[manjaro-security] [ASA-202009-17] samba: access restriction bypass

Morten Linderud foxboron at archlinux.org
Tue Oct 6 22:11:53 CEST 2020

Arch Linux Security Advisory ASA-202009-17

Severity: Medium
Date    : 2020-09-29
CVE-ID  : CVE-2020-1472
Package : samba
Type    : access restriction bypass
Remote  : Yes
Link    : https://security.archlinux.org/AVG-1236


The package samba before version 4.13.0-1 is vulnerable to access
restriction bypass.


Upgrade to 4.13.0-1.

# pacman -Syu "samba>=4.13.0-1"

The problem has been fixed upstream in version 4.13.0.


Ensure you do not have an schannel directive and if you do make sure
it's either = yes or = auto.


A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-
NRPC), where it reuses a known, static, zero-value initialization
vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated
attacker to impersonate a domain-joined computer, including a domain
controller, and possibly obtain domain administrator privileges. The
highest threat from this vulnerability is to confidentiality,
integrity, as well as system availability.


An unauthenticated attacker can gain administrator access through
crafted traffic, if the samba server is configured to run with a
vulnerable schannel directive.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20201006/fc372766/attachment-0001.sig>

More information about the manjaro-security mailing list