drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in Samba
Name: |
Preisgabe von Informationen in Samba |
|
ID: |
USN-4510-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS |
|
Datum: |
Do, 17. September 2020, 23:18 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472 |
|
Applikationen: |
Samba |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============2610089857505152438== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="gaia9l7KljR3qXhaVqEo1Z86bLGF52mtf"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --gaia9l7KljR3qXhaVqEo1Z86bLGF52mtf Content-Type: multipart/mixed; boundary="m2x9LLrzefFThZSzI3Tu5JifN939cUBvb"
--m2x9LLrzefFThZSzI3Tu5JifN939cUBvb Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-4510-1 September 17, 2020
samba vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS - Ubuntu 16.04 LTS
Summary:
Samba would allow unintended access to files over the network.
Software Description: - samba: SMB/CIFS file, print, and login server for Unix
Details:
Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin.
This update fixes the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which will force a secure netlogon channel. This may result in compatibility issues with older devices. A future update may allow a finer-grained control over this setting.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.19
Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.30
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4510-1 CVE-2020-1472
Package Information: https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.19 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.30
--m2x9LLrzefFThZSzI3Tu5JifN939cUBvb--
--gaia9l7KljR3qXhaVqEo1Z86bLGF52mtf Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl9jUZwACgkQZWnYVadE vpOwZhAAmAFbDX95p1i1IBYOVTechrw0tqjkk8L/rBm65vm8TA0rYJYJUPtNJTsw /Nrz+UPJCXvFSF8qVfeq8w7SwmmGnGkDA2iN632UoRmlvWQp5yGDEM2/UBtBajGk /Hl4OVZUzqWFgGpjXcbasMdNh6v+p3MWm1z/G5Yuf71a5hYtXeKW4QW8mGXR9wzW 91yJAzKsJQcSw1W2mAldNxq+Rql+LtJ48waDi6R9STXoxV+YVFYHxByQQT8NWlfW GuiN9AemI66npD3gl7/DucRTQncEnXT1e/bnAJej6DOmum6mA8Mq9q0e9zQFEYqv Pb4GKQOzX4C20V6kYkNokDLfo7lBcKD1f/lWTB55t6qLQ86kwOfrYkPAYgUDjJSK rOp/ydSdxCwypeS+eMzaifOb2WedqlxBG3SAsAEfGQE4Le/EjH2ge7I8nriMWu9P 0cKEWj4ZDRQ5U8GV9OLmgvZ6f17XXzU27JDIgl86veljmWc2u2tFyuIZN/wEcI73 eknHFij82J2pxV7j+jGHwBVvh0xfdsguJ69o3Xhc5EaBrUO2AF9z8eTW3bCw0lCD 6RWvuNS7BwNCVsqkkJgwJ1op18wJ76PsmZ+Nf/U6lNc1HFYNbL9NbiFvn/WuabQN /veNsjAnLhJkVEnwp3HuqsTfevJf+3WKKx1QUDpEPiZ3P28sS58= =Ml40 -----END PGP SIGNATURE-----
--gaia9l7KljR3qXhaVqEo1Z86bLGF52mtf--
--===============2610089857505152438== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============2610089857505152438==--
|
|
|
|