CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know

Updates September 16, 2020 Samba domain controllers before 4.8 have been confirmed to be vulnerable to CVE-2020-1472. There are now multiple public PoC exploits available, most if not all of which are modifications to Secura’s original PoC built on Impacket. There are reports of the vulnerability...

Security fix for the ALT Linux 8 package samba-DC version 4.9.18-alt1

4.9.18-alt1 built Feb. 12, 2020 Evgeny Sinelnikov in task 245130 Jan. 24, 2020 Evgeny Sinelnikov - Update to latest security release of the Samba 4.9 - Security fixes: + CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD Directory not automatic + CVE-2019-14907: Crash after...

Security fix for the ALT Linux 8 package samba-DC version 4.9.17-alt1

4.9.17-alt1 built Dec. 18, 2019 Evgeny Sinelnikov in task 242978 Dec. 13, 2019 Evgeny Sinelnikov - Update to last security winter release - Security fixes: + CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS management server + CVE-2019-14870: DelegationNotAllowed not being...

Security fix for the ALT Linux 8 package samba-DC version 4.9.15-alt1

4.9.15-alt1 built Nov. 5, 2019 Evgeny Sinelnikov in task 239962 Oct. 29, 2019 Evgeny Sinelnikov - Update to second security autumn release - Security fixes: + CVE-2019-10218 Client code can return filenames containing path separators + CVE-2019-14833 Samba AD DC check password script does not...

Security fix for the ALT Linux 8 package samba-DC version 4.9.13-alt1

4.9.13-alt1 built Sept. 27, 2019 Evgeny Sinelnikov in task 237896 Sept. 20, 2019 Evgeny Sinelnikov - Update to first security autumn release for domain controller release - Security fixes: + CVE-2019-10197 Permissions check deny can allow user to escape from the share...

Security fix for the ALT Linux 8 package samba-DC version 4.9.10-alt1

July 16, 2019 Evgeny Sinelnikov 4.9.10-alt1 - Update to latest summer release of samba-4.9 backported to p8 - Security fixes: + CVE-2019-12435 Samba AD DC Denial of Service in DNS management server dnsserver + CVE-2018-16860 Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum + CVE-2018-16852 NULL...

Security fix for the ALT Linux 8 package samba-DC version 4.7.12-alt1

4.7.12-alt1 built Nov. 29, 2018 Evgeny Sinelnikov in task 216960 Nov. 27, 2018 Evgeny Sinelnikov - Update to autumn security release - Clean test module of thirdparty/iso8601 and subunit modules - Security fixes: + CVE-2018-14629 Unprivileged adding of CNAME record causing loop in AD Internal DNS...

Security fix for the ALT Linux 8 package samba-DC version 4.7.9-alt1

Aug. 15, 2018 Evgeny Sinelnikov 4.7.9-alt1 - Update to summer security release - Security fixes: + CVE-2018-1139 Weak authentication protocol allowed + CVE-2018-10858 Insufficient input validation on client directory listing in libsmbclient + CVE-2018-10918 Denial of Service Attack on AD DC DRSUA...

Security fix for the ALT Linux 8 package samba-DC version 4.6.14-alt1.1

March 15, 2018 Evgeny Sinelnikov 4.6.14-alt1.1 - Rebuild security release Fixes: CVE-2018-1050, CVE-2018-1057 with old ceph version without libceph-common for c7/c8...

Security fix for the ALT Linux 8 package samba-DC version 4.6.14-alt1

March 12, 2018 Evgeny Sinelnikov 4.6.14-alt1 - Update to spring security release - Security fixes: + CVE-2018-1050 Codenomicon crashes in spoolss server code + CVE-2018-1057 Unprivileged user can change any user and admin password...

Security fix for the ALT Linux 8 package samba-DC version 4.6.11-alt1

Nov. 21, 2017 Evgeny Sinelnikov 4.6.11-alt1 - Second autumn security release Fixes: CVE-2017-14746, CVE-2017-15275...

Security fix for the ALT Linux 8 package samba-DC version 4.6.8-alt1

Sept. 20, 2017 Evgeny Sinelnikov 4.6.8-alt1 - Update for autumn security release: + CVE-2017-12150 SMB1/2/3 connections may not require signing where they should + CVE-2017-12151 SMB3 connections don't keep encryption across DFS redirects + CVE-2017-12163 Server memory information leak over SMB1...

Security fix for the ALT Linux 7 package samba-DC version 4.5.12-alt1.M70P.1

4.5.12-alt1.M70P.1 built July 13, 2017 Evgeny Sinelnikov in task 185331 July 12, 2017 Evgeny Sinelnikov - Update to summer security release - Security fixes: + CVE-2017-11103 Orpheus' Lyre KDC-REP service name validation...

Security fix for the ALT Linux 8 package samba-DC version 4.6.6-alt1

July 12, 2017 Evgeny Sinelnikov 4.6.6-alt1 - Update to summer security release - Security fixes: + CVE-2017-11103 Orpheus' Lyre KDC-REP service name validation...

Security fix for the ALT Linux 7 package samba-DC version 4.5.10-alt1.M70P.1

4.5.10-alt1.M70P.1 built May 25, 2017 Evgeny Sinelnikov in task 183302 May 24, 2017 Evgeny Sinelnikov - Update to second spring security release - Fix longtime initialization bug in ldb proxy - Security fixes: + CVE-2017-7494 Remote code execution from a writable share...

Security fix for the ALT Linux 8 package samba-DC version 4.6.4-alt1

May 24, 2017 Evgeny Sinelnikov 4.6.4-alt1 - Update to second spring security release - Fix longtime initialization bug in ldb proxy - Security fixes: + CVE-2017-7494 Remote code execution from a writable share...

Security fix for the ALT Linux 8 package samba-DC version 4.6.1-alt1

March 23, 2017 Evgeny Sinelnikov 4.6.1-alt1 - Update to spring security release - Fixed build --without docs closes: 33118 - Security fixes: + CVE-2017-2619 Symlink race allows access outside share definition...

Security fix for the ALT Linux 7 package samba-DC version 4.5.7-alt1.M70P.1

March 23, 2017 Evgeny Sinelnikov 4.5.7-alt1.M70P.1 - Update to spring security release - Fixed build --without docs closes: 33118 - Security fixes: + CVE-2017-2619 Symlink race allows access outside share definition...

Security fix for the ALT Linux 8 package samba-DC version 4.5.3-alt1

Dec. 19, 2016 Evgeny Sinelnikov 4.5.3-alt1 - Update for release with security fixes: - CVE-2016-2123 ndrpulldnspname contains an integer wrap problem - CVE-2016-2125 client code always requests a forwardable ticket - CVE-2016-2126 crash winbindd using a legitimate Kerberos ticket...

Security fix for the ALT Linux 7 package samba-DC version 4.5.3-alt1.M70P.1

Dec. 19, 2016 Evgeny Sinelnikov 4.5.3-alt1.M70P.1 - Update for release with security fixes: - CVE-2016-2123 ndrpulldnspname contains an integer wrap problem - CVE-2016-2125 client code always requests a forwardable ticket - CVE-2016-2126 crash winbindd using a legitimate Kerberos ticket...