An buga faci na Samba 4.15.2, 4.14.10, da 4.13.14, suna magance raunin da ya shafi guda takwas, waɗanda mafi yawansu na iya haifar da cikakken sulhu na yankin Active Directory. Abin lura shi ne, an gyara ɗaya daga cikin matsalolin tun 2016, kuma biyar tun 2020. Duk da haka, faci ɗaya ya hana winbindd aiki lokacin da aka kunna saitin "allow trusted domains = no" (masu haɓaka suna da niyyar buga wani sabuntawa nan take tare da gyara). Ana iya bin diddigin sakin sabuntawar fakiti a cikin rarrabawa akan shafuka masu zuwa: Debian, Ubuntu, RHEL, SUSE, Fedora, Arch, FreeBSD.
Kafaffen lahani:
- CVE-2020-25717 - Saboda wata matsala a cikin dabarar da ake da ita wajen tsara taswirar masu amfani da yankin zuwa ga masu amfani da tsarin gida, mai amfani da yankin Active Directory wanda ke da ikon ƙirƙirar sabbin asusu akan tsarin su, wanda aka sarrafa ta hanyar ms-DS-MachineAccountQuota, zai iya samun damar shiga tushen wasu tsarin a cikin yankin. yanki.
- CVE-2021-3738 - Rashin lahanin amfani bayan-kyauta a cikin Samba AD DC (dsdb) aiwatar da sabar RPC na iya haifar da haɓaka gata yayin sarrafa saitin haɗin gwiwa.
- CVE-2016-2124 - Haɗin abokin ciniki da aka kafa ta amfani da ka'idar SMB1 za a iya tura shi zuwa share rubutu ko tantancewar NTLM (misali, don tantance takaddun shaidar harin mutum-in-tsakiyar), koda kuwa an saita mai amfani ko aikace-aikacen don buƙatar amincin Kerberos.
- CVE-2020-25722 - Mai kula da yankin Active Directory na tushen Samba bai yi daidaitaccen bincike kan bayanan da aka adana ba, yana barin kowane mai amfani ya ketare binciken izini kuma ya lalata yankin gaba ɗaya.
- CVE-2020-25718 - Mai kula da yankin Active Directory na tushen Samba bai ware tikitin Kerberos daidai da wanda mai kula da yanki na karanta-kawai (RODC) ya bayar, wanda za'a iya amfani dashi don samun tikitin gudanarwa daga RODC ba tare da izini ba.
- CVE-2020-25719 - Mai kula da yanki na Active Directory na Samba ba koyaushe yayi la'akari da filayen SID da PAC a cikin tikitin Kerberos (lokacin da aka saita "gensec:require_pac = gaskiya", sunan kawai aka bincika, kuma ba a yi la'akari da PAC ba), wanda ya ba da damar mai amfani tare da haƙƙin ƙirƙira asusu akan tsarin gida don sanya wani mai amfani da shi.
- CVE-2020-25721 - Kerberos-ingantattun masu amfani ba koyaushe ana ba da su na musamman Active Directory gano masu ganowa (objectSid), wanda zai iya haifar da haɗuwa-da-mai amfani.
- CVE-2021-23192 - Harin mutum-a-tsakiyar na iya toshe gutsuttsura a cikin manyan buƙatun DCE/RPC waɗanda suka rabu zuwa sassa da yawa.
source: budenet.ru
