Vulnerability Details : CVE-2015-8467
The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535.
Products affected by CVE-2015-8467
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-8467
0.86%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-8467
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.0
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:P |
6.8
|
6.4
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.6
|
5.9
|
NIST |
CWE ids for CVE-2015-8467
-
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-8467
-
https://security.gentoo.org/glsa/201612-47
Samba: Multiple vulnerabilities (GLSA 201612-47) — Gentoo securityThird Party Advisory
-
http://www.debian.org/security/2016/dsa-3433
Debian -- Security Information -- DSA-3433-1 sambaThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00032.html
[security-announce] openSUSE-SU-2015:2354-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
[security-announce] openSUSE-SU-2016:1064-1: important: Security updateMailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/79735
Samba Active Directory CVE-2015-8467 Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html
[security-announce] SUSE-SU-2015:2304-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html
[security-announce] openSUSE-SU-2015:2356-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00020.html
[security-announce] SUSE-SU-2015:2305-1: important: Security update forMailing List;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2855-2
USN-2855-2: Samba regression | Ubuntu security noticesThird Party Advisory
-
https://git.samba.org/?p=samba.git;a=commit;h=b000da128b5fb519d2d3f2e7fd20e4a25b7dae7d
git.samba.org - samba.git/commitPatch;Vendor Advisory
-
http://www.securitytracker.com/id/1034493
Samba Multiple Flaws Let Remote Users Access Data and Files, Obtain Potentially Sensitive Information, and Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
-
https://bugzilla.redhat.com/show_bug.cgi?id=1290294
1290294 – (CVE-2015-8467) CVE-2015-8467 samba: Denial of service attack against Windows Active Directory server.Issue Tracking;Third Party Advisory
-
https://www.samba.org/samba/security/CVE-2015-8467.html
Samba - Security Announcement ArchiveVendor Advisory
-
http://www.ubuntu.com/usn/USN-2855-1
USN-2855-1: Samba vulnerabilities | Ubuntu security noticesThird Party Advisory
Jump to