1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
PublicDateAtUSN: 2015-01-16
Candidate: CVE-2014-8143
PublicDate: 2015-01-16
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8143
https://www.samba.org/samba/security/CVE-2014-8143
https://download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch
https://download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch
http://www.ubuntu.com/usn/usn-2481-1
Description:
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4,
when an Active Directory Domain Controller (AD DC) is configured, allows
remote authenticated users to set the LDB userAccountControl
UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by
leveraging delegation of authority for user-account or computer-account
creation.
Ubuntu-Description:
Notes:
Bugs:
https://bugzilla.samba.org/show_bug.cgi?id=10993 (private)
Priority: medium
Discovered-by: Andrew Bartlett
Assigned-to: mdeslaur
Patches_samba4:
upstream_samba4: released (4.0.24, 4.1.16)
lucid_samba4: ignored (reached end-of-life)
precise_samba4: ignored (reached end-of-life)
precise/esm_samba4: DNE (precise was needed)
trusty_samba4: DNE
utopic_samba4: DNE
vivid_samba4: DNE
vivid/stable-phone-overlay_samba4: DNE
vivid/ubuntu-core_samba4: DNE
wily_samba4: DNE
xenial_samba4: DNE
yakkety_samba4: DNE
zesty_samba4: DNE
devel_samba4: DNE
Patches_samba:
upstream: https://git.samba.org/?p=samba.git;a=commit;h=9e15786d093ac984262394510333cb3c3d512e1a
upstream: https://git.samba.org/?p=samba.git;a=commit;h=f2cb9b99235ebfdd0d53c3ebdaaac44f8b958311
upstream: https://git.samba.org/?p=samba.git;a=commit;h=3c93b5772ef002569810b01c39faac8b34168f05
upstream: https://git.samba.org/?p=samba.git;a=commit;h=5cc1c0ec403358d08e208a38feae11631510ab72
upstream_samba: released (4.0.24, 4.1.16)
lucid_samba: not-affected
precise_samba: not-affected
precise/esm_samba: not-affected
trusty_samba: released (2:4.1.6+dfsg-1ubuntu2.14.04.4)
utopic_samba: released (2:4.1.11+dfsg-1ubuntu2.1)
vivid_samba: released (2:4.1.11+dfsg-1ubuntu4)
vivid/stable-phone-overlay_samba: DNE
vivid/ubuntu-core_samba: DNE
wily_samba: released (2:4.1.11+dfsg-1ubuntu4)
xenial_samba: released (2:4.1.11+dfsg-1ubuntu4)
yakkety_samba: released (2:4.1.11+dfsg-1ubuntu4)
zesty_samba: released (2:4.1.11+dfsg-1ubuntu4)
devel_samba: released (2:4.1.11+dfsg-1ubuntu4)
|