The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x prior to 3.4.17, 3.5.x prior to 3.5.15, and 3.6.x prior to 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
samba samba 3.4.4 |
||
samba samba 3.4.5 |
||
samba samba 3.4.12 |
||
samba samba 3.4.13 |
||
samba samba 3.4.1 |
||
samba samba 3.4.2 |
||
samba samba 3.4.3 |
||
samba samba 3.4.10 |
||
samba samba 3.4.11 |
||
samba samba 3.4.0 |
||
samba samba 3.4.8 |
||
samba samba 3.4.9 |
||
samba samba 3.4.16 |
||
samba samba 3.4.6 |
||
samba samba 3.4.7 |
||
samba samba 3.4.14 |
||
samba samba 3.4.15 |
||
samba samba 3.5.2 |
||
samba samba 3.5.3 |
||
samba samba 3.5.11 |
||
samba samba 3.5.12 |
||
samba samba 3.5.0 |
||
samba samba 3.5.1 |
||
samba samba 3.5.8 |
||
samba samba 3.5.9 |
||
samba samba 3.5.10 |
||
samba samba 3.5.6 |
||
samba samba 3.5.7 |
||
samba samba 3.5.4 |
||
samba samba 3.5.5 |
||
samba samba 3.5.13 |
||
samba samba 3.5.14 |
||
samba samba 3.6.1 |
||
samba samba 3.6.0 |
||
samba samba 3.6.4 |
||
samba samba 3.6.2 |
||
samba samba 3.6.3 |