6 November,20 at 10:02 AM
Question:
Do Samba Vulnerability CVE-2019-10218, CVE-2019-14833 & CVE-2019-14847 affects Centrify ?
Answer:
No, Samba Vulnerability CVE-2019-10218, CVE-2019-14833 & CVE-2019-14847 DO NOT Affect Centrify.
Centrify is no longer shipping Centrify-enabled Samba since Samba version 4.X, ONLY Centrifydc-adbindproxy package to interoperate Centrify with Opensource Samba which provides an adbindd daemon to mediates adclient and Samba.
Note:
Please follow Samba open source organization recent security updates to address vulnerabilities in multiple versions of Samba.
Ref:
National Cyber Awareness System Samba Releases Security Updates on 10/29/2019 12:33 PM EDT
https://www.us-cert.gov/ncas/current-activity/2019/10/29/samba-releases-security-updates
KB-20210: Common Questions Regarding Centrify DirectControl and CoreOS
KB-6731: Impact of Badlock (CVE-2016-0128/CVE-2016-2118) on Centrify-Enabled Samba
KB-1795: Does Samba security alert CVE-2010-3069 affect Centrify_Enabled_Samba ?
KB-9655: How Does the Meltdown & Spectre Vulnerabilities Affect Centrify
KB-2366:Does samba security alert CVE-2012-1182 affect Centrify_Enabled_Samba ?
KB-7094: Is Samba badlock have an affect with adsmb?
KB-8962: Does CVE-2017-11103 affect Centrify DirectControl?
KB-4799: Are Centrify Server Suite Products / Components affected by CVE-2014-6271 ( Bash ShellShock )?
KB-6073: How to join the Linux/Unix Centrify Server to Active Directory with specific Computer Role?