VARIoT IoT vulnerabilities database

A vulnerability has been identified in SICAM WEB firmware for SICAM A8000 RTUs (All versions < V05.30). The login screen does not sufficiently sanitize input, which enables an attacker to generate specially crafted log messages. If an unsuspecting victim views the log messages via the web browser, these log messages might be interpreted and executed as code by the web application. This Cross-Site-Scripting (XSS) vulnerability might compromize the confidentiality, integrity and availability of the web application. SICAM A8000 RTUs for SICAM WEB A cross-site scripting vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. The SICAM A8000 RTU (Remote Terminal Equipment) series is a modular equipment series suitable for remote control and automation applications in all energy supply fields. The vulnerability is due to the failure of the login screen to adequately filter the input

SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure. SAP NetWeaver (ABAP Server) and ABAP Platform There is an information leakage vulnerability in.Information may be obtained

SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application. (DoS) It may be put into a state

A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart of Niagara (Versions 4.6.96.28, 4.7.109.20, 4.7.110.32, 4.8.0.110) and Niagara Enterprise Security (Versions 2.4.31, 2.4.45, 4.8.0.35) to correct. Tridium Provides Niagara Is a building automation system. As a result, threads on the system may hang and a manual reboot is required for recovery. Niagara is a platform used to support the connection of devices and applications. Attackers can use the vulnerability to cause the Niagara thread to hang

A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges. Desigo CC and Desigo CC Compact Exists in a code injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Desigo CC is a comprehensive building management platform for managing high-performance buildings. Desigo CC Compact provides tailor-made solutions for small and medium-sized buildings

Improper buffer restrictions in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Driver Exists in a buffer error vulnerability.Service operation interruption (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. An attacker could exploit this vulnerability to cause a denial of service

Out of bounds read in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Drivers Exists in an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A buffer error vulnerability exists in system drivers in versions prior to Intel Graphics Drivers 15.33.50.5129. An attacker could exploit this vulnerability to cause a denial of service

Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) Graphics Drivers Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in system drivers in versions prior to Intel Graphics Drivers 15.33.50.5129. An attacker could exploit this vulnerability to elevate privileges

Race condition in some Intel(R) Graphics Drivers before version 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in system drivers in versions prior to Intel Graphics Drivers 15.40.45.5126. An attacker could exploit this vulnerability to elevate privileges

Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Drivers Is vulnerable to out-of-bounds writes.Service operation interruption (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in kernel-mode drivers in versions prior to Intel Graphics Drivers 26.20.100.7755. An attacker could exploit this vulnerability to cause a denial of service

