Lucene search
K

5 matches found

Prion
Prion
added 2015/12/29 10:59 p.m.21 views

Design/Logic Flaw

The samldbcheckuseraccountcontrolacl function in dsdb/samdb/ldbmodules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass...

6CVSS6.7AI score0.11526EPSS
Exploits0References14Affected Software3
UbuntuCve
UbuntuCve
added 2015/12/16 12:0 a.m.22 views

CVE-2015-8467

The samldbcheckuseraccountcontrolacl function in dsdb/samdb/ldbmodules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass...

7.5CVSS7.1AI score0.03131EPSS
Exploits0References3
CVE
CVE
added 2015/09/09 12:0 a.m.94 views

CVE-2015-2535

CVE-2015-8467 affects Samba 4.x servers configured as AD DCs. The flaw in dsdb/samdb/ldb_modules/samldb.c allows remote authenticated users to bypass administrative privileges when creating machine accounts, by exploiting a domain that contains both a Samba DC and a Windows DC. This is related to...

4CVSS6.9AI score0.11526EPSS
Exploits0References2Affected Software2
OpenVAS
OpenVAS
added 2015/09/09 12:0 a.m.30 views

Microsoft Windows Active Directory Service Denial of Service Vulnerability (3072595)

This host is missing an important security update according to Microsoft Bulletin MS15-096. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4CVSS7.1AI score0.11526EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/09/08 12:0 a.m.36 views

MS15-096: Vulnerability in Active Directory Service Could Allow Denial of Service (3072595)

The remote Windows host is affected by a denial of service vulnerability in Active Directory that is triggered during the handling of a saturation of account creations. An authenticated, remote attacker, with privileges to join machines to a domain, can exploit this vulnerability by creating...

4CVSS7.3AI score0.11526EPSS
Exploits0References2
Rows per page
Query Builder