610 matches found
Microsoft Windows Group Policy Remote Code Execution (MS15-011; CVE-2015-0008)
A remote code execution vulnerability exists in Microsoft Windows. The vulnerability is due to the way Group Policy receives and applies policy data when a domain-joined system connects to a domain controller. An attacker can exploit this vulnerability by convincing a victim with a...
Debian Security Advisory DSA 3171-1 (samba - security update)
Richard van Eeden of Microsoft Vulnerability Research discovered that Samba, a SMB/CIFS file, print, and login server for Unix, contains a flaw in the netlogon server code which allows remote code execution with root privileges from an unauthenticated connection. OpenVAS Vulnerability Test $Id:...
Microsoft Windows domain-configured client Group Policy fails to authenticate servers
Overview Microsoft Windows domain-configured client Group Policy fails to authenticate servers over Universal Naming Convention UNC paths. Description Microsoft has released MS15-011, detailing a critical flaw in which Windows domain-configured client Group Policy fails to authenticate servers ov...
CVE-2015-0008
The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication from the server to the client, which allows remot...
Security feature bypass
The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows man-in-the-middle attackers to...
Remote code execution
The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication from the server to the client, which allows remot...
Microsoft Windows SMB Security Feature Bypass (MS15-014; CVE-2015-0009)
A security feature bypass vulnerability exists in Microsoft Windows. The vulnerability is due to the way Group Policy settings are applied when SMB signing failures occur. An attacker can exploit this vulnerability by a man-in-the-middle attack that modifies domain controller responses to client...
Samba Elevation of Privilege Vulnerability
Samba is a set of programs that implement the SMB Server Messages Block protocol, cross-platform file sharing and print sharing services. The Samba AD DC allows administrators to assign user and computer account creation to certain users or groups, but fails to check the UFSERVERTRUSTACCOUNT bit...
Ubuntu 14.04 LTS : Samba vulnerability (USN-2481-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2481-1 advisory. Andrew Bartlett discovered that Samba incorrectly handled delegation of authority when being used as an Active Directory Domain Controller. An attacker given...
[slackware-security] samba
New samba packages are available for Slackware 14.1 and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/samba-4.1.16-i486-1slack14.1.txz: Upgraded. This update is a security release in order to address CVE-2014-8143 Elevation of privilege...
DEBIAN-CVE-2014-8143
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller AD DC is configured, allows remote authenticated users to set the LDB userAccountControl UFSERVERTRUSTACCOUNT bit, and consequently gain privileges, by leveraging delegation of...
CVE-2014-8143
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller AD DC is configured, allows remote authenticated users to set the LDB userAccountControl UFSERVERTRUSTACCOUNT bit, and consequently gain privileges, by leveraging delegation of...
CVE-2014-8143
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller AD DC is configured, allows remote authenticated users to set the LDB userAccountControl UFSERVERTRUSTACCOUNT bit, and consequently gain privileges, by leveraging delegation of...
FreeBSD : samba -- Elevation of privilege to Active Directory Domain Controller (d4f45676-9d33-11e4-8275-000c292e4fd8)
Samba team reports : In Samba's AD DC we neglected to ensure that attempted modifications of the userAccountControl attribute did not allow the UFSERVERTRUSTACCOUNT bit to be set. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
UBUNTU-CVE-2014-8143
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller AD DC is configured, allows remote authenticated users to set the LDB userAccountControl UFSERVERTRUSTACCOUNT bit, and consequently gain privileges, by leveraging delegation of...
samba -- Elevation of privilege to Active Directory Domain Controller
Samba team reports: In Samba's AD DC we neglected to ensure that attempted modifications of the userAccountControl attribute did not allow the UFSERVERTRUSTACCOUNT bit to be set...
Symantec pcAnywhere 9.0 Weak Encryption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1093/info Symantec pcAnywhere is shipped by default with a weak encryption scheme that is used to encrypt username and password transmittal. Therefore, usernames and password can be retrieved by anyone sniffing the networ...
Microsoft Windows NT 4.0 User Shell Folders Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1042/info The registry value HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Startup specifies the shared startup folder for all users on a system. This key is set to be...
openSUSE Security Update : samba (openSUSE-SU-2013:1787-1)
"the following security issues were fixed in samba : - ACLs are not checked on opening an alternate data stream on a file or directory; CVE-2013-4475; bso10229 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
Scientific Linux Security Update : samba and samba3x on SL5.x, SL6.x i386/srpm/x86_64 (20140325)
It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote attacker could use this flaw to perform password guessing attacks on Samba user accounts. Note: this flaw only affected Samba when deployed as a Primary Domain Controller. CVE-2013-4496 A flaw...