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications. The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. plural Microsoft Windows The product contains an elevation of privilege vulnerability. Both Microsoft Windows and Microsoft Windows Server are products of Microsoft Corporation. Microsoft Windows is an operating system for personal devices. Microsoft Windows Server is a server operating system. Netlogon is a service used to register all SRV resource records for domain controllers. The following products and versions are affected: Microsoft Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 1903, Windows Server 1909, Windows Server 2004. A flaw was found in the way samba handled file and directory permissions. (CVE-2020-14318) A null pointer dereference flaw was found in Samba's winbind service. This flaw allows a local user to crash the winbind service, causing a denial of service. The highest threat from this vulnerability is to system availability. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-1472). 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. The following packages have been upgraded to a later upstream version: samba (4.13.3). Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202012-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Samba: Multiple vulnerabilities Date: December 24, 2020 Bugs: #743433, #751724 ID: 202012-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Samba, the worst of which could result in a Denial of Service condition. Background ========== Samba is a suite of SMB and CIFS client/server programs. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-fs/samba < 4.12.9 >= 4.12.9 Description =========== Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Samba users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-4.12.9" References ========== [ 1 ] CVE-2020-14318 https://nvd.nist.gov/vuln/detail/CVE-2020-14318 [ 2 ] CVE-2020-14323 https://nvd.nist.gov/vuln/detail/CVE-2020-14323 [ 3 ] CVE-2020-14383 https://nvd.nist.gov/vuln/detail/CVE-2020-14383 [ 4 ] CVE-2020-1472 https://nvd.nist.gov/vuln/detail/CVE-2020-1472 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202012-24 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: samba security and bug fix update Advisory ID: RHSA-2020:5439-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:5439 Issue date: 2020-12-15 CVE Names: CVE-2020-1472 CVE-2020-14318 CVE-2020-14323 ===================================================================== 1. Summary: An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Resilient Storage (v. 7) - ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: Netlogon elevation of privilege vulnerability (Zerologon) (CVE-2020-1472) * samba: Missing handle permissions check in SMB1/2/3 ChangeNotify (CVE-2020-14318) * samba: Unprivileged user can crash winbind (CVE-2020-14323) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * The 'require_membership_of' documentation in pam_winbind manpage is incorrect (BZ#1853272) * Malfunctioning %U substitution in valid users option (BZ#1868917) * Regression: smbd and nmbd are restarted when samba-winbind package is upgraded (BZ#1878205) * winbindd memory leak on wbinfo -u with security=ADS (BZ#1892313) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the smb service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1853272 - The 'require_membership_of' documentation in pam_winbind manpage is incorrect [rhel-7.9.z] 1868917 - Malfunctioning %U substitution in valid users option [rhel-7.9.z] 1878205 - Regression: smbd and nmbd are restarted when samba-winbind package is upgraded [rhel-7.9.z] 1879822 - CVE-2020-1472 samba: Netlogon elevation of privilege vulnerability (Zerologon) 1891685 - CVE-2020-14323 samba: Unprivileged user can crash winbind 1892313 - winbindd memory leak on wbinfo -u with security=ADS [rhel-7.9.z] 1892631 - CVE-2020-14318 samba: Missing handle permissions check in SMB1/2/3 ChangeNotify 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: samba-4.10.16-9.el7_9.src.rpm noarch: samba-common-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-4.10.16-9.el7_9.i686.rpm libsmbclient-4.10.16-9.el7_9.x86_64.rpm libwbclient-4.10.16-9.el7_9.i686.rpm libwbclient-4.10.16-9.el7_9.x86_64.rpm samba-client-4.10.16-9.el7_9.x86_64.rpm samba-client-libs-4.10.16-9.el7_9.i686.rpm samba-client-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-libs-4.10.16-9.el7_9.i686.rpm samba-common-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-tools-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm samba-libs-4.10.16-9.el7_9.i686.rpm samba-libs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-4.10.16-9.