Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ubuntu: Security Advisory (USN-4510-1)

🗓️ 18 Sep 2020 00:00:00Reported by Copyright (C) 2020 Greenbone AGType 
openvas
 openvas🔗 plugins.openvas.org👁 13 Views

Ubuntu: Security Advisory (USN-4510-1) - Samba package Netlogon protocol vulnerabilit

Show more

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Refs
Code
ReporterTitlePublishedViews
Family
Securelist		The future of cyberconflicts
18 Dec 202010:00
securelist
Securelist		Analysis of Elpaco: a Mimic variant
26 Nov 202410:00
securelist
SUSE Linux		Security update for samba (important)
25 Sep 202000:00
suse
SUSE Linux		Security update for samba (important)
24 Sep 202000:00
suse
Carbon Black Blog		Risk Score 101: What to look for in a Risk Score
19 Nov 202018:20
carbonblack
Carbon Black Blog		TAU Threat Advisory: Imminent Ransomware threat to U.S. Healthcare and Public Health Sector
30 Oct 202020:13
carbonblack
Carbon Black Blog		Querying Windows Event Logs for Faster Investigation and Response
12 Nov 202016:00
carbonblack
CISA		Exploit for Netlogon Remote Protocol Vulnerability, CVE-2020-1472
14 Sep 202000:00
cisa
CISA		 CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware
15 Nov 202312:00
cisa
CISA		Samba Releases Security Update for CVE-2020-1472
21 Sep 202000:00
cisa
Rows per page
# SPDX-FileCopyrightText: 2020 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.844593");
  script_cve_id("CVE-2020-1472");
  script_tag(name:"creation_date", value:"2020-09-18 03:00:26 +0000 (Fri, 18 Sep 2020)");
  script_version("2024-08-08T05:05:41+0000");
  script_tag(name:"last_modification", value:"2024-08-08 05:05:41 +0000 (Thu, 08 Aug 2024)");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2020-08-24 17:27:55 +0000 (Mon, 24 Aug 2020)");

  script_name("Ubuntu: Security Advisory (USN-4510-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2020 Greenbone AG");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(16\.04\ LTS|18\.04\ LTS)");

  script_xref(name:"Advisory-ID", value:"USN-4510-1");
  script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-4510-1");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'samba' package(s) announced via the USN-4510-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"Tom Tervoort discovered that the Netlogon protocol implemented by Samba
incorrectly handled the authentication scheme. A remote attacker could use
this issue to forge an authentication token and steal the credentials of
the domain admin.

This update fixes the issue by changing the 'server schannel' setting to
default to 'yes', instead of 'auto', which will force a secure netlogon
channel. This may result in compatibility issues with older devices. A
future update may allow a finer-grained control over this setting.");

  script_tag(name:"affected", value:"'samba' package(s) on Ubuntu 16.04, Ubuntu 18.04.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");
  script_xref(name:"CISA", value:"Known Exploited Vulnerability (KEV) catalog");
  script_xref(name:"URL", value:"https://www.cisa.gov/known-exploited-vulnerabilities-catalog");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

release = dpkg_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "UBUNTU16.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"samba", ver:"2:4.3.11+dfsg-0ubuntu0.16.04.30", rls:"UBUNTU16.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU18.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"samba", ver:"2:4.7.6+dfsg~ubuntu-0ubuntu2.19", rls:"UBUNTU18.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
18 Sep 2020 00:00Current
6.8Medium risk
Vulners AI Score6.8
CVSS29.3
CVSS35.5
EPSS0.94448
ubuntusecurity advisorysambanetlogonvulnerabilityusn-4510-1cve-2020-1472
13
.json
Report