Описание
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2:4.1.11+dfsg-1ubuntu4 |
| esm-infra-legacy/trusty | released | 2:4.1.6+dfsg-1ubuntu2.14.04.4 |
| esm-infra/xenial | released | 2:4.1.11+dfsg-1ubuntu4 |
| lucid | not-affected | |
| precise | not-affected | |
| precise/esm | not-affected | |
| trusty | released | 2:4.1.6+dfsg-1ubuntu2.14.04.4 |
| trusty/esm | released | 2:4.1.6+dfsg-1ubuntu2.14.04.4 |
| upstream | released | 4.0.24, 4.1.16 |
| utopic | released | 2:4.1.11+dfsg-1ubuntu2.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.0.24, 4.1.16 |
| utopic | DNE | |
| vivid | DNE |
Показывать по
Ссылки на источники
EPSS
8.5 High
CVSS2
Связанные уязвимости
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc ...
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.
Уязвимость конфигурации Active Directory Domain Controller (AD DC) пакета программ сетевого взаимодействия Samba, связанная с недостатком механизма контроля привилегий и средств управления доступом, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
8.5 High
CVSS2