 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.113287 |
| Categoría: | Privilege escalation |
| Título: | Samba >= 4.0.0, <= 4.5.2 Multiple Privilege Escalation Vulnerabilities |
| Resumen: | Samba is prone to multiple privilege escalation vulnerabilities. |
| Descripción: | Summary: Samba is prone to multiple privilege escalation vulnerabilities. Vulnerability Insight: - CVE-2016-2126: Samba is prone to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to creash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions. - CVE-2016-2123: The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory corruption. By default, all authenticated LDAP users can write to the dnsRecord attribute on new DNS objects. This makes the defect a remote privilege escalation. Vulnerability Impact: Successful exploitation would allow an authenticated attacker to gain additional access rights. Affected Software/OS: Samba versions 4.0.0 through 4.3.12, 4.4.0 through 4.4.7 and 4.5.0 through 4.5.2. Solution: Update to version 4.3.13, 4.4.8 or 4.5.3 respectively. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-2126 BugTraq ID: 94994 http://www.securityfocus.com/bid/94994 RedHat Security Advisories: RHSA-2017:0494 http://rhn.redhat.com/errata/RHSA-2017-0494.html RedHat Security Advisories: RHSA-2017:0495 http://rhn.redhat.com/errata/RHSA-2017-0495.html RedHat Security Advisories: RHSA-2017:0662 http://rhn.redhat.com/errata/RHSA-2017-0662.html RedHat Security Advisories: RHSA-2017:0744 http://rhn.redhat.com/errata/RHSA-2017-0744.html RedHat Security Advisories: RHSA-2017:1265 https://access.redhat.com/errata/RHSA-2017:1265 http://www.securitytracker.com/id/1037495 Common Vulnerability Exposure (CVE) ID: CVE-2016-2123 1037493 http://www.securitytracker.com/id/1037493 94970 http://www.securityfocus.com/bid/94970 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2123 https://www.samba.org/samba/security/CVE-2016-2123.html |
| Copyright | Copyright (C) 2018 Greenbone Networks GmbH |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |