Samba Active Directory Domain Controller Access Control Vulnerability

Last Update Date: 17 Jan 2013 10:00 Release Date: 17 Jan 2013 3731 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Network Management

TYPE: Network Management

A vulnerability has been identified in Samba. A remote authenticated user can gain write access to certain objects in the target directory.

  1. A remote authenticated user can send specially crafted data to trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the target user.
  2. A remote authenticated user that has Active Directory access to an object based on the objectClass of the object is granted write access to the target object.
  3. A remote authenticated user with write access to any attribute of the target object may be granted write access to all attributes of the target object.

Impact

  • Remote Code Execution
  • Data Manipulation

System / Technologies affected

  • Version 4.0.0

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Adobe ColdFusion Multiple Vulerabilities

8 Jan 2013 4704 Views

Next

Oracle Java Unspecified Code Execution Vulnerability

11 Jan 2013 15095 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY