MitM attack in Samba Rsync



Published: 2021-01-04
Risk Medium
Patch available NO
Number of vulnerabilities 1
CVE-ID CVE-2020-14387
CWE-ID CWE-297
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Rsync
Server applications / Other server solutions

Vendor Samba

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Improper validation of certificate with host mismatch

EUVDB-ID: #VU49239

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-14387

CWE-ID: CWE-297 - Improper Validation of Certificate with Host Mismatch

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists in Samba rsync due to the application does not verify the hostname in the server certificate in openssl mode. A remote attacker can supply any valid certificate for another hostname and intercept the traffic.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Rsync: 3.2.0 - 3.2.3pre1


CPE2.3 External links

http://bugzilla.redhat.com/show_bug.cgi?id=1875549
http://git.samba.org/?p=rsync.git;a=commitdiff;h=c3f7414c450faaf6a8281cc4a4403529aeb7d859
http://bugs.archlinux.org/task/69051

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###