PT-2014-9093 · Samba+4 · Samba+4

Published

1970-01-01

·

Updated

2024-06-15

·

CVE-2013-4496

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Samba versions 3.x through 3.6.22 Samba versions 4.0.x through 4.0.15 Samba versions 4.1.x through 4.1.5
Description The issue is related to the SAMR server in Samba, which neglects to ensure that attempted password changes will update the bad password count and does not set the lockout flags. This allows a user unlimited attempts against the password by simply calling ChangePasswordUser2 repeatedly. The exploitation of this issue can be done remotely and may lead to a breach of confidentiality.
Recommendations For Samba versions 3.x through 3.6.22, update to version 3.6.23 or later. For Samba versions 4.0.x through 4.0.15, update to version 4.0.16 or later. For Samba versions 4.1.x through 4.1.5, update to version 4.1.6 or later. As a temporary workaround, consider restricting access to the ChangePasswordUser2 SAMR interface until a patch is available.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-255

Related Identifiers

ALT-PU-2014-1308
BDU:2015-00388
BDU:2015-04322
BDU:2015-04323
BDU:2015-04324
BDU:2015-04325
BDU:2015-04326
BDU:2015-04327
BDU:2015-04328
BDU:2015-04329
BDU:2015-04330
BDU:2015-04331
BDU:2015-04332
BDU:2015-04333
BDU:2015-04334
BDU:2015-04335
BDU:2015-04336
BDU:2015-04337
BDU:2015-04338
BDU:2015-04339
BDU:2015-06049
BDU:2015-08932
CESA-2014_0330
CESA-2014_0383
CVE-2013-4496
ECHO-345D-2825-2C85
MGASA-2014-0138
OPENSUSE-SU-2016_1106-1
OPENSUSE-SU-2024:10069-1
RHSA-2014:0330
RHSA-2014:0383
RHSA-2014_0330
RHSA-2014_0383
SUSE-SU-2014_0497-1
SUSE-SU-2014_0901-1
SUSE-SU-2015:0386-1
USN-2156-1

Affected Products

Alt Linux
Centos
Red Hat
Samba
Suse