CVE-2012-6150
samba: pam_winbind fails open when non-existent group specified to require_membership_of
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake.
La función winbind_name_list_to_sid_string_list en nsswitch/pam_winbind.c en Samba hasta v4.1.2 maneja nombres de grupo require_membership_of inválidos aceptando autenticación de cualquier usuario, lo cual permite a usuarios autenticados remotamente sortear restricciones de acceso en circunstancias oportunistas mediante el aprovechamiento de un error en el fichero de configuración de administración pam_winbind.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-12-06 CVE Reserved
- 2013-12-03 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2024-10-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (18)
URL | Tag | Source |
---|---|---|
http://openwall.com/lists/oss-security/2013/12/03/5 | Mailing List |
URL | Date | SRC |
---|---|---|
https://lists.samba.org/archive/samba-technical/2012-June/084593.html | 2024-08-06 | |
https://lists.samba.org/archive/samba-technical/2013-November/096411.html | 2024-08-06 |
URL | Date | SRC |
---|---|---|
https://bugzilla.samba.org/show_bug.cgi?id=10300 | 2022-09-01 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 3.3.10 < 3.4.0 Search vendor "Samba" for product "Samba" and version " >= 3.3.10 < 3.4.0" | - |
Affected
| ||||||
Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 3.4.3 < 3.6.22 Search vendor "Samba" for product "Samba" and version " >= 3.4.3 < 3.6.22" | - |
Affected
| ||||||
Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 4.0.0 < 4.0.13 Search vendor "Samba" for product "Samba" and version " >= 4.0.0 < 4.0.13" | - |
Affected
| ||||||
Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 4.1.0 < 4.1.3 Search vendor "Samba" for product "Samba" and version " >= 4.1.0 < 4.1.3" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 10.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.10" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 13.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "13.04" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 13.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "13.10" | - |
Affected
|