製品・ソフトウェアに関する情報

JVN脆弱性詳細

Samba の dsdb/samdb/ldb_modules/samldb.c の samldb_check_user_account_control_acl 関数におけるアクセス制限を回避される脆弱性

Title	Samba の dsdb/samdb/ldb_modules/samldb.c の samldb_check_user_account_control_acl 関数におけるアクセス制限を回避される脆弱性
Summary	Samba の dsdb/samdb/ldb_modules/samldb.c の samldb_check_user_account_control_acl 関数は、マシンのアカウントの作成時に管理権限を適切にチェックしないため、アクセス制限を回避される脆弱性が存在します。本脆弱性は、CVE-2015-2535 と同様の問題です。
Possible impacts	リモート認証されたユーザにより、Samba DC および Windows DC の両方を持つドメインの存在を利用されることで、アクセス制限を回避される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Dec. 10, 2015, midnight
Registration Date	Jan. 5, 2016, 1:57 p.m.
Last Update	Jan. 5, 2016, 1:57 p.m.

CVSS2.0 : 警告
Score	6
Vector	AV:N/AC:M/Au:S/C:P/I:P/A:P

Affected System

Samba Project

Samba 4.1.22 未満の 4.x

Samba 4.2.7 未満の 4.2.x

Samba 4.3.3 未満の 4.3.x

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2015-8467	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467
National Vulnerability Database (NVD)
2	CVE-2015-8467	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8467
Samba
3	CVE-2015-8467: samdb: Match MS15-096 behaviour for userAccountControl	https://git.samba.org/?p=samba.git;a=commit;h=b000da128b5fb519d2d3f2e7fd20e4a25b7dae7d
Samba Security Announcement
4	CVE-2015-8467.html	https://www.samba.org/samba/security/CVE-2015-8467.html

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-264	https://jvndb.jvn.jp/ja/cwe/CWE-264.html

ベンダー情報

No	Name	URL
Red Hat Bugzilla
1	Bug 1290294	https://bugzilla.redhat.com/show_bug.cgi?id=1290294

Change Log

No	Changed Details	Date of change
0	[2016年01月05日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2015-8467

Summary	The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535.
Publication Date	Dec. 30, 2015, 7:59 a.m.
Registration Date	Jan. 26, 2021, 2:58 p.m.
Last Update	Nov. 21, 2024, 11:38 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:samba:samba::::::::	4.3.0			4.3.3
cpe:2.3:a:samba:samba::::::::	4.0.0			4.1.22
cpe:2.3:a:samba:samba::::::::	4.2.0			4.2.7

Configuration2	or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

Related information, measures and tools

No	URL	タグ
1	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html	Mailing List Third Party Advisory
2	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html	Mailing List Third Party Advisory
3	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00020.html	Mailing List Third Party Advisory
4	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00020.html	Mailing List Third Party Advisory
5	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00032.html	Mailing List Third Party Advisory
6	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00032.html	Mailing List Third Party Advisory
7	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html	Mailing List Third Party Advisory
8	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html	Mailing List Third Party Advisory
9	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html	Mailing List Third Party Advisory
10	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html	Mailing List Third Party Advisory
11	http://www.debian.org/security/2016/dsa-3433	Third Party Advisory
12	http://www.debian.org/security/2016/dsa-3433	Third Party Advisory
13	http://www.securityfocus.com/bid/79735	Third Party Advisory VDB Entry
14	http://www.securityfocus.com/bid/79735	Third Party Advisory VDB Entry
15	http://www.securitytracker.com/id/1034493	Third Party Advisory VDB Entry
16	http://www.securitytracker.com/id/1034493	Third Party Advisory VDB Entry
17	http://www.ubuntu.com/usn/USN-2855-1	Third Party Advisory
18	http://www.ubuntu.com/usn/USN-2855-1	Third Party Advisory
19	http://www.ubuntu.com/usn/USN-2855-2	Third Party Advisory
20	http://www.ubuntu.com/usn/USN-2855-2	Third Party Advisory
21	https://bugzilla.redhat.com/show_bug.cgi?id=1290294	Issue Tracking Third Party Advisory
22	https://bugzilla.redhat.com/show_bug.cgi?id=1290294	Issue Tracking Third Party Advisory
23	https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=b000da128b5fb519d2d3f2e7fd20e4a25b7dae7d
24	https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=b000da128b5fb519d2d3f2e7fd20e4a25b7dae7d
25	https://security.gentoo.org/glsa/201612-47	Third Party Advisory
26	https://security.gentoo.org/glsa/201612-47	Third Party Advisory
27	https://www.samba.org/samba/security/CVE-2015-8467.html	Vendor Advisory
28	https://www.samba.org/samba/security/CVE-2015-8467.html	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-269	不適切な権限管理	https://cwe.mitre.org/data/definitions/269.html