Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Samba >= 3.4.0 Credentials Management Errors Vulnerability (CVE-2013-4496)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
In Samba's SAMR server we neglect to ensure that attempted password changes will update the bad password count, nor set the lockout flags. This would allow a user unlimited attempts against the password by simply calling ChangePasswordUser2 repeatedly. This is available without any other authentication.
Insight
Insight
Samba versions 3.4.0 and above allow the administrator to implement locking out Samba accounts after a number of bad password attempts. However, all released versions of Samba did not implement this check for password changes, such as are available over multiple SAMR and RAP interfaces, allowing password guessing attacks. As this was found during an internal audit of the Samba code there are no currently known exploits for this problem (as of March 11th 2014).
Affected Software
Affected Software
Samba versions 3.4.0 through 3.6.22, 4.0.0 through 4.0.15 and 4.1.0 through 4.1.5.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 3.6.23, 4.0.16, 4.1.6 or later.