what you don't know can hurt you

Ubuntu Security Notice USN-4454-2

Ubuntu Security Notice USN-4454-2
Posted Aug 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4454-2 - USN-4454-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, udp
systems | linux, ubuntu
advisories | CVE-2020-14303
MD5 | 28286858828b581194abde5675e0a025

Ubuntu Security Notice USN-4454-2

Change Mirror Download
=========================================================================
Ubuntu Security Notice USN-4454-2
August 10, 2020

samba vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM

Summary:

Samba could be made to crash if it received specially crafted network
traffic.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

USN-4454-1 fixed a vulnerability in Samba. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

Martin von Wittich and Wilko Meyer discovered that Samba incorrectly
handled certain empty UDP packets when being used as a AD DC NBT server. A
remote attacker could possibly use this issue to cause Samba to crash,
resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
samba 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm8

Ubuntu 12.04 ESM:
samba 2:3.6.25-0ubuntu0.12.04.21

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4454-2
https://usn.ubuntu.com/4454-1
CVE-2020-14303
Login or Register to add favorites

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close