CVE-2020-1472

Published: 16 September 2020

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.

Priority

Medium

CVSS 3 base score: 10.0

Status

Package Release Status
samba
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 20.10 (Groovy Gorilla) Not vulnerable
(2:4.12.5+dfsg-3ubuntu3)
Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(2:4.11.6+dfsg-0ubuntu1.4)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (2:4.7.6+dfsg~ubuntu-0ubuntu2.19)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (2:4.3.11+dfsg-0ubuntu0.16.04.30)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9)
Ubuntu 12.04 ESM (Precise Pangolin) Ignored

Patches:
Upstream: https://git.samba.org/?p=samba.git;a=commit;h=c7acae904301cfc6a281d63f4e7d3cc6f4fff938
Upstream: https://git.samba.org/?p=samba.git;a=commit;h=0341e83d40dc42fbb1f1e467626418a9e4dedf40

Notes

AuthorNote
mdeslaur Starting with Samba 4.8, "server schannel" defaults to "yes" instead of "auto". This is sufficient to address this vulnerability. See details in the upstream bug report. There may be an additional commit to make ServerAuthenticate3 fail so that the false positive reported by the third party vulnerability scanning tools is fixed.

References

Bugs