Bugzilla – Bug 1154289
VUL-0: CVE-2019-14833: samba: Accent with "check script password"
Last modified: 2020-09-17 19:14:36 UTC
is public https://www.samba.org/samba/security/CVE-2019-14833.html CVE-2019-14833.html ===================================================================== == Subject: Samba AD DC check password script does not receive == the full password. == == CVE ID#: CVE-2019-14833 == == Versions: Samba 4.5.0 and later == == Summary: When the password contains multi-byte (non-ASCII) == characters, the check password script does not == receive the full password string. ===================================================================== =========== Description =========== Since Samba Version 4.5.0 a Samba AD DC can use a custom command to verify the password complexity. The command can be specified with the "check password script" smb.conf parameter. This command is called when Samba handles a user password change or a new user password is set. The script receives the new cleartext password string in order to run custom password complexity checks like dictionary checks to avoid weak user passwords. When the password contains multi-byte (non-ASCII) characters, the check password script does not receive the full password string. ================== Patch Availability ================== Patches addressing both these issues have been posted to: https://www.samba.org/samba/security/ Additionally, Samba 4.11.2, 4.10.10 and 4.9.15 have been issued as security releases to correct the defect. Samba administrators are advised to upgrade to these releases or apply the patch as soon as possible. ================== CVSSv3 calculation ================== CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N (4.2) ========== Workaround ========== If the check password script parameter is not specified, Samba runs the internal password quality checks. The internal check makes sure that a password contains characters from three of five different characters categories. ======= Credits ======= Originally reported by Simon Fonteneau in 2016 and indicated as security issue by Björn Baumbach. Patches provided by Björn Baumbach of the Samba Team and SerNet and Andrew Bartlett of the Samba Team and Catalyst. ========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ==========================================================
SUSE-SU-2019:2866-1: An update that solves three vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1144902,1148539,1152143,1154289,1154598 CVE References: CVE-2019-10218,CVE-2019-14833,CVE-2019-14847 Sources used: SUSE Linux Enterprise Module for Python2 15-SP1 (src): samba-4.9.5+git.210.ab0549acb05-3.14.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): samba-4.9.5+git.210.ab0549acb05-3.14.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): samba-4.9.5+git.210.ab0549acb05-3.14.1 SUSE Linux Enterprise High Availability 15-SP1 (src): samba-4.9.5+git.210.ab0549acb05-3.14.1 SUSE Enterprise Storage 6 (src): samba-4.9.5+git.210.ab0549acb05-3.14.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2019:2868-1: An update that solves three vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 1125601,1127153,1130245,1134452,1144902,1154289,1154598 CVE References: CVE-2019-10218,CVE-2019-14833,CVE-2019-14847 Sources used: SUSE Linux Enterprise Module for Packagehub Subpackages 15 (src): samba-4.7.11+git.186.d75219614c3-4.30.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): samba-4.7.11+git.186.d75219614c3-4.30.1 SUSE Linux Enterprise Module for Basesystem 15 (src): samba-4.7.11+git.186.d75219614c3-4.30.1 SUSE Linux Enterprise High Availability 15 (src): samba-4.7.11+git.186.d75219614c3-4.30.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Reassign to security team for check and close.
openSUSE-SU-2019:2442-1: An update that solves three vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1144902,1148539,1152143,1154289,1154598 CVE References: CVE-2019-10218,CVE-2019-14833,CVE-2019-14847 Sources used: openSUSE Leap 15.1 (src): samba-4.9.5+git.210.ab0549acb05-lp151.2.9.1
openSUSE-SU-2019:2458-1: An update that solves three vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 1125601,1127153,1130245,1134452,1144902,1154289,1154598 CVE References: CVE-2019-10218,CVE-2019-14833,CVE-2019-14847 Sources used: openSUSE Leap 15.0 (src): samba-4.7.11+git.186.d75219614c3-lp150.3.18.2
After having a look to the patch it is not required for SLE-12-SP3. The vulnerability only affects to samba "AD DC", a functionality we do not ship in 12 SP3. -> done
SUSE-SU-2020:2673-1: An update that fixes 15 vulnerabilities is now available. Category: security (important) Bug References: 1141267,1144902,1154289,1154598,1158108,1158109,1160850,1160852,1160888,1169850,1169851,1173159,1173160,1173359,1174120 CVE References: CVE-2019-10197,CVE-2019-10218,CVE-2019-14833,CVE-2019-14847,CVE-2019-14861,CVE-2019-14870,CVE-2019-14902,CVE-2019-14907,CVE-2019-19344,CVE-2020-10700,CVE-2020-10704,CVE-2020-10730,CVE-2020-10745,CVE-2020-10760,CVE-2020-14303 JIRA References: Sources used: SUSE Linux Enterprise Software Development Kit 12-SP5 (src): ldb-1.5.8-3.5.1, samba-4.10.17+git.203.862547088ca-3.14.1 SUSE Linux Enterprise Server 12-SP5 (src): ldb-1.5.8-3.5.1, samba-4.10.17+git.203.862547088ca-3.14.1 SUSE Linux Enterprise High Availability 12-SP5 (src): samba-4.10.17+git.203.862547088ca-3.14.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.