CVE-2014-8143
Publication date 16 January 2015
Last updated 24 July 2024
Ubuntu priority
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.
Status
Package | Ubuntu Release | Status |
---|---|---|
samba | ||
16.04 LTS xenial |
Fixed 2:4.1.11+dfsg-1ubuntu4
|
|
14.04 LTS trusty |
Fixed 2:4.1.6+dfsg-1ubuntu2.14.04.4
|
|
samba4 | ||
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
Patch details
References
Related Ubuntu Security Notices (USN)
- USN-2481-1
- Samba vulnerability
- 22 January 2015