Security Bulletin: Publicly disclosed vulnerability from Samba affects IBM Netezza Host Management

Summary

Samba is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE.

Vulnerability Details

CVEID:CVE-2020-1472
**DESCRIPTION:**Microsoft Windows could allow a remote attacker to gain elevated privileges on the system, caused by an error when establishing a vulnerable Netlogon secure channel connection to a domain controller. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/185897 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Remediation/Fixes

None

Workarounds and Mitigations

Mitigation of the reported CVE : CVE-2020-1472 on PureData System for Analytics N200x and N3001 is as follows:

Execute below steps using “root” user on both ha1/ha2 hosts

Step 1. Check if Samba module is installed in the host
[host]# rpm -qa | grep samba

Step 2. Check if Samba service is running
[host]# /etc/init.d/smb status

Step 3. If Samba service is running, stop the smb service
[host]# /etc/init.d/smb stop

Step 4. Backup the /etc/samba/smb.conf file
[host]# cp /etc/samba/smb.conf /etc/samba/smb.conf_backup

Step 5. Edit the /etc/samba/smb.conf and set following parameters in global settings as below:

#============ Global Settings ==========

[global]
server schannel = yes

Step 6. Start the smb services using below command:
[host]# /etc/init.d/smb start

Note : If samba configuration file smb.conf is modified in the future, please verify if above settings are changed. If changed, make sure to mitigate this issue by following steps 2 to 6.