Samba.Active.Directory.LDAP.Password.Reset

description-logoDescription

This indicates an attack attempt to exploit a Privilege Escalation vulnerability in Samba server.
The vulnerability is due to an error in Samba Active Directory DC implementation when change the user password via LDAP. A remote attacker may be able to exploit this to rest the passwords of admin users on the affected system.

affected-products-logoAffected Products

Samba Team Samba 4.0 to 4.4
Samba Team Samba 4.5 before 4.5.16
Samba Team Samba 4.6 before 4.6.14
Samba Team Samba 4.7 before 4.7.6

Impact logoImpact

Privilege Escalation: Remote attackers can leverage their privilege on the vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's website for the suggested workaround.
https://www.samba.org/samba/security/CVE-2018-1057.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)