Advisory Published

USN-5142-1: Samba vulnerabilities

First published: Thu Nov 11 2021(Updated: )

Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. (CVE-2016-2124) Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. (CVE-2020-25717) Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos tickets issues by an RODC. An RODC could print administrator tickets, contrary to expectations. (CVE-2020-25718) Andrew Bartlett discovered that Samba incorrectly handled Kerberos tickets. Delegated administrators could possibly use this issue to impersonate accounts, leading to total domain compromise. (CVE-2020-25719) Andrew Bartlett discovered that Samba did not provide stable AD identifiers to Kerberos acceptors. (CVE-2020-25721) Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. (CVE-2020-25722) Stefan Metzmacher discovered that Samba incorrectly handled certain large DCE/RPC requests. A remote attacker could possibly use this issue to bypass signature requirements. (CVE-2021-23192) William Ross discovered that Samba incorrectly handled memory. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly escalate privileges. (CVE-2021-3738) Joseph Sutton discovered that Samba incorrectly handled certain TGS requests. An authenticated attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2021-3671) The fix for CVE-2020-25717 results in possible behaviour changes that could affect certain environments. Please see the upstream advisory for more information: https://www.samba.org/samba/security/CVE-2020-25717.html

Affected SoftwareAffected VersionHow to fix
All of
ubuntu/samba<2:4.13.14+dfsg-0ubuntu0.21.10.1
2:4.13.14+dfsg-0ubuntu0.21.10.1
Ubuntu Ubuntu=21.10
All of
ubuntu/samba<2:4.13.14+dfsg-0ubuntu0.21.04.1
2:4.13.14+dfsg-0ubuntu0.21.04.1
Ubuntu Ubuntu=21.04
All of
ubuntu/samba<2:4.13.14+dfsg-0ubuntu0.20.04.1
2:4.13.14+dfsg-0ubuntu0.20.04.1
Ubuntu Ubuntu=20.04

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

  • What is the severity of CVE-2016-2124?

    The severity of CVE-2016-2124 is ____.

  • How can a remote attacker exploit CVE-2016-2124?

    A remote attacker can exploit CVE-2016-2124 by _____.

  • What is the recommended version to fix CVE-2020-25721?

    The recommended version to fix CVE-2020-25721 is 2:4.13.14+dfsg-0ubuntu0.21.10.1.

  • What is the recommended version to fix CVE-2021-3738?

    The recommended version to fix CVE-2021-3738 is 2:4.13.14+dfsg-0ubuntu0.21.10.1.

  • What is the recommended version to fix CVE-2020-25717?

    The recommended version to fix CVE-2020-25717 is 2:4.13.14+dfsg-0ubuntu0.21.10.1.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203