Lucene search

K

RedhatCVELIST:CVE-2014-8143

HistoryJan 17, 2015 - 2:00 a.m.

CVE-2014-8143

2015-01-1702:00:00

redhat

www.cve.org

5

AI Score

7.3

Confidence

High

EPSS

0.004

Percentile

73.8%

Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.

References

lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html

secunia.com/advisories/62594

www.securityfocus.com/bid/72278

www.securitytracker.com/id/1031615

www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.416326

www.ubuntu.com/usn/USN-2481-1

download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch

download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch

exchange.xforce.ibmcloud.com/vulnerabilities/100596

www.samba.org/samba/security/CVE-2014-8143

AI Score

7.3

Confidence

High

EPSS

0.004

Percentile

73.8%

Related for CVELIST:CVE-2014-8143

slackware1 ubuntu1 altlinux2 nessus7 ubuntucve1 debiancve1 archlinux1 securityvulns2 freebsd1 nvd1 cve1 openvas5 prion1 samba1 suse2 osv1