漏洞信息详情
Oracle ZFS Storage Appliance 安全漏洞
- CNNVD编号:CNNVD-202008-548 <!--
- 危害等级: 超危-->
- 危害等级: 超危
- CVE编号: CVE-2020-1472
- 漏洞类型: 其他
- 发布时间: 2020-08-11
- 威胁类型: 远程
- 更新时间: 2021-10-08
- 厂 商:
- 漏洞来源: Tom Tervoort of Se...
-
漏洞简介
Oracle ZFS Storage Appliance是美国甲骨文(Oracle)公司的一个支持闪存、PB级文件存储并内置Oracle数据库的存储设备。
Oracle ZFS存储设备套件产品(组件:操作系统映像)中存在安全漏洞。受影响的版本为8.8。易被利用的yulnerability允许未经身份验证的攻击者通过多种协议进行网络访问,从而破坏Oracle ZFS存储设备套件。虽然该漏洞存在于Oracle ZFS存储设备工具包中,但攻击可能会显著影响其他产品。成功攻击此漏洞可能导致Oracle ZFS存储设备套件被接管。受影响产品、组件及版本信息如下:(Oracle ZFS Storage Appliance Kit--Operating System Image--8.8)。
漏洞公告
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1472
参考网址
来源:MLIST
链接:http://www.openwall.com/lists/oss-security/2020/09/17/2
来源:FEDORA
链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/
来源:FEDORA
链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/
来源:FEDORA
链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/
来源:CONFIRM
链接:https://www.synology.com/security/advisory/Synology_SA_20_21
来源:MISC
链接:https://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html
来源:UBUNTU
链接:https://usn.ubuntu.com/4559-1/
来源:MISC
链接:https://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html
来源:CERT-VN
链接:https://www.kb.cert.org/vuls/id/490028
来源:UBUNTU
链接:https://usn.ubuntu.com/4510-1/
来源:GENTOO
链接:https://security.gentoo.org/glsa/202012-24
来源:UBUNTU
链接:https://usn.ubuntu.com/4510-2/
来源:N/A
链接:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html
来源:MISC
链接:https://www.oracle.com/security-alerts/cpuApr2021.html
来源:media.cert.europa.eu
链接:https://media.cert.europa.eu/static/SecurityAdvisories/2020/CERT-EU-SA2020-046.pdf
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerability-from-samba-affects-ibm-netezza-host-management/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1706
来源:www.oracle.com
链接:https://www.oracle.com/security-alerts/cpuapr2021.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/162645/Red-Hat-Security-Advisory-2021-1647-01.html
来源:portal.msrc.microsoft.com
链接:https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1472
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021052030
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/Microsoft-Windows-vulnerabilities-of-August-2020-33057
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/164406/Red-Hat-Security-Advisory-2021-3723-01.html
来源:cxsecurity.com
链接:https://cxsecurity.com/issue/WLB-2020110151
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4143/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.2781
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160823/Understanding-And-Exploiting-Zerologon.html
来源:www.huawei.com
链接:https://www.huawei.com/cn/psirt/security-notices/huawei-sn-20200925-01-netlogon-cn
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4436/
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021063032
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160507/Red-Hat-Security-Advisory-2020-5439-01.html
来源:www.nsfocus.net
链接:http://www.nsfocus.net/vulndb/48189
来源:www.nsfocus.net
链接:http://www.nsfocus.net/vulndb/48563
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160717/Gentoo-Linux-Security-Advisory-202012-24.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3417/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3219/
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/Microsoft-Windows-Samba-privilege-escalation-via-Active-Directory-Domain-Services-Zerologon-33336
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3239/
来源:www.exploit-db.com
链接:https://www.exploit-db.com/exploits/49071
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html
来源:nvd.nist.gov
链接:https://nvd.nist.gov/vuln/detail/CVE-2020-1472
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021042837
来源:www.kb.cert.org
链接:https://www.kb.cert.org/vuls/id/490028
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.2604
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159207/Ubuntu-Security-Notice-USN-4510-2.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.3303
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021100615
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159414/Ubuntu-Security-Notice-USN-4559-1.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3188/
受影响实体
暂无
补丁
暂无
还没有评论,来说两句吧...