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-9.el7_9.i686.rpm samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: samba-pidl-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-devel-4.10.16-9.el7_9.i686.rpm libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm libwbclient-devel-4.10.16-9.el7_9.i686.rpm libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm samba-4.10.16-9.el7_9.x86_64.rpm samba-dc-4.10.16-9.el7_9.x86_64.rpm samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-devel-4.10.16-9.el7_9.i686.rpm samba-devel-4.10.16-9.el7_9.x86_64.rpm samba-python-4.10.16-9.el7_9.i686.rpm samba-python-4.10.16-9.el7_9.x86_64.rpm samba-python-test-4.10.16-9.el7_9.x86_64.rpm samba-test-4.10.16-9.el7_9.x86_64.rpm samba-test-libs-4.10.16-9.el7_9.i686.rpm samba-test-libs-4.10.16-9.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: samba-4.10.16-9.el7_9.src.rpm noarch: samba-common-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-4.10.16-9.el7_9.i686.rpm libsmbclient-4.10.16-9.el7_9.x86_64.rpm libwbclient-4.10.16-9.el7_9.i686.rpm libwbclient-4.10.16-9.el7_9.x86_64.rpm samba-client-4.10.16-9.el7_9.x86_64.rpm samba-client-libs-4.10.16-9.el7_9.i686.rpm samba-client-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-libs-4.10.16-9.el7_9.i686.rpm samba-common-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-tools-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-libs-4.10.16-9.el7_9.i686.rpm samba-libs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-4.10.16-9.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-9.el7_9.i686.rpm samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: samba-pidl-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-devel-4.10.16-9.el7_9.i686.rpm libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm libwbclient-devel-4.10.16-9.el7_9.i686.rpm libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm samba-4.10.16-9.el7_9.x86_64.rpm samba-dc-4.10.16-9.el7_9.x86_64.rpm samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-devel-4.10.16-9.el7_9.i686.rpm samba-devel-4.10.16-9.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm samba-python-4.10.16-9.el7_9.i686.rpm samba-python-4.10.16-9.el7_9.x86_64.rpm samba-python-test-4.10.16-9.el7_9.x86_64.rpm samba-test-4.10.16-9.el7_9.x86_64.rpm samba-test-libs-4.10.16-9.el7_9.i686.rpm samba-test-libs-4.10.16-9.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: samba-4.10.16-9.el7_9.src.rpm noarch: samba-common-4.10.16-9.el7_9.noarch.rpm ppc64: libsmbclient-4.10.16-9.el7_9.ppc.rpm libsmbclient-4.10.16-9.el7_9.ppc64.rpm libwbclient-4.10.16-9.el7_9.ppc.rpm libwbclient-4.10.16-9.el7_9.ppc64.rpm samba-4.10.16-9.el7_9.ppc64.rpm samba-client-4.10.16-9.el7_9.ppc64.rpm samba-client-libs-4.10.16-9.el7_9.ppc.rpm samba-client-libs-4.10.16-9.el7_9.ppc64.rpm samba-common-libs-4.10.16-9.el7_9.ppc.rpm samba-common-libs-4.10.16-9.el7_9.ppc64.rpm samba-common-tools-4.10.16-9.el7_9.ppc64.rpm samba-debuginfo-4.10.16-9.el7_9.ppc.rpm samba-debuginfo-4.10.16-9.el7_9.ppc64.rpm samba-krb5-printing-4.10.16-9.el7_9.ppc64.rpm samba-libs-4.10.16-9.el7_9.ppc.rpm samba-libs-4.10.16-9.el7_9.ppc64.rpm samba-winbind-4.10.16-9.el7_9.ppc64.rpm samba-winbind-clients-4.10.16-9.el7_9.ppc64.rpm samba-winbind-modules-4.10.16-9.el7_9.ppc.rpm samba-winbind-modules-4.10.16-9.el7_9.ppc64.rpm ppc64le: libsmbclient-4.10.16-9.el7_9.ppc64le.rpm libwbclient-4.10.16-9.el7_9.ppc64le.rpm samba-4.10.16-9.el7_9.ppc64le.rpm samba-client-4.10.16-9.el7_9.ppc64le.rpm samba-client-libs-4.10.16-9.el7_9.ppc64le.rpm samba-common-libs-4.10.16-9.el7_9.ppc64le.rpm samba-common-tools-4.10.16-9.