Bug 914279 (CVE-2014-8143) - VUL-0: CVE-2014-8143 samba: Privileges elevation to Active Directory Domain Controller
Summary: VUL-0: CVE-2014-8143 samba: Privileges elevation to Active Directory Domain C...
Status: RESOLVED WORKSFORME
Alias: CVE-2014-8143
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P5 - None : Normal
Target Milestone: ---
Assignee: Lars Müller
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/112708/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-01-22 12:45 UTC by Victor Pereira
Modified: 2016-04-17 13:12 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2015-01-22 12:45:34 UTC 
rh#1181638

Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an
Active Directory Domain Controller (AD DC) is configured, allows remote
authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT
bit, and consequently gain privileges, by leveraging delegation of authority for
user-account or computer-account creation.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1181638
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8143
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-8143.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8143
https://www.samba.org/samba/security/CVE-2014-8143
https://download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch
https://download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch
Comment 1 Lars Müller 2015-01-22 12:51:29 UTC 
This defect is limited to the Active Directory Domain Controller (AD DC) component which we don't offer yet as it depends on the Heimdal Kerberos implementation.
Comment 2 Bernhard Wiedemann 2015-01-22 19:00:10 UTC 
This is an autogenerated message for OBS integration:
This bug (914279) was mentioned in
https://build.opensuse.org/request/show/282480 Factory / samba
Comment 3 Swamp Workflow Management 2015-02-25 14:07:22 UTC 
openSUSE-SU-2015:0375-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 914279,917376
CVE References: CVE-2014-8143,CVE-2015-0240
Sources used:
openSUSE 13.2 (src):    samba-4.1.17-5.1
openSUSE 13.1 (src):    samba-4.1.17-3.30.1
Comment 4 Swamp Workflow Management 2016-04-17 13:12:52 UTC 
openSUSE-SU-2016:1064-1: An update that solves 16 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 898031,901813,912457,913238,913547,914279,917376,919309,924519,936862,942716,946051,947552,949022,958581,958582,958583,958584,958585,958586,964023,966271,968222,968973,971965,972197,973031,973032,973033,973034,973036,973832,974629
CVE References: CVE-2014-8143,CVE-2015-0240,CVE-2015-3223,CVE-2015-5252,CVE-2015-5296,CVE-2015-5299,CVE-2015-5330,CVE-2015-5370,CVE-2015-7560,CVE-2015-8467,CVE-2016-2110,CVE-2016-2111,CVE-2016-2112,CVE-2016-2113,CVE-2016-2115,CVE-2016-2118
Sources used:
openSUSE 13.2 (src):    samba-4.2.4-34.1