Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2020-25721
HistoryMar 16, 2022 - 3:15 p.m.

CVE-2020-25721

2022-03-1615:15:09
Debian Security Bug Tracker
security-tracker.debian.org
26
kerberos
ad dc
samba
linux
sid
samaccountname

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.005

Percentile

75.5%

Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.

OSVersionArchitecturePackageVersionFilename
Debian12allsamba< 2:4.13.14+dfsg-1samba_2:4.13.14+dfsg-1_all.deb
Debian11allsamba< 2:4.13.13+dfsg-1~deb11u2samba_2:4.13.13+dfsg-1~deb11u2_all.deb
Debian999allsamba< 2:4.13.14+dfsg-1samba_2:4.13.14+dfsg-1_all.deb
Debian13allsamba< 2:4.13.14+dfsg-1samba_2:4.13.14+dfsg-1_all.deb

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.005

Percentile

75.5%