CVE-2014-8143 Information

Description

Samba 4.0.x before 4.0.24 4.1.x before 4.1.16 and 4.2.x before 4.2rc4 when an Active Directory Domain Controller (AD DC) is configured allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit and consequently gain privileges by leveraging delegation of authority for user-account or computer-account creation.

Reference

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html http://secunia.com/advisories/62594 http://www.securityfocus.com/bid/72278 http://www.securitytracker.com/id/1031615 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.416326 http://www.ubuntu.com/usn/USN-2481-1 https://download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch https://download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch https://exchange.xforce.ibmcloud.com/vulnerabilities/100596 https://www.samba.org/samba/security/CVE-2014-8143