CVE-2015-2535 — Improper Privilege Management in Microsoft Windows Server 2008

CWE-17 CWE-269 — Improper Privilege Management10 documents7 sources

Severity

7.5HIGHNVD

NVD4.0OSV4.0

EPSS

13.8%

top 5.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samba Debian Samba Canonical Ubuntu Linux +3 more

Timeline

PublishedSep 9

Latest updateMay 17

Description

Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service outage) by creating multiple machine accounts, aka "Active Directory Denial of Service Vulnerability."

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages4 packages

▶NVDmicrosoft/windowsr2

▶NVDsamba/samba4.0.0 — 4.1.22+2

▶debiandebian/samba< samba 2:4.1.22+dfsg-1 (bookworm)

▶Debiansamba/samba< 2:4.1.22+dfsg-1+3

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 12.04, 14.04, 15.04, 15.10

🔴Vulnerability Details

GHSA

GHSA-3mw8-88mv-4wcm: The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb↗2022-05-17

▶

GHSA

GHSA-p89f-xm5w-cmgq: Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of se↗2022-05-14

▶

OSV

CVE-2015-8467: The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb↗2015-12-29

▶

📋Vendor Advisories

Red Hat

samba: Denial of service attack against Windows Active Directory server.↗2015-12-16

▶

Debian

CVE-2015-8467: samba - The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/sam...↗2015

▶

🕵️Threat Intelligence

Talos

Microsoft Patch Tuesday - September 2015↗2015-09-08

▶

Talos

Microsoft Patch Tuesday - September 2015↗2015-09-08

▶

💬Community

Bugzilla

CVE-2015-8467 samba: Denial of service attack against Windows Active Directory server.↗2015-12-10

▶