Intrusion Prevention



This indicates an attack attempt to exploit a Privilege Escalation vulnerability in Samba server.
The vulnerability is due to an error in Samba Active Directory DC implementation when change the user password via LDAP. A remote attacker may be able to exploit this to rest the passwords of admin users on the affected system.

Affected Products

Samba Team Samba 4.0 to 4.4
Samba Team Samba 4.5 before 4.5.16
Samba Team Samba 4.6 before 4.6.14
Samba Team Samba 4.7 before 4.7.6


Privilege Escalation: Remote attackers can leverage their privilege on the vulnerable systems.

Recommended Actions

Refer to the vendor's website for the suggested workaround.

CVE References