Information security specialists reported the detection of 8 security vulnerabilities in Samba, the well-known free software re-implementation of the SMB networking protocol initially developed by Andrew Tridgell. According to the report, successful exploitation of these flaws could result in severe damage to the affected implementations.

Below are brief descriptions of the reported flaws, in addition to their respective tracking key and scores assigned by the Common Vulnerability Scoring System (CVSS).

CVE-2021-23192: A DCE/RPC fragment injection issue would allow remote threat actors to replace subsequent fragments in requests with their own data, which will alter the server behavior.

The vulnerability received a CVSS score of 4.2/10 and its successful exploitation would fully compromise the affected system.

CVE-2016-2124: The SMB1 client connections can be downgraded to plaintext authentication, which would allow malicious hackers to deploy a Man-in-The-Middle (MiTM) attack.

This is a high severity vulnerability and received a CVSS score of 8.5/10.

CVE-2020-25717: Windows Active Directory (AD) domains have a default feature to allow users to create computer accounts. This can be abused by remote authenticated attackers to create accounts with elevated privileges on the system.

This is a medium severity vulnerability and received a CVSS score of 7.1/10.

CVE-2020-25718: Samba AD DC does not correctly sandbox Kerberos tickets issued by an RODC. This error could cause a bypass and privilege escalation scenario.

The flaw received a 6.5/10 CVSS score.

CVE-2020-25719: A race condition in the affected application would allow remote administrators to escalate privileges on the affected system.

This is a low severity vulnerability and received a CVSS score of 6.3/10.

CVE-2020-25721: An error while processing authentication requests allows remote attackers to bypass the authentication process and gain unauthorized access to affected systems.

The flaw received a CVSS score of 6.4/10.

CVE-2020-25722: The application does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.

The flaw received a CVSS score of 7.7/10.

CVE-2021-3738: A use-after-free error in Samba AD DC RPC server would allow remote authenticated hackers to gain elevated privileges in the affected system, thus launching a denial of service (DoS) attack.

The flaw received a CVSS of 6.6/10.

According to the report, the flaws reside in the following versions of Samba: 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.0.9, 4.0.10, 4.0.11, 4.0.12, 4.0.13, 4.0.14, 4.0.15, 4.0.16, 4.0.17, 4.0.18, 4.0.19, 4.0.20, 4.0.21, 4.0.22, 4.0.23, 4.0.24, 4.0.25, 4.0.26, 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.10, 4.1.11, 4.1.12, 4.1.13, 4.1.14, 4.1.15, 4.1.16, 4.1.17, 4.1.18, 4.1.19, 4.1.20, 4.1.21, 4.1.22, 4.1.23, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.10, 4.2.11, 4.2.12, 4.2.13, 4.2.14, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.3.7, 4.3.8, 4.3.9, 4.3.10, 4.3.11, 4.3.12, 4.3.13, 4.4.0, 4.4.0 rc4, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.4.6, 4.4.7, 4.4.8, 4.4.9, 4.4.10, 4.4.11, 4.4.12, 4.4.13, 4.4.14, 4.4.15, 4.4.16, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5, 4.5.6, 4.5.7, 4.5.8, 4.5.9, 4.5.10, 4.5.11, 4.5.12, 4.5.13, 4.5.14, 4.5.15, 4.5.16, 4.6.0, 4.6.1, 4.6.2, 4.6.3, 4.6.4, 4.6.5, 4.6.6, 4.6.7, 4.6.8, 4.6.9, 4.6.10, 4.6.11, 4.6.12, 4.6.13, 4.6.14, 4.6.15, 4.6.16, 4.7.0, 4.7.1, 4.7.2, 4.7.3, 4.7.4, 4.7.5, 4.7.6, 4.7.7, 4.7.8, 4.7.9, 4.7.10, 4.7.11, 4.7.12, 4.8.0, 4.8.1, 4.8.2, 4.8.3, 4.8.4, 4.8.5, 4.8.6, 4.8.7, 4.8.8, 4.8.9, 4.8.10, 4.8.11, 4.8.12, 4.9.0, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.9.5, 4.9.6, 4.9.7, 4.9.8, 4.9.9, 4.9.10, 4.9.11, 4.9.12, 4.9.13, 4.9.14, 4.9.15, 4.9.16, 4.9.17, 4.9.18, 4.10.0, 4.10.1, 4.10.2, 4.10.3, 4.10.4, 4.10.5, 4.10.6, 4.10.7, 4.10.8, 4.10.9, 4.10.10, 4.10.11, 4.10.12, 4.10.13, 4.10.14, 4.10.15, 4.10.16, 4.10.17, 4.10.18, 4.11.0, 4.11.1, 4.11.2, 4.11.3, 4.11.4, 4.11.5, 4.11.6, 4.11.7, 4.11.8, 4.11.9, 4.11.10, 4.11.11, 4.11.12, 4.11.13, 4.11.14, 4.11.15, 4.11.16, 4.11.17, 4.12.0, 4.12.1, 4.12.2, 4.12.3, 4.12.4, 4.12.5, 4.12.6, 4.12.7, 4.12.8, 4.12.9, 4.12.10, 4.12.11, 4.12.12, 4.12.13, 4.12.14, 4.12.15, 4.13.0, 4.13.1, 4.13.2, 4.13.3, 4.13.4, 4.13.5, 4.13.6, 4.13.7, 4.13.8, 4.13.9, 4.13.10, 4.13.11, 4.13.12, 4.13.13, 4.14.0, 4.14.1, 4.14.2, 4.14.3, 4.14.4, 4.14.5, 4.14.6, 4.14.7, 4.14.8, 4.14.9, 4.15.0 & 4.15.1.

Even though these flaws could be remotely exploited, information security specialists have detected no active exploitation attempts. Stil, users of affected implementations are advised to update as soon as possible.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Patch these new 8 critical vulnerabilities in Samba appeared first on Information Security Newspaper | Hacking News.

source

You May Also Like

Two important vulnerabilities ( CVSSv3 score > 7) in VMware ESXi, vCenter Server & Cloud Foundation

The leader in virtualization and cloud computing technologies, VMware, has released a…

Critical OpenSSL vulnerability CVE-2022-2274 allows threat actors to remotely run code on your servers and encrypt them

OpenSSL is a famous cryptography library that provides an open source implementation…

Critical password reset vulnerability in Fortinet FortiPortal. Update immediately

Cybersecurity specialists report the detection of a critical vulnerability in FortiPortal, the…