Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-2126

Опубликовано: 19 дек. 2016
Источник: redhat
CVSS3: 3.5
CVSS2: 2.3
EPSS Низкий

Описание

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.

A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5sambaWill not fix
Red Hat Enterprise Linux 5samba3xWill not fix
Red Hat Enterprise Linux 6sambaFixedRHSA-2017:066221.03.2017
Red Hat Enterprise Linux 6samba4FixedRHSA-2017:074421.03.2017
Red Hat Enterprise Linux 7sambaFixedRHSA-2017:126522.05.2017
Red Hat Gluster Storage 3.2 for RHEL 6sambaFixedRHSA-2017:049423.03.2017
Red Hat Gluster Storage 3.2 for RHEL 7sambaFixedRHSA-2017:049523.03.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1403115samba: Flaws in Kerberos PAC validation can trigger privilege elevation

EPSS

Процентиль: 87%
0.03245
Низкий

3.5 Low

CVSS3

2.3 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-2126

CVSS3: 6.5
ubuntu
около 8 лет назад

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.

nvd логотип

CVE-2016-2126

CVSS3: 6.5
nvd
около 8 лет назад

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.

debian логотип

CVE-2016-2126

CVSS3: 6.5
debian
около 8 лет назад

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation d ...

github логотип

GHSA-j88p-975v-5qqh

CVSS3: 6.5
github
около 3 лет назад

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.

fstec логотип

BDU:2021-01425

CVSS3: 6.5
fstec
около 8 лет назад

Уязвимость реализации протокола Kerberos пакета программ сетевого взаимодействия Samba, связанная с недостатком механизма контроля привилегий и средств управления доступом, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 87%
0.03245
Низкий

3.5 Low

CVSS3

2.3 Low

CVSS2