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-9.el7_9.ppc64le.rpm samba-krb5-printing-4.10.16-9.el7_9.ppc64le.rpm samba-libs-4.10.16-9.el7_9.ppc64le.rpm samba-winbind-4.10.16-9.el7_9.ppc64le.rpm samba-winbind-clients-4.10.16-9.el7_9.ppc64le.rpm samba-winbind-modules-4.10.16-9.el7_9.ppc64le.rpm s390x: libsmbclient-4.10.16-9.el7_9.s390.rpm libsmbclient-4.10.16-9.el7_9.s390x.rpm libwbclient-4.10.16-9.el7_9.s390.rpm libwbclient-4.10.16-9.el7_9.s390x.rpm samba-4.10.16-9.el7_9.s390x.rpm samba-client-4.10.16-9.el7_9.s390x.rpm samba-client-libs-4.10.16-9.el7_9.s390.rpm samba-client-libs-4.10.16-9.el7_9.s390x.rpm samba-common-libs-4.10.16-9.el7_9.s390.rpm samba-common-libs-4.10.16-9.el7_9.s390x.rpm samba-common-tools-4.10.16-9.el7_9.s390x.rpm samba-debuginfo-4.10.16-9.el7_9.s390.rpm samba-debuginfo-4.10.16-9.el7_9.s390x.rpm samba-krb5-printing-4.10.16-9.el7_9.s390x.rpm samba-libs-4.10.16-9.el7_9.s390.rpm samba-libs-4.10.16-9.el7_9.s390x.rpm samba-winbind-4.10.16-9.el7_9.s390x.rpm samba-winbind-clients-4.10.16-9.el7_9.s390x.rpm samba-winbind-modules-4.10.16-9.el7_9.s390.rpm samba-winbind-modules-4.10.16-9.el7_9.s390x.rpm x86_64: libsmbclient-4.10.16-9.el7_9.i686.rpm libsmbclient-4.10.16-9.el7_9.x86_64.rpm libwbclient-4.10.16-9.el7_9.i686.rpm libwbclient-4.10.16-9.el7_9.x86_64.rpm samba-4.10.16-9.el7_9.x86_64.rpm samba-client-4.10.16-9.el7_9.x86_64.rpm samba-client-libs-4.10.16-9.el7_9.i686.rpm samba-client-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-libs-4.10.16-9.el7_9.i686.rpm samba-common-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-tools-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm samba-libs-4.10.16-9.el7_9.i686.rpm samba-libs-4.10.16-9.el7_9.x86_64.rpm samba-python-4.10.16-9.el7_9.i686.rpm samba-python-4.10.16-9.el7_9.x86_64.rpm samba-winbind-4.10.16-9.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-9.el7_9.i686.rpm samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Resilient Storage (v. 7): ppc64le: ctdb-4.10.16-9.el7_9.ppc64le.rpm ctdb-tests-4.10.16-9.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-9.el7_9.ppc64le.rpm s390x: ctdb-4.10.16-9.el7_9.s390x.rpm ctdb-tests-4.10.16-9.el7_9.s390x.rpm samba-debuginfo-4.10.16-9.el7_9.s390x.rpm x86_64: ctdb-4.10.16-9.el7_9.x86_64.rpm ctdb-tests-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: samba-pidl-4.10.16-9.el7_9.noarch.rpm ppc64: libsmbclient-devel-4.10.16-9.el7_9.ppc.rpm libsmbclient-devel-4.10.16-9.el7_9.ppc64.rpm libwbclient-devel-4.10.16-9.el7_9.ppc.rpm libwbclient-devel-4.10.16-9.el7_9.ppc64.rpm samba-dc-4.10.16-9.el7_9.ppc64.rpm samba-dc-libs-4.10.16-9.el7_9.ppc64.rpm samba-debuginfo-4.10.16-9.el7_9.ppc.rpm samba-debuginfo-4.10.16-9.el7_9.ppc64.rpm samba-devel-4.10.16-9.el7_9.ppc.rpm samba-devel-4.10.16-9.el7_9.ppc64.rpm samba-python-4.10.16-9.el7_9.ppc.rpm samba-python-4.10.16-9.el7_9.ppc64.rpm samba-python-test-4.10.16-9.el7_9.ppc64.rpm samba-test-4.10.16-9.el7_9.ppc64.rpm samba-test-libs-4.10.16-9.el7_9.ppc.rpm samba-test-libs-4.10.16-9.el7_9.ppc64.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.ppc64.rpm ppc64le: libsmbclient-devel-4.10.16-9.el7_9.ppc64le.rpm libwbclient-devel-4.10.16-9.el7_9.ppc64le.rpm samba-dc-4.10.16-9.el7_9.ppc64le.rpm samba-dc-libs-4.10.16-9.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-9.el7_9.ppc64le.rpm samba-devel-4.10.16-9.el7_9.ppc64le.rpm samba-python-4.10.16-9.el7_9.ppc64le.rpm samba-python-test-4.10.16-9.el7_9.ppc64le.rpm samba-test-4.10.16-9.el7_9.ppc64le.rpm samba-test-libs-4.10.16-9.el7_9.ppc64le.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.ppc64le.rpm s390x: libsmbclient-devel-4.10.16-9.el7_9.s390.rpm libsmbclient-devel-4.10.16-9.el7_9.s390x.rpm libwbclient-devel-4.10.16-9.el7_9.s390.rpm libwbclient-devel-4.10.16-9.el7_9.s390x.rpm samba-dc-4.10.16-9.el7_9.s390x.rpm samba-dc-libs-4.10.16-9.el7_9.s390x.rpm samba-debuginfo-4.10.16-9.el7_9.s390.rpm samba-debuginfo-4.10.16-9.el7_9.s390x.rpm samba-devel-4.10.16-9.el7_9.s390.rpm samba-devel-4.10.16-9.el7_9.s390x.rpm samba-python-4.10.16-9.el7_9.s390.rpm samba-python-4.10.16-9.el7_9.s390x.rpm samba-python-test-4.10.16-9.el7_9.s390x.rpm samba-test-4.10.16-9.el7_9.s390x.rpm samba-test-libs-4.10.16-9.el7_9.s390.rpm samba-test-libs-4.10.16-9.el7_9.s390x.