Test ID:	1.3.6.1.4.1.25623.1.1.12.2020.4510.2
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-4510-2)
Summary:	The remote host is missing an update for the 'samba' package(s) announced via the USN-4510-2 advisory.
Description:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the USN-4510-2 advisory. Vulnerability Insight: USN-4510-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. This update fixes the issue by changing the 'server schannel' setting to default to 'yes', instead of 'auto', which will force a secure netlogon channel. This may result in compatibility issues with older devices. A future update may allow a finer-grained control over this setting. Affected Software/OS: 'samba' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-1472 FEDORA-2020-0be2776ed3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ FEDORA-2020-77c15664b0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ FEDORA-2020-a1d139381a https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/ GLSA-202012-24 https://security.gentoo.org/glsa/202012-24 USN-4510-1 https://usn.ubuntu.com/4510-1/ USN-4510-2 https://usn.ubuntu.com/4510-2/ USN-4559-1 https://usn.ubuntu.com/4559-1/ VU#490028 https://www.kb.cert.org/vuls/id/490028 [debian-lts-announce] 20201123 [SECURITY] [DLA 2463-1] samba security update https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html [oss-security] 20200917 Samba and CVE-2020-1472 ("Zerologon") http://www.openwall.com/lists/oss-security/2020/09/17/2 http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.synology.com/security/advisory/Synology_SA_20_21 openSUSE-SU-2020:1513 http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html openSUSE-SU-2020:1526 http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.