cvelist/2014/8xxx/CVE-2014-8143.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2014-8143",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch",
            "refsource" : "CONFIRM",
            "url" : "https://download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch"
         },
         {
            "name" : "https://download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch",
            "refsource" : "CONFIRM",
            "url" : "https://download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch"
         },
         {
            "name" : "https://www.samba.org/samba/security/CVE-2014-8143",
            "refsource" : "CONFIRM",
            "url" : "https://www.samba.org/samba/security/CVE-2014-8143"
         },
         {
            "name" : "SSA:2015-020-01",
            "refsource" : "SLACKWARE",
            "url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.416326"
         },
         {
            "name" : "openSUSE-SU-2015:0375",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html"
         },
         {
            "name" : "openSUSE-SU-2016:1064",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html"
         },
         {
            "name" : "USN-2481-1",
            "refsource" : "UBUNTU",
            "url" : "http://www.ubuntu.com/usn/USN-2481-1"
         },
         {
            "name" : "72278",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/72278"
         },
         {
            "name" : "1031615",
            "refsource" : "SECTRACK",
            "url" : "http://www.securitytracker.com/id/1031615"
         },
         {
            "name" : "62594",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/62594"
         },
         {
            "name" : "samba-cve20148143-priv-esc(100596)",
            "refsource" : "XF",
            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100596"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2014-8143",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://download.samba.org/pub/samba/patches/security/samba-4.0.23-CVE-2014-8143.patch"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://download.samba.org/pub/samba/patches/security/samba-4.1.15-CVE-2014-8143.patch"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://www.samba.org/samba/security/CVE-2014-8143",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://www.samba.org/samba/security/CVE-2014-8143"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "SSA:2015-020-01",`
			`"refsource" : "SLACKWARE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.416326"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "openSUSE-SU-2015:0375",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "openSUSE-SU-2016:1064",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "USN-2481-1",`
			`"refsource" : "UBUNTU",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.ubuntu.com/usn/USN-2481-1"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "72278",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/72278"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "1031615",`
			`"refsource" : "SECTRACK",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securitytracker.com/id/1031615"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "62594",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/62594"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "samba-cve20148143-priv-esc(100596)",`
			`"refsource" : "XF",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100596"`
			`}`
			`]`
			`}`
			`}`