CVE-2014-8143
N/A
N/A
Summary
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.416326
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
- https://download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch
- http://www.securitytracker.com/id/1031615
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100596
- https://download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch
- https://www.samba.org/samba/security/CVE-2014-8143
- http://www.securityfocus.com/bid/72278
- http://secunia.com/advisories/62594
- http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html
- http://www.ubuntu.com/usn/USN-2481-1
References
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.416326
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
- https://download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch
- http://www.securitytracker.com/id/1031615
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100596
- https://download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch
- https://www.samba.org/samba/security/CVE-2014-8143
- http://www.securityfocus.com/bid/72278
- http://secunia.com/advisories/62594
- http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html
- http://www.ubuntu.com/usn/USN-2481-1
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.