{"id":"USN-4510-2","summary":"samba vulnerability","details":"USN-4510-1 fixed a vulnerability in Samba. This update provides\nthe corresponding update for Ubuntu 14.04 ESM.\n\nOriginal advisory details:\n\n Tom Tervoort discovered that the Netlogon protocol implemented by Samba\n incorrectly handled the authentication scheme. A remote attacker could use\n this issue to forge an authentication token and steal the credentials of\n the domain admin.\n\n This update fixes the issue by changing the \"server schannel\" setting to\n default to \"yes\", instead of \"auto\", which will force a secure netlogon\n channel. This may result in compatibility issues with older devices. A\n future update may allow a finer-grained control over this setting.\n","modified":"2026-02-10T04:41:55Z","published":"2020-09-17T12:31:27Z","related":["UBUNTU-CVE-2020-1472"],"upstream":["CVE-2020-1472","UBUNTU-CVE-2020-1472"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4510-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-1472"}],"affected":[{"package":{"name":"samba","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/samba@2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9?arch=source&distro=trusty/esm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9"}]}],"versions":["2:3.6.18-1ubuntu3","2:4.0.10+dfsg-4ubuntu2","2:4.0.13+dfsg-1ubuntu1","2:4.1.3+dfsg-2ubuntu2","2:4.1.3+dfsg-2ubuntu3","2:4.1.3+dfsg-2ubuntu4","2:4.1.3+dfsg-2ubuntu5","2:4.1.6+dfsg-1ubuntu1","2:4.1.6+dfsg-1ubuntu2","2:4.1.6+dfsg-1ubuntu2.14.04.1","2:4.1.6+dfsg-1ubuntu2.14.04.2","2:4.1.6+dfsg-1ubuntu2.14.04.3","2:4.1.6+dfsg-1ubuntu2.14.04.4","2:4.1.6+dfsg-1ubuntu2.14.04.5","2:4.1.6+dfsg-1ubuntu2.14.04.7","2:4.1.6+dfsg-1ubuntu2.14.04.8","2:4.1.6+dfsg-1ubuntu2.14.04.9","2:4.1.6+dfsg-1ubuntu2.14.04.11","2:4.1.6+dfsg-1ubuntu2.14.04.12","2:4.1.6+dfsg-1ubuntu2.14.04.13","2:4.3.8+dfsg-0ubuntu0.14.04.2","2:4.3.9+dfsg-0ubuntu0.14.04.1","2:4.3.9+dfsg-0ubuntu0.14.04.3","2:4.3.11+dfsg-0ubuntu0.14.04.1","2:4.3.11+dfsg-0ubuntu0.14.04.2","2:4.3.11+dfsg-0ubuntu0.14.04.3","2:4.3.11+dfsg-0ubuntu0.14.04.4","2:4.3.11+dfsg-0ubuntu0.14.04.6","2:4.3.11+dfsg-0ubuntu0.14.04.7","2:4.3.11+dfsg-0ubuntu0.14.04.8","2:4.3.11+dfsg-0ubuntu0.14.04.9","2:4.3.11+dfsg-0ubuntu0.14.04.10","2:4.3.11+dfsg-0ubuntu0.14.04.11","2:4.3.11+dfsg-0ubuntu0.14.04.12","2:4.3.11+dfsg-0ubuntu0.14.04.13","2:4.3.11+dfsg-0ubuntu0.14.04.14","2:4.3.11+dfsg-0ubuntu0.14.04.16","2:4.3.11+dfsg-0ubuntu0.14.04.17","2:4.3.11+dfsg-0ubuntu0.14.04.19","2:4.3.11+dfsg-0ubuntu0.14.04.20","2:4.3.11+dfsg-0ubuntu0.14.04.20+esm1","2:4.3.11+dfsg-0ubuntu0.14.04.20+esm2","2:4.3.11+dfsg-0ubuntu0.14.04.20+esm3","2:4.3.11+dfsg-0ubuntu0.14.04.20+esm4","2:4.3.11+dfsg-0ubuntu0.14.04.20+esm6","2:4.3.11+dfsg-0ubuntu0.14.04.20+esm7","2:4.3.11+dfsg-0ubuntu0.14.04.20+esm8"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","binaries":[{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"libnss-winbind"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"libpam-smbpass"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"libpam-winbind"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"libparse-pidl-perl"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"libsmbclient"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"libsmbclient-dev"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"libsmbsharemodes-dev"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"libsmbsharemodes0"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"libwbclient-dev"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"libwbclient0"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"python-samba"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"registry-tools"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"samba"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"samba-common"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"samba-common-bin"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"samba-dev"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"samba-dsdb-modules"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"samba-libs"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"samba-testsuite"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"samba-vfs-modules"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"smbclient"},{"binary_version":"2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9","binary_name":"winbind"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:Pro:14.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2020-1472"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4510-2.json"}}],"schema_version":"1.7.3"}