CVE-2013-4496
Published: 14 March 2014
Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) SAMR or (2) RAP attempts.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
samba Launchpad, Ubuntu, Debian |
lucid |
Released
(2:3.4.7~dfsg-1ubuntu3.14)
|
| precise |
Released
(2:3.6.3-2ubuntu2.10)
|
|
| quantal |
Released
(2:3.6.6-3ubuntu5.4)
|
|
| saucy |
Released
(2:3.6.18-1ubuntu3.2)
|
|
| trusty |
Released
(2:4.1.3+dfsg-2ubuntu4)
|
|
| upstream |
Released
(3.6.23, 4.0.16, 4.1.6)
|
|
| utopic |
Released
(2:4.1.3+dfsg-2ubuntu4)
|
|
| vivid |
Released
(2:4.1.3+dfsg-2ubuntu4)
|
|
| wily |
Released
(2:4.1.3+dfsg-2ubuntu4)
|
|
| xenial |
Released
(2:4.1.3+dfsg-2ubuntu4)
|
|
| yakkety |
Released
(2:4.1.3+dfsg-2ubuntu4)
|
|
| zesty |
Released
(2:4.1.3+dfsg-2ubuntu4)
|
|
|
samba4 Launchpad, Ubuntu, Debian |
lucid |
Ignored
(reached end-of-life)
|
| precise |
Does not exist
(precise was needed)
|
|
| quantal |
Ignored
(reached end-of-life)
|
|
| saucy |
Ignored
(reached end-of-life)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(4.0.16, 4.1.6)
|
|
| utopic |
Does not exist
|
|
| vivid |
Does not exist
|
|
| wily |
Does not exist
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|