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.s390x.rpm x86_64: libsmbclient-devel-4.10.16-9.el7_9.i686.rpm libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm libwbclient-devel-4.10.16-9.el7_9.i686.rpm libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm samba-dc-4.10.16-9.el7_9.x86_64.rpm samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-devel-4.10.16-9.el7_9.i686.rpm samba-devel-4.10.16-9.el7_9.x86_64.rpm samba-python-test-4.10.16-9.el7_9.x86_64.rpm samba-test-4.10.16-9.el7_9.x86_64.rpm samba-test-libs-4.10.16-9.el7_9.i686.rpm samba-test-libs-4.10.16-9.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: samba-4.10.16-9.el7_9.src.rpm noarch: samba-common-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-4.10.16-9.el7_9.i686.rpm libsmbclient-4.10.16-9.el7_9.x86_64.rpm libwbclient-4.10.16-9.el7_9.i686.rpm libwbclient-4.10.16-9.el7_9.x86_64.rpm samba-4.10.16-9.el7_9.x86_64.rpm samba-client-4.10.16-9.el7_9.x86_64.rpm samba-client-libs-4.10.16-9.el7_9.i686.rpm samba-client-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-libs-4.10.16-9.el7_9.i686.rpm samba-common-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-tools-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm samba-libs-4.10.16-9.el7_9.i686.rpm samba-libs-4.10.16-9.el7_9.x86_64.rpm samba-python-4.10.16-9.el7_9.i686.rpm samba-python-4.10.16-9.el7_9.x86_64.rpm samba-winbind-4.10.16-9.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-9.el7_9.i686.rpm samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: samba-pidl-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-devel-4.10.16-9.el7_9.i686.rpm libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm libwbclient-devel-4.10.16-9.el7_9.i686.rpm libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm samba-dc-4.10.16-9.el7_9.x86_64.rpm samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-devel-4.10.16-9.el7_9.i686.rpm samba-devel-4.10.16-9.el7_9.x86_64.rpm samba-python-test-4.10.16-9.el7_9.x86_64.rpm samba-test-4.10.16-9.el7_9.x86_64.rpm samba-test-libs-4.10.16-9.el7_9.i686.rpm samba-test-libs-4.10.16-9.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-1472 https://access.redhat.com/security/cve/CVE-2020-14318 https://access.redhat.com/security/cve/CVE-2020-14323 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX9idqtzjgjWX9erEAQhLxg//aGgge7wuhwtrhosIFhpoMEPD3hrlBtLk 5uRe7SaKoJa65TxAbnAD2IRP118/bZyXkS4zi1NMW3cDubvdz+pXJEq5Avfp28qp 7HcfGUKrgcDzRXlAUGBMk9P7kfCUx+jiGluhO/qsFs3TbMxcZoQ8HJxP1php4tCd ibIHVRPRS8Z+o2SzwvSW0AnkYJTTBGCht0JZKN9rIaWwljYgUXW1Fy9CTAGd48Jc EcRDHn4sDNGKl60g77e/7FVpIz7HjNyD+AWtVx8hhf6IguJnPJF9LnP1Msu0fjMd K1eCVDOwlIbZYE11+bJ28sy90HEzsihUO5KJgUgn1yj28JVaezm6dm9TT8RG/N0P 6p4tJhW8OkmVgM7ltbPI6ENfyFih/LWKekEc0LUxbFUmD3u/aytwl8OaF/0vxdGV L/7fY5QIAdLKsgNrDl817XAHmtVaarwg6swfM/iOwICatlNiAIeEr4hbCc/ZvkCI iiVLKa64AXcBuIXBERa4lzqqjeCbAc0vuXG5zyk9wY23fORfrxZBYvU9SSfstubQ OR3F7Q3wDX9Nx7pdYnSmwwhHnVq8kNXO62agaKvlmQ3Z7exeLzdDM6Wy1wdXpYzi 4bPulpSOhcwDieCQLfPb+fMo13lbkfLX1eX1PeG0pK/nv//KBkkiTp1nLlHwRZzM 2lNVzS89G3A= =hQrq -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================= Ubuntu Security Notice USN-4510-2 September 17, 2020 samba vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: Samba would allow unintended access to files over the network. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. This update fixes the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which will force a secure netlogon channel. This may result in compatibility issues with older devices. A future update may allow a finer-grained control over this setting. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: samba 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9 In general, a standard system update will make all the necessary changes. See the following link for examples: https://www.samba.org/samba/security/CVE-2020-1472.html In addition, this update adds additional server checks for the protocol attack in the client-specified challenge to provide some protection when 'server schannel = no/auto' and avoid the false-positive results when running the proof-of-concept exploit. Description: Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied

Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) Graphics Drivers Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in versions prior to Intel Graphics Drivers 15.33.50.5129. An attacker could exploit this vulnerability to elevate privileges

Uncaught exception in the system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Drivers Is vulnerable to handling exceptional conditions.Service operation interruption (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in system drivers in versions prior to Intel Graphics Drivers 15.33.50.5129. An attacker could exploit this vulnerability to cause a denial of service

Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) Graphics Drivers Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in Intel Graphics Drivers prior to 15.45.31.5127 and 15.40.45.5126. An attacker could exploit this vulnerability to elevate privileges

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. plural Intel(R) PROSet/Wireless WiFi The product contains a vulnerability related to improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Intel PROSet/Wireless WiFi Software is a wireless network card driver of Intel Corporation. A security vulnerability exists in Intel PROSet/Wireless WiFi (Windows 7 and 8.1). An attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected: Intel Wi-Fi 6 AX201 before 21.40.5.1; Wi-Fi 6 AX200 before 21.40.5.1; Wireless-AC 9560 before 21.40.5.1; Wireless-AC 9462 before 21.40.5.1; Wireless-AC 9461 prior to 21.40.5.1; Wireless-AC 9260 prior to 21.40.5.1; Dual Band Wireless-AC 8265 prior to 21.40.5.1; Dual Band Wireless-AC 8260 prior to 21.40.5.1; Dual Band Wireless-AC 3168 Prior to 21.40.5.1; Wireless 7265 (Rev D) Family prior to 21.40.5.1; Dual Band Wireless-AC 3165 prior to 21.40.5.1

Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access. plural Intel(R) Wireless Bluetooth(R) The product contains an input verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. By executing a specially crafted program, an attacker could exploit this vulnerability to escalate privileges

Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially enable information disclosure via local access. plural Intel(R) Wireless Bluetooth(R) The product contains an out-of-bounds read vulnerability.Information may be obtained

Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20, after 2018-08-09 through 2020), as used by many different vendors in millions of Internet of Things devices, suffers from buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code via the peer-to-peer (P2P) service. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK. Shenzhen Hichip Vision Technology A classic buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Shenzhen Hichip Vision Technology Firmware is a firmware used in IoT devices from Shenzhen Hichip Vision, China. There are security vulnerabilities in Shenzhen Hichip Vision Technology Firmware V6 to V20 (2018-08-09 to 2020). Remote attackers can use this vulnerability to execute arbitrary code with the help of P2P services

Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic issues that allow remote attackers to access user session data, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK. Shenzhen Hichip Vision Technology There is a vulnerability in the firmware regarding the use of cryptographic algorithms.Information may be obtained. A remote attacker can use this vulnerability to access user session data

Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from a privilege escalation vulnerability that allows attackers on the local network to reset the device's administrator password. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK. Shenzhen Hichip Vision Technology There is a permission management vulnerability in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Shenzhen Hichip Vision Technology Firmware is a firmware used in IoT devices from Shenzhen Hichip Vision, China. An attacker can use this vulnerability to reset the administrator password of the device