2020年10月14日 星期三

[USN-4510-1] Samba vulnerability

 ---------- Forwarded message ---------

From: Marc Deslauriers <marc.deslauriers@canonical.com>

Date: Sep 17, 2020 8:16PM

Tom Tervoort discovered that the Netlogon protocol implemented by Samba

incorrectly handled the authentication scheme. A remote attacker could use

this issue to forge an authentication token and steal the credentials of

the domain admin.

This update fixes the issue by changing the "server schannel" setting to

default to "yes", instead of "auto", which will force a secure netlogon

channel. This may result in compatibility issues with older devices. A

future update may allow a finer-grained control over this setting.

References:

  https://usn.ubuntu.com/4510-1

  CVE-2020-1472

沒有留言:

張貼留言