Main Vulnerability Database SB2017071412

SB2017071412 - Ubuntu update for Samba

Published: July 14, 2017 Updated: July 17, 2017

Security Bulletin ID SB2017071412

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Authentication bypass (CVE-ID: CVE-2017-11103)

The vulnerability allows a remote attacker to impersonate a trusted server and intercept users' credentials.

The vulnerability exists due to the KDC-REP service name is stored in unencrypted "ticket" instead of encrypted "enc_part" and used later by the _krb5_extract_ticket() function. An attacker in local network can perform a man-in-the-middle attack, intercept the KDC-REP service name and impersonate a trusted server.

Successful exploitation of the vulnerability may allow an attacker to obtain credentials of all Samba users from Samba DRS replication service during password replication process between trusted and fake DC.

Remediation

Install update from vendor's website.

References

http://www.ubuntu.com/usn/usn-3353-2/