Test ID:	1.3.6.1.4.1.25623.1.0.117771
Category:	Privilege escalation
Title:	Samba Privilege Escalation Vulnerability (CVE-2014-8143)
Summary:	In Samba's AD DC we neglected to ensure that attempted; modifications of the userAccountControl attribute did not allow the UF_SERVER_TRUST_ACCOUNT bit to; be set.
Description:	Summary: In Samba's AD DC we neglected to ensure that attempted modifications of the userAccountControl attribute did not allow the UF_SERVER_TRUST_ACCOUNT bit to be set. Vulnerability Insight: Samba's AD DC allows the administrator to delegate creation of user or computer accounts to specific users or groups. However, all released versions of Samba's AD DC did not implement the additional required check on the UF_SERVER_TRUST_ACCOUNT bit in the userAccountControl attributes. Affected Software/OS: Samba versions 4.0.0 through 4.0.23 and 4.1.x through 4.1.15. Solution: Update to version 4.0.24, 4.1.16 or later. CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8143 BugTraq ID: 72278 http://www.securityfocus.com/bid/72278 http://www.securitytracker.com/id/1031615 http://secunia.com/advisories/62594 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.416326 SuSE Security Announcement: openSUSE-SU-2015:0375 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html SuSE Security Announcement: openSUSE-SU-2016:1064 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html http://www.ubuntu.com/usn/USN-2481-1 XForce ISS Database: samba-cve20148143-priv-esc(100596) https://exchange.xforce.ibmcloud.com/vulnerabilities/100596
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.