[SECURITY] [DLA 2463-1] samba security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2463-1] samba security update
From: Roberto C. Sánchez <roberto@debian.org>
Date: Sun, 22 Nov 2020 22:18:54 -0500
Message-id: <[🔎] 20201123031854.GA14127@connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, debian-lts-announce@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-------------------------------------------------------------------------
Debian LTS Advisory DLA-2463-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                  Roberto C. Sánchez
November 22, 2020                             https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package        : samba
Version        : 2:4.5.16+dfsg-1+deb9u3
CVE ID         : CVE-2020-1472 CVE-2020-10704 CVE-2020-10730 CVE-2020-10745 
                 CVE-2020-10760 CVE-2020-14303 CVE-2020-14318 CVE-2020-14323 
                 CVE-2020-14383

Multiple vulnerabilities have been discovered in Samba, a SMB/CIFS file,
print, and login server for Unix.

CVE-2020-1472

    Unauthenticated domain controller compromise by subverting Netlogon
    cryptography.  This vulnerability includes both ZeroLogon and
    non-ZeroLogon variations.

CVE-2020-10704

    An unauthorized user can trigger a denial of service via a stack
    overflow in the AD DC LDAP server.

CVE-2020-10730

    NULL pointer de-reference and use-after-free in Samba AD DC LDAP
    Server with ASQ, VLV and paged_results.

CVE-2020-10745

    Denial of service resulting from abuse of compression of replies to
    NetBIOS over TCP/IP name resolution and DNS packets causing excessive
    CPU load on the Samba AD DC.

CVE-2020-10760

    The use of the paged_results or VLV controls against the Global
    Catalog LDAP server on the AD DC will cause a use-after-free.

CVE-2020-14303

    Denial of service resulting from CPU spin and and inability to
    process further requests once the AD DC NBT server receives an empty
    (zero-length) UDP packet to port 137.

CVE-2020-14318

    Missing handle permissions check in ChangeNotify

CVE-2020-14323

    Unprivileged user can crash winbind via invalid lookupsids DoS

CVE-2020-14383

    DNS server crash via invalid records resulting from uninitialized
    variables

For Debian 9 stretch, these problems have been fixed in version
2:4.5.16+dfsg-1+deb9u3.

We recommend that you upgrade your samba packages.

For the detailed security status of samba please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/samba

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Attachment: signature.asc
Description: PGP signature

Reply to:

Prev by Date: [SECURITY] [DLA 2462-1] cimg security update
Next by Date: [SECURITY] [DLA 2464-1] thunderbird security update
Previous by thread: [SECURITY] [DLA 2462-1] cimg security update
Next by thread: [SECURITY] [DLA 2464-1] thunderbird security update
Index(es):
- Date
- Thread