[Git][security-tracker-team/security-tracker][master] Track CVE-2020-1472 for samba
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 16 16:10:02 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2977599c by Salvatore Bonaccorso at 2020-09-16T17:09:30+02:00
Track CVE-2020-1472 for samba
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -60946,8 +60946,11 @@ CVE-2020-1474 (An information disclosure vulnerability exists when the Windows I
CVE-2020-1473 (A remote code execution vulnerability exists when the Windows Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2020-1472 (An elevation of privilege vulnerability exists when an attacker establ ...)
- NOT-FOR-US: Microsoft
+ - samba <unfixed>
NOTE: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
+ NOTE: Originally a Microsoft only CVE but it was found that the ZeroLogon attack
+ NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14497
+ NOTE: Mitigation: server schannel = yes; but code changes planned.
CVE-2020-1471 (An elevation of privilege vulnerability exists when Microsoft Windows ...)
NOT-FOR-US: Microsoft
CVE-2020-1470 (An elevation of privilege vulnerability exists when the Windows Work F ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2977599ceb64a11dff629f480ba1f8d720b3e5aa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2977599ceb64a11dff629f480ba1f8d720b3e5aa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200916/6b170f71/attachment.html>
More information about the debian-security-tracker-commits
mailing list