[Git][security-tracker-team/security-tracker][master] Add CVEs from samba release on 9th november 2021

Tue, 09 Nov 2021 10:33:28 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
49946675 by Salvatore Bonaccorso at 2021-11-09T19:32:41+01:00
Add CVEs from samba release on 9th november 2021

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2801,8 +2801,12 @@ CVE-2021-42745
        RESERVED
 CVE-2021-3895
        RESERVED
-CVE-2021-23192
-       RESERVED
+CVE-2021-23192 [dcerpc requests don't check all fragments against the first 
auth_state]
+       - samba <unfixed>
+       [buster] - samba <not-affected> (Vulnerable code introduced later)
+       [stretch] - samba <not-affected> (Vulnerable code introduced later)
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14875
+       NOTE: https://www.samba.org/samba/security/CVE-2021-23192.html
 CVE-2020-36502 (Swift File Transfer Mobile v1.1.2 was discovered to contain a 
cross-si ...)
        NOT-FOR-US: Swift File Transfer Mobile
 CVE-2020-36501 (Multiple cross-site scripting (XSS) vulnerabilities in the 
Support mod ...)
@@ -10112,8 +10116,10 @@ CVE-2021-40147 (EmTec ZOC before 8.02.2 allows \e[201~ 
pastes, a different vulne
        NOT-FOR-US: EmTec ZOC
 CVE-2021-40146 (A Remote Code Execution (RCE) vulnerability was discovered in 
the Any2 ...)
        NOT-FOR-US: Apache Any23
-CVE-2021-3738
-       RESERVED
+CVE-2021-3738 [crash in dsdb stack]
+       - samba <unfixed>
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14468
+       NOTE: https://www.samba.org/samba/security/CVE-2021-3738.html
 CVE-2021-3737 [client can enter an infinite loop on a 100 Continue response 
from the server]
        RESERVED
        {DLA-2808-1}
@@ -76881,18 +76887,35 @@ CVE-2020-25723 (A reachable assertion issue was found 
in the USB EHCI emulation
        - qemu 1:5.2+dfsg-1 (bug #975276)
        [buster] - qemu <postponed> (Fix along in future DSA)
        NOTE: 
https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6
 (v5.2.0-rc0)
-CVE-2020-25722
-       RESERVED
-CVE-2020-25721
-       RESERVED
+CVE-2020-25722 [AD DC UPN vs samAccountName not checked]
+       - samba <unfixed>
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14564
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
+       NOTE: https://www.samba.org/samba/security/CVE-2020-25722.html
+CVE-2020-25721 [[Kerberos acceptors need easy access to stable AD identifiers 
(eg objectSid)]
+       - samba <unfixed>
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14557
+       NOTE: https://www.samba.org/samba/security/CVE-2020-25721.html
 CVE-2020-25720
        RESERVED
-CVE-2020-25719
-       RESERVED
-CVE-2020-25718
-       RESERVED
-CVE-2020-25717
-       RESERVED
+CVE-2020-25719 [AD DC Username based races when no PAC is given]
+       - samba <unfixed>
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14561
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
+       NOTE: https://www.samba.org/samba/security/CVE-2020-25719.html
+CVE-2020-25718 [An RODC can issue (forge) administrator tickets to other 
servers]
+       - samba <unfixed>
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14558
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
+       NOTE: https://www.samba.org/samba/security/CVE-2020-25718.html
+CVE-2020-25717 [A user on the domain can become root on domain members]
+       - samba <unfixed>
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14556
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
+       NOTE: https://www.samba.org/samba/security/CVE-2020-25717.html
+       NOTE: A new parameter "min domain uid" (defaults to 1000) has been 
added,
+       NOTE: which enforces that no UNIX uid below this value will be accepted.
 CVE-2020-25716 (A flaw was found in Cloudforms. A role-based privileges 
escalation fla ...)
        NOT-FOR-US: Red Hat CloudForm
 CVE-2020-25715 (A flaw was found in pki-core 10.9.0. A specially crafted POST 
request  ...)
@@ -328154,8 +328177,10 @@ CVE-2016-2125 (It was found that Samba before 
versions 4.5.3, 4.4.8, 4.3.13 alwa
        - samba 2:4.5.2+dfsg-2
        NOTE: https://www.samba.org/samba/security/CVE-2016-2125.html
        NOTE: Patch (with some more) here: 
https://download.samba.org/pub/samba/patches/security/samba-4.3.12-security-20016-12-19.patch
-CVE-2016-2124
-       RESERVED
+CVE-2016-2124 [SMB1 client connections can be downgraded to plaintext 
authentication]
+       - samba <unfixed>
+       NOTE: https://bugzilla.samba.org/show_bug.cgi?id=12444
+       NOTE: https://www.samba.org/samba/security/CVE-2016-2124.html
 CVE-2016-2123 (A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba 
routine n ...)
        {DSA-3740-1}
        - samba 2:4.5.2+dfsg-2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/499466750ba49c00e814261ae64667ca5b8aaf0b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/499466750ba49c00e814261ae64667ca5b8aaf0b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to