// For flags

CVE-2012-6150

samba: pam_winbind fails open when non-existent group specified to require_membership_of

Severity Score

3.6
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake.

La función winbind_name_list_to_sid_string_list en nsswitch/pam_winbind.c en Samba hasta v4.1.2 maneja nombres de grupo require_membership_of inválidos aceptando autenticación de cualquier usuario, lo cual permite a usuarios autenticados remotamente sortear restricciones de acceso en circunstancias oportunistas mediante el aprovechamiento de un error en el fichero de configuración de administración pam_winbind.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
None
Attack Vector
Adjacent
Attack Complexity
High
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-12-06 CVE Reserved
  • 2013-12-03 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • 2024-10-23 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Samba
Search vendor "Samba"
Samba
Search vendor "Samba" for product "Samba"
>= 3.3.10 < 3.4.0
Search vendor "Samba" for product "Samba" and version " >= 3.3.10 < 3.4.0"
-
Affected
Samba
Search vendor "Samba"
Samba
Search vendor "Samba" for product "Samba"
>= 3.4.3 < 3.6.22
Search vendor "Samba" for product "Samba" and version " >= 3.4.3 < 3.6.22"
-
Affected
Samba
Search vendor "Samba"
Samba
Search vendor "Samba" for product "Samba"
>= 4.0.0 < 4.0.13
Search vendor "Samba" for product "Samba" and version " >= 4.0.0 < 4.0.13"
-
Affected
Samba
Search vendor "Samba"
Samba
Search vendor "Samba" for product "Samba"
>= 4.1.0 < 4.1.3
Search vendor "Samba" for product "Samba" and version " >= 4.1.0 < 4.1.3"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
10.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
12.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
12.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.10"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
13.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "13.04"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
13.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "13.10"
-
Affected