Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2021:3674-1

Опубликовано: 16 нояб. 2021
Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issues:

  • CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos (bsc#1014440).
  • CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members (bsc#1192284).

Список пакетов

openSUSE Leap 15.3
libsamba-policy-python-devel-4.9.5+git.471.5edbe3dcae7-3.57.2
libsamba-policy0-4.9.5+git.471.5edbe3dcae7-3.57.2
libsamba-policy0-32bit-4.9.5+git.471.5edbe3dcae7-3.57.2
samba-libs-python-4.9.5+git.471.5edbe3dcae7-3.57.2
samba-libs-python-32bit-4.9.5+git.471.5edbe3dcae7-3.57.2
samba-python-4.9.5+git.471.5edbe3dcae7-3.57.2

Ссылки

Описание

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

Затронутые продукты
openSUSE Leap 15.3:libsamba-policy-python-devel-4.9.5+git.471.5edbe3dcae7-3.57.2
openSUSE Leap 15.3:libsamba-policy0-32bit-4.9.5+git.471.5edbe3dcae7-3.57.2
openSUSE Leap 15.3:libsamba-policy0-4.9.5+git.471.5edbe3dcae7-3.57.2
openSUSE Leap 15.3:samba-libs-python-32bit-4.9.5+git.471.5edbe3dcae7-3.57.2
Ссылки

Описание

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

Затронутые продукты
openSUSE Leap 15.3:libsamba-policy-python-devel-4.9.5+git.471.5edbe3dcae7-3.57.2
openSUSE Leap 15.3:libsamba-policy0-32bit-4.9.5+git.471.5edbe3dcae7-3.57.2
openSUSE Leap 15.3:libsamba-policy0-4.9.5+git.471.5edbe3dcae7-3.57.2
openSUSE Leap 15.3:samba-libs-python-32bit-4.9.5+git.471.5edbe3dcae7-3.57.2
Ссылки