CVE-2013-0172
Description
Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute.
Risk Information
Base Score
8.1
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.283
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Ctdb update (ELSA-2018-3056) ctdb-4.8.3-4.el7.x86_64.rpm | Linux |
| Ctdb-tests update (ELSA-2018-3056) ctdb-tests-4.8.3-4.el7.x86_64.rpm | Linux |
| Libsmbclient update (ELSA-2018-3056) libsmbclient-4.8.3-4.el7.x86_64.rpm | Linux |
| Libsmbclient-devel update (ELSA-2018-3056) libsmbclient-devel-4.8.3-4.el7.x86_64.rpm | Linux |
| Libwbclient update (ELSA-2018-3056) libwbclient-4.8.3-4.el7.x86_64.rpm | Linux |
| Libwbclient-devel update (ELSA-2018-3056) libwbclient-devel-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba update (ELSA-2018-3056) samba-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-client update (ELSA-2018-3056) samba-client-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-client-libs update (ELSA-2018-3056) samba-client-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-common-libs update (ELSA-2018-3056) samba-common-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-common-tools update (ELSA-2018-3056) samba-common-tools-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-dc update (ELSA-2018-3056) samba-dc-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-dc-libs update (ELSA-2018-3056) samba-dc-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-devel update (ELSA-2018-3056) samba-devel-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-krb5-printing update (ELSA-2018-3056) samba-krb5-printing-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-libs update (ELSA-2018-3056) samba-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-python update (ELSA-2018-3056) samba-python-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-python-test update (ELSA-2018-3056) samba-python-test-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-test update (ELSA-2018-3056) samba-test-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-test-libs update (ELSA-2018-3056) samba-test-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-vfs-glusterfs update (ELSA-2018-3056) samba-vfs-glusterfs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind update (ELSA-2018-3056) samba-winbind-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind-clients update (ELSA-2018-3056) samba-winbind-clients-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind-krb5-locator update (ELSA-2018-3056) samba-winbind-krb5-locator-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind-modules update (ELSA-2018-3056) samba-winbind-modules-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-common update (ELSA-2018-3056) samba-common-4.8.3-4.el7.noarch.rpm | Linux |
| Samba-pidl update (ELSA-2018-3056) samba-pidl-4.8.3-4.el7.noarch.rpm | Linux |
| Libsmbclient update (ELSA-2018-3056) libsmbclient-4.8.3-4.el7.i686.rpm | Linux |
| Libsmbclient-devel update (ELSA-2018-3056) libsmbclient-devel-4.8.3-4.el7.i686.rpm | Linux |
| Libwbclient update (ELSA-2018-3056) libwbclient-4.8.3-4.el7.i686.rpm | Linux |
| Libwbclient-devel update (ELSA-2018-3056) libwbclient-devel-4.8.3-4.el7.i686.rpm | Linux |
| Samba-client-libs update (ELSA-2018-3056) samba-client-libs-4.8.3-4.el7.i686.rpm | Linux |
| Samba-devel update (ELSA-2018-3056) samba-devel-4.8.3-4.el7.i686.rpm | Linux |
| Samba-libs update (ELSA-2018-3056) samba-libs-4.8.3-4.el7.i686.rpm | Linux |
| Samba-test-libs update (ELSA-2018-3056) samba-test-libs-4.8.3-4.el7.i686.rpm | Linux |
| Samba-winbind-modules update (ELSA-2018-3056) samba-winbind-modules-4.8.3-4.el7.i686.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234