Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-0172

Опубликовано: 15 янв. 2013
Источник: redhat
CVSS2: 3.8

Описание

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute.

Отчет

Not vulnerable. This issue did not affect the versions of samba4 as shipped with Red Hat Enterprise Linux 6 as they did not include support for the Domain Controller components.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6samba4Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=895631samba4: may provide authenticated users with write access to LDAP directory objects when used as an AD DC

3.8 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-0172

ubuntu
около 13 лет назад

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute.

nvd логотип

CVE-2013-0172

nvd
около 13 лет назад

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute.

debian логотип

CVE-2013-0172

debian
около 13 лет назад

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controlle ...

github логотип

GHSA-pccc-3h39-28j7

github
почти 4 года назад

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute.

3.8 Low

CVSS2