CVE-2020-1472 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Access restriction bypass |
| Description | A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obtain domain administrator privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1236 | samba | 4.12.6-1 | 4.13.0-1 | Medium | Fixed | FS#67983 |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 29 Sep 2020 | ASA-202009-17 | AVG-1236 | samba | Medium | access restriction bypass |
| References |
|---|
https://www.samba.org/samba/security/CVE-2020-1472.html |