 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.854294 |
| Category: | SuSE Local Security Checks |
| Title: | openSUSE: Security Advisory for samba (openSUSE-SU-2021:3647-1) |
| Summary: | The remote host is missing an update for the 'samba'; package(s) announced via the openSUSE-SU-2021:3647-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'samba' package(s) announced via the openSUSE-SU-2021:3647-1 advisory. Vulnerability Insight: This update for samba and ldb fixes the following issues: - CVE-2020-25718: Fixed that an RODC can issue (forge) administrator tickets to other servers (bsc#1192246). - CVE-2021-3738: Fixed crash in dsdb stack (bsc#1192215). - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos (bsc#1014440). - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members (bsc#1192284). - CVE-2020-25719: Fixed AD DC Username based races when no PAC is given (bsc#1192247). - CVE-2020-25722: Fixed AD DC UPN vs samAccountName not checked (top-level bug for AD DC validation issues) (bsc#1192283). - CVE-2021-23192: Fixed dcerpc requests to don' t check all fragments against the first auth_state (bsc#1192214). - CVE-2020-25721: Fixed fill in the new HAS_SAM_NAME_AND_SID values (bsc#1192505). Samba was updated to 4.13.13 * rodc_rwdc test flaps (bso#14868). * Backport bronze bit fixes, tests, and selftest improvements (bso#14881). * Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] ' Bronze bit' S4U2Proxy Constrained Delegation bypass in Samba with embedded Heimdal (bso#14642). * Python ldb.msg_diff() memory handling failure (bso#14836). * 'in' operator on ldb.Message is case sensitive (bso#14845). * Fix Samba support for UF_NO_AUTH_DATA_REQUIRED (bso#14871). * Allow special chars like '@' in samAccountName when generating the salt (bso#14874). * Fix transit path validation (bso#12998). * Prepare to operate with MIT krb5 = 1.20 (bso#14870). * rpcclient NetFileEnum and net rpc file both cause lock order violation: brlock.tdb, share_entries.tdb (bso#14645). * Python ldb.msg_diff() memory handling failure (bso#14836). * Release LDB 2.3.1 for Samba 4.14.9 (bso#14848). Samba was updated to 4.13.12: * Address a significant performance regression in database access in the AD DC since Samba 4.12 (bso#14806). * Fix performance regression in lsa_LookupSids3/LookupNames4 since Samba 4.9 by using an explicit database handle cache (bso#14807). * An unuthenticated user can crash the AD DC KDC by omitting the server name in a TGS-REQ (bso#14817). * Address flapping samba_tool_drs_showrepl test (bso#14818). * Address flapping dsdb_schema_attributes test (bso#14819). * An unuthenticated user can crash the AD DC KDC by omitting the server name in a TGS-REQ (bso#14817). * ... Description truncated. Please see the references for more information. Affected Software/OS: 'samba' package(s) on openSUSE Leap 15.3. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-2124 https://security.gentoo.org/glsa/202309-06 https://bugzilla.redhat.com/show_bug.cgi?id=2019660 https://www.samba.org/samba/security/CVE-2016-2124.html https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html Common Vulnerability Exposure (CVE) ID: CVE-2020-25717 https://bugzilla.redhat.com/show_bug.cgi?id=2019672 https://www.samba.org/samba/security/CVE-2020-25717.html Common Vulnerability Exposure (CVE) ID: CVE-2020-25718 https://bugzilla.redhat.com/show_bug.cgi?id=2019726 https://www.samba.org/samba/security/CVE-2020-25718.html Common Vulnerability Exposure (CVE) ID: CVE-2020-25719 https://bugzilla.redhat.com/show_bug.cgi?id=2019732 https://www.samba.org/samba/security/CVE-2020-25719.html Common Vulnerability Exposure (CVE) ID: CVE-2020-25721 https://bugzilla.redhat.com/show_bug.cgi?id=2021728 https://bugzilla.samba.org/show_bug.cgi?id=14725 https://www.samba.org/samba/security/CVE-2020-25721.html Common Vulnerability Exposure (CVE) ID: CVE-2020-25722 https://bugzilla.redhat.com/show_bug.cgi?id=2019764 https://www.samba.org/samba/security/CVE-2020-25722.html Common Vulnerability Exposure (CVE) ID: CVE-2021-23192 https://bugzilla.redhat.com/show_bug.cgi?id=2019666 https://ubuntu.com/security/CVE-2021-23192 https://www.samba.org/samba/security/CVE-2021-23192.html Common Vulnerability Exposure (CVE) ID: CVE-2021-3738 https://bugzilla.redhat.com/show_bug.cgi?id=2021726 https://bugzilla.samba.org/show_bug.cgi?id=14468 https://www.samba.org/samba/security/CVE-2021-3738.html Common Vulnerability Exposure (CVE) ID: CVE-2020-17049 GLSA-202309-06 [oss-security] 20211110 Fwd: Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download http://www.openwall.com/lists/oss-security/2021/11/10/3 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049 |
| Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |