CVE-2014-8143

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.

References

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html

http://secunia.com/advisories/62594

http://www.securityfocus.com/bid/72278

http://www.securitytracker.com/id/1031615

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.416326

http://www.ubuntu.com/usn/USN-2481-1

https://download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch

https://download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/100596

https://www.samba.org/samba/security/CVE-2014-8143

Details

Source: MITRE

Published: 2015-01-17

Updated: 2017-09-08

Type: CWE-264

Risk Information

CVSS v2

Base Score: 8.5

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 6.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:samba:samba:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.6:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.7:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.8:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.9:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.10:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.11:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.12:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.13:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.14:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.15:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.16:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.17:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.18:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.19:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.20:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.21:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.22:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.23:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.2:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.9:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.10:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.11:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.12:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.13:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.14:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.15:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.0:rc2:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.0:rc3:*:*:*:*:*:*

Tenable Plugins

View all (8 total)

IDNameProductFamilySeverity
90558openSUSE Security Update : samba (openSUSE-2016-462) (Badlock)NessusSuSE Local Security Checks
high
8758Samba 4.x < 4.0.24 / 4.1.x < 4.1.16 / 4.2.x < 4.2rc4 UF_SERVER_TRUST_ACCOUNT AD DC Privilege EscalationNessus Network MonitorSamba
high
82336Mandriva Linux Security Advisory : samba4 (MDVSA-2015:083)NessusMandriva Local Security Checks
critical
81561openSUSE Security Update : samba (openSUSE-2015-179)NessusSuSE Local Security Checks
critical
80944Ubuntu 14.04 LTS / 14.10 : samba vulnerability (USN-2481-1)NessusUbuntu Local Security Checks
high
80916Samba 4.x < 4.0.24 / 4.1.16 UF_SERVER_TRUST_ACCOUNT AD DC Privilege EscalationNessusMisc.
high
80883Slackware 14.1 / current : samba (SSA:2015-020-01)NessusSlackware Local Security Checks
high
80559FreeBSD : samba -- Elevation of privilege to Active Directory Domain Controller (d4f45676-9d33-11e4-8275-000c292e4fd8)NessusFreeBSD Local Security Checks
high