Samba 4.0.x LDAP ObjectClass Access Control Bypass Vulnerability

Samba 4.0.x LDAP ObjectClass Access Control Bypass Vulnerability

CVE-2013-0172 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute.

Learn more about our User Device Pen Test.