Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2015-8467
HistoryDec 29, 2015 - 10:59 p.m.

CVE-2015-8467

2015-12-2922:59:00
CWE-269
[email protected]
web.nvd.nist.gov
48
2
samba
cve-2015-8467
privilege bypass
authentication
security vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.7%

JSON

The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535.

Social References

More

Related

ubuntucve 1
f5 2
prion 2
samba 1
debiancve 1
openvas 12
osv 1
debian 2
nessus 14
freebsd 1
symantec 1
cve 1
altlinux 4
suse 5
ubuntu 2
ibm 1
gentoo 1
kaspersky 1
ubuntucve
ubuntucve
CVE-2015-8467
2015-12-16 00:00:00
f5
f5
K25499204 : Samba vulnerability CVE-2015-8467
2016-10-21 00:00:00
SOL25499204 - Samba vulnerability CVE-2015-8467
2016-10-21 00:00:00
prion
prion
Design/Logic Flaw
2015-12-29 22:59:00
Denial of service
2015-09-09 00:59:00
samba
samba
Denial of service attack against Windows
2015-12-16 00:00:00
debiancve
debiancve
CVE-2015-8467
2015-12-29 22:59:00
openvas
openvas
Samba 4.0.0 <= 4.3.2 Multiple Vulnerabilities
2021-09-24 00:00:00
Debian Security Advisory DSA 3433-1 (samba - security update)
2016-05-06 00:00:00
Debian: Security Advisory (DSA-3433-1)
2016-05-06 00:00:00
osv
osv
samba - security update
2016-01-02 00:00:00
debian
debian
[SECURITY] [DSA 3433-1] samba security update
2016-01-02 09:40:45
[SECURITY] [DSA 3433-1] samba security update
2016-01-02 09:40:27
nessus
nessus
FreeBSD : samba -- multiple vulnerabilities (ef434839-a6a4-11e5-8275-000c292e4fd8)
2015-12-21 00:00:00
Debian DSA-3433-1 : samba - security update
2016-01-04 00:00:00
MS15-096: Vulnerability in Active Directory Service Could Allow Denial of Service (3072595)
2015-09-08 00:00:00
freebsd
freebsd
samba -- multiple vulnerabilities
2015-12-16 00:00:00
symantec
symantec
Microsoft Active Directory CVE-2015-2535 Denial of Service Vulnerability
2015-09-08 00:00:00
cve
cve
CVE-2015-2535
2015-09-09 00:59:00
altlinux
altlinux
Security fix for the ALT Linux 8 package samba-DC version 4.3.3-alt1
2015-12-16 00:00:00
Security fix for the ALT Linux 8 package samba version 4.3.3-alt1
2015-12-16 00:00:00
Security fix for the ALT Linux 7 package samba version 4.3.3-alt1
2015-12-16 00:00:00
suse
suse
Security update for ldb, samba, talloc, tdb, tevent (important)
2015-12-18 22:10:59
Security update for ldb, samba, talloc, tdb, tevent (important)
2015-12-18 21:10:45
Security update for ldb, samba, talloc, tdb, tevent (important)
2015-12-24 03:10:28
ubuntu
ubuntu
Samba regression
2016-02-16 00:00:00
Samba vulnerabilities
2016-01-05 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Samba affect IBM i
2019-12-18 14:26:38
gentoo
gentoo
Samba: Multiple vulnerabilities
2016-12-24 00:00:00
kaspersky
kaspersky
KLA10656 Multiple vulnerabilities in Microsoft Windows
2015-09-08 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.7%

JSON
Related for CVE-2015-8467
ubuntucve1f52prion2samba1debiancve1openvas12osv1debian2nessus14freebsd1symantec1cve1altlinux4suse5ubuntu2ibm1gentoo1kaspersky1