exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

CVE-2020-25717

Status Candidate

Overview

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

Related Files

Red Hat Security Advisory 2022-0443-06
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0443-06 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25717, CVE-2021-4034
SHA-256 | ca9dc528ded1afdaa7e298cf15f4b25a18218f66e889607fe57a1570d7ab9296
Red Hat Security Advisory 2022-0074-03
Posted Jan 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0074-03 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2124, CVE-2020-25717
SHA-256 | 27d8f6fe7ef8771101deb2aa120da549d95f50a9af807bfd7ad2b142299c9ce5
Red Hat Security Advisory 2022-0133-04
Posted Jan 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0133-04 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25717
SHA-256 | 95c43dff1d841f7a52dbd5200c684c557e99b6c9c42e550c02f83f2ac87c6659
Red Hat Security Advisory 2022-0008-03
Posted Jan 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0008-03 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2021-23192
SHA-256 | 7dc1627f1e4ab3adb492840ef20c783086a232460c664974efd303a3c05f8f53
Red Hat Security Advisory 2021-5192-04
Posted Dec 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5192-04 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2124, CVE-2020-25717
SHA-256 | 3a70cd88d863eb7e9838c2b301ac3e5bf89842b8d1367050d901187ee6294319
Ubuntu Security Notice USN-5174-2
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5174-2 - USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25722, CVE-2021-3671
SHA-256 | 94cb64ff0292b0a999aaa0506f608776fc641f072e85a0d0123da728e800bdff
Ubuntu Security Notice USN-5142-3
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5142-3 - USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/show_bug.cgi?id=14922 This update fixes the problem. Various other issues were also addressed.

tags | advisory, web, cgi, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25721, CVE-2020-25722, CVE-2021-23192, CVE-2021-3671, CVE-2021-3738
SHA-256 | c2c8fcea9831797fd889f4570b8becd0d331cdb36d976a471a6dba4dad44aa41
Red Hat Security Advisory 2021-5082-01
Posted Dec 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5082-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2021-23192
SHA-256 | 28ff9405ec0b2c99a4c1c9903b82f051685435224ceec5ed3125a2cd8806a6bb
Ubuntu Security Notice USN-5142-2
Posted Dec 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5142-2 - USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced regressions in name mapping and backups.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25721, CVE-2020-25722, CVE-2021-23192, CVE-2021-3671, CVE-2021-3738
SHA-256 | 60ab885b043b1a4da1c403e7daee521f43b6fd29bf4dfb92a58090f1096a405d
Ubuntu Security Notice USN-5174-1
Posted Dec 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5174-1 - Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, remote, local, root
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25722, CVE-2021-3671
SHA-256 | 25c5c900f4302b24fc3b0236ad0320fa6c9153a96b6a27157cc077591a889f60
Red Hat Security Advisory 2021-4844-01
Posted Nov 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4844-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2124, CVE-2020-25717
SHA-256 | 0815442f652e2e889b882f1f98bf3bd23617293cfbd2a27e6c22918aa1bb2980
Red Hat Security Advisory 2021-4843-01
Posted Nov 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4843-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2021-23192
SHA-256 | 299e4797f68725773e30b0578f7aab2d756928ec740c3a3989b29696c50e3143
Debian Security Advisory 5003-1
Posted Nov 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5003-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25721, CVE-2020-25722, CVE-2021-23192, CVE-2021-3738
SHA-256 | 0a7a09e04fa990a7673cc76314010ed6afc0c0ce0c674ddd1e882aa9f5c1973a
Debian Security Advisory 5015-1
Posted Nov 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5015-1 - Andrew Bartlett discovered that Samba, a SMB/CIFS file, print, and login server for Unix, may map domain users to local users in an undesired way. This could allow a user in an AD domain to potentially become root on domain members.

tags | advisory, local, root
systems | linux, unix, debian
advisories | CVE-2020-25717
SHA-256 | 93f994f99b346024987f5bb0bcb23c7c1f683b5137070664905142e366f47941
Ubuntu Security Notice USN-5142-1
Posted Nov 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5142-1 - Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos tickets issues by an RODC. An RODC could print administrator tickets, contrary to expectations. Various other issues were also addressed.

tags | advisory, remote, local, root
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25721, CVE-2020-25722, CVE-2021-23192, CVE-2021-3671, CVE-2021-3738
SHA-256 | 61f1542773f3e13406c8cb0829dff2a3c2436272d81dd4de2c0b0a2767455f98
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close