Russian Vulnerability Scanner Database

Back to List

BDU:2020-04016

Scores

EPSS

0.000none0.0%
0%20%40%60%80%100%

Percentile: 0.0%

CVSS

10.0critical3.x
0246810

CVSS Score: 10.0/10

All CVSS Scores

CVSS 3.x
10.0

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVSS 2.0
10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Description

Уязвимость реализации протокола Netlogon Remote Protocol (MS-NRPC) операционных систем Windows связана с недостатками разграничения доступа к некоторым функциям. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, повысить свои привилегии с помощью специально созданного приложения

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

bdumsrc

Related Vulnerabilities

CVE-2020-1472

Reference Links

https://nvd.nist.gov/vuln/detail?vulnId=CVE-2020-1472
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
https://www.cybersecurity-help.cz/vdb/SB2020081242
https://security-tracker.debian.org/tracker/CVE-2020-1472
https://nvd.nist.gov/vuln/detail/CVE-2020-1472
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-0819SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200921SE16MD
https://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html
https://lists.fedoraproject.org/archives/list/package-announce
lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/
https://ubuntu.com/security/notices/USN-4510-1
https://ubuntu.com/security/notices/USN-4510-2
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.1/
https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023
http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html
https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv

Recommendations

Source: bdu

Использование рекомендаций производителя:
Для программных продуктов Мicrosoft Corp.:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

Для Samba:
https://www.samba.org/samba/security/CVE-2020-1472.html

Для Debian:
https://security-tracker.debian.org/tracker/CVE-2020-1472

Для программных продуктов Novell Inc.:
https://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html

Для Fedora:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/

Для Ubuntu:
https://ubuntu.com/security/notices/USN-4510-1
https://ubuntu.com/security/notices/USN-4510-2

Для ОС Astra Linux:
использование рекомендаций производителя:
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-0819SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200921SE16MD

Для ОС ОН «Стрелец»:
Обновление программного обеспечения samba до версии 2:4.13.17+repack-1osnova1strelets

URL: https://bdu.fstec.ru/vul/2020-04016

Vulnerable Software (53)

Type: Configuration

Vendor: samba team

Product: samba

Operating System: windows_server_2004 (server core installation)

Trait: 
{  "version_end_including": "4.12.5"}

Source: bdu

Type: Configuration

Vendor: samba team

Product: samba

Operating System: windows_server_2019 *

Trait: 
{  "version_end_including": "4.12.5"}

Source: bdu

Type: Configuration

Vendor: samba team

Product: samba

Operating System: debian gnu/linux 10

Trait: 
{  "version_end_including": "4.12.5"}

Source: bdu

Type: Configuration

Vendor: samba team

Product: samba

Operating System: windows_server 1909 (server core installation)

Trait: 
{  "version_end_including": "4.12.5"}

Source: bdu

Type: Configuration

Vendor: samba team

Product: samba

Operating System: windows_server 2012 r2

Trait: 
{  "version_end_including": "4.12.5"}

Source: bdu

Type: Configuration

Vendor: samba team

Product: samba

Operating System: windows_server 2008 r2 service pack 1 (server core installation)

Trait: 
{  "version_end_including": "4.12.5"}

Source: bdu

Type: Configuration

Vendor: samba team

Product: samba

Operating System: windows_server_2012 r2 (server core installation)

Trait: 
{  "version_end_including": "4.12.5"}

Source: bdu

Type: Configuration

Vendor: samba team

Product: samba

Operating System: windows_server_1909 (server core installation)

Trait: 
{  "version_end_including": "4.12.5"}

Source: bdu

Type: Configuration

Vendor: samba team

Product: samba

Operating System: astra 4.7

Trait: 
{  "version_end_including": "4.12.5"}

Source: bdu

Type: Configuration

Vendor: samba team

Product: samba

Operating System: strelets *

Trait: 
{  "version_end_including": "4.12.5"}

Source: bdu