Explore top 10 tips to secure your open-source projects now. Read More
×
USN-5174-1 introduced a regression in Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a
regression in Kerberos authentication in certain environments.
Please see the following upstream bug for more information:
This update fixes the problem.
Original advisory details:
Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client
connections. A remote attacker could possibly use this issue to downgrade
connections to plaintext authentication. (CVE-2016-2124)
Andrew Bartlett discovered that Samba incorrectly mapping domain users to
local users. An authenticated attacker could possibly use this issue to
become root on domain members. (CVE-2020-25717)
Andrew Bartlett discovered that Samba did not properly check sensitive
attributes. An authenticated attacker could possibly use this issue to
escalate privileges. (...
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.27 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-5174-2
https://ubuntu.com/security/notices/USN-5174-1
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1950363
Get the latest Linux and open source security news straight to your inbox.