On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 8.0 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 17.10 |
||
samba samba |
Patch or risk Revenge Of The Users
Samba admins: get patching and/or updating. Unless you’re content to have your admin passwords overwritten by, well, anyone else using Samba. That’s the gist of an advisory warning that “On a Samba 4 Active Directory domain controller (AD DC) any authenticated user can change other users' passwords over LDAP, including the passwords of administrative users and service accounts.” “Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soo...