Ubuntu Security Notice 4559-1 - Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which forced a secure netlogon channel, this update provides additional improvements. Various other issues were also addressed.
61ebb653ef48e45237d93b5107a0ea96c40140ab606b9ea9367ed3556b69e08d==========================================================================
Ubuntu Security Notice USN-4559-1
September 30, 2020
samba update
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security improvements were added to Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
Tom Tervoort discovered that the Netlogon protocol implemented by Samba
incorrectly handled the authentication scheme. A remote attacker could use
this issue to forge an authentication token and steal the credentials of
the domain admin.
While a previous security update fixed the issue by changing the "server
schannel" setting to default to "yes", instead of "auto", which forced a
secure netlogon channel, this update provides additional improvements.
For compatibility reasons with older devices, Samba now allows specifying
an insecure netlogon configuration per machine. See the following link for
examples: https://www.samba.org/samba/security/CVE-2020-1472.html
In addition, this update adds additional server checks for the protocol
attack in the client-specified challenge to provide some protection when
'server schannel = no/auto' and avoid the false-positive results when
running the proof-of-concept exploit.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
samba 2:4.11.6+dfsg-0ubuntu1.5
Ubuntu 18.04 LTS:
samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.20
Ubuntu 16.04 LTS:
samba 2:4.3.11+dfsg-0ubuntu0.16.04.31
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4559-1
CVE-2020-1472
Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.11.6+dfsg-0ubuntu1.5
https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.20
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.31
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed