Showing 1 - 4 of 4

CVE-2015-8467

Status Candidate

Overview

The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535.

Related Files

Gentoo Linux Security Advisory 201612-47: Posted Dec 24, 2016; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201612-47 - Multiple vulnerabilities have been found in Samba, the worst of which may allow execution of arbitrary code with root privileges. Versions less than 4.2.11 are affected.; tags | advisory, arbitrary, root, vulnerability; systems | linux, gentoo; advisories | CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118; SHA-256 | a90feb7fa58b657e989e89a4f6c40472eeed2dc783afe5dad3b3e0c77040f948; Download | Favorite | View

Ubuntu Security Notice USN-2855-2: Posted Feb 16, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2855-2 - USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem.; tags | advisory, vulnerability; systems | linux, ubuntu; advisories | CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467; SHA-256 | 7086d756a9e42b4c4cfa8d6023f2eaf650513adb4854120cd3732d1c818288b0; Download | Favorite | View

Ubuntu Security Notice USN-2855-1: Posted Jan 5, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2855-1 - Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled certain packets. A remote attacker could use this issue to cause the LDAP server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. Jan Kasprzak discovered that Samba incorrectly handled certain symlinks. A remote attacker could use this issue to access files outside the exported share path. Various other issues were also addressed.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467; SHA-256 | 18d6b6eab4573732c5916ffb8324e2969fbb471ee55086f434a7c90629cc7e91; Download | Favorite | View

Debian Security Advisory 3433-1: Posted Jan 4, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3433-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.; tags | advisory, vulnerability; systems | linux, unix, debian; advisories | CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467; SHA-256 | da40f13d97d8facd68b0ff64d9a27c59443e12f77dc68a7c5873f1d049f3cd63; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2015-8467

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems