see the following upstream bug for more information:
This update fixes the problem.
Original advisory details:
Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client
connections. A remote attacker could possibly use this issue to downgrade
connections to plaintext authentication. (CVE-2016-2124)
Andrew Bartlett discovered that Samba incorrectly mapping domain users to
local users. An authenticated attacker could possibly use this issue to
become root on domain members. (CVE-2020-25717)
Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos
tickets issues by an RODC. An RODC could print administrator tickets,
contrary to ...
The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: samba 2:4.13.14+dfsg-0ubuntu0.21.10.4 Ubuntu 21.04: samba 2:4.13.14+dfsg-0ubuntu0.21.04.4 Ubuntu 20.04 LTS: samba 2:4.13.14+dfsg-0ubuntu0.20.04.4 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-5142-3
https://ubuntu.com/security/notices/USN-5142-1
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1950363
Get the latest Linux and open source security news straight to your inbox.