CVE-2021-20254 : samba - negative idmap cache
Versions Affected : All versions prior to TrueNAS 12.0-U3.1
Description
Negative idmap cache entries can cause incorrect group entries in the Samba file server process token.
2021-04
CVE-2020-15078 : openvpn - authentication bypass
Versions Affected : All versions prior to TrueNAS 12.0-U3.1
Description
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
2021-01
CVE-2021-3156 : sudo - Heap-based Buffer Overflow
Versions Affected : All versions prior to TrueNAS 12.0-U2 Description A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. It has been given the name Baron Samedit by its discoverer. The bug can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is not required to exploit the bug.
2020-08
CVE-2020-24717 : Insecure Permissions
Versions Affected : TrueNAS 12.0-BETA1 and 12.0-BETA2 Description OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions as user permissions, as demonstrated by mode 0770 being equivalent to mode 0777 Workaround No workaround is available. Mitigation Upgrade to 12.0-BETA2.1 or later Commit Jira Ticket Github Commit Ports Commit Further information NIST CVE-2020-24717 Entry
CVE-2020-24716 : Insecure Permissions
Versions Affected : TrueNAS 12.0-BETA1 and 12.0-BETA2 Description OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permissions for all directories. Workaround No workaround is available. Mitigation Upgrade to 12.0-BETA2.1 or later Commit Jira Ticket Github Commit Ports Commit Further information NIST CVE-2020-24716 Entry
2020-04
CVE-2020-11650 : Login DOS
Versions Affected : All verisons prior to FreeNAS/TrueNAS 11.2-u8 Description An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-u1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent. Workaround No workaround is available. Mitigation Upgrade to FreeNAS/TrueNAS 11.
2020-01
CVE-2019-14907 : Samba Log Level
Versions Affected : All verisons prior to FreeNAS/TrueNAS 11.2-U8
Description
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with “log level = 3” (or above) then the string obtained from the client, after a failed character conversion, is printed.
2019-12
CVE-2019-14870 : Samba AD DNS DoS
Versions Affected : All versions prior to FreeNAS 11.2-U8
Description
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable.
CVE-2019-14861 : Samba AD DNS DoS
Versions Affected : All versions prior to FreeNAS 11.2-U8
Description
An authenticated user can crash the DCE/RPC DNS management server by creating records matching the zone name in different case spelling.
2019-09
CVE-2019-10197 : Samba Config
Versions Affected : All versions prior to FreeNAS 11.2-U6
Description
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file.
2019-04
CVE-2019-3880 : Samba RPC Endpoint Emulation
Versions Affected : All versions prior to FreeNAS 11.2-U4
Description
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API.