A remote attacker may leverage this vulnerability to perform SQL injection and may also obtain additional system privileges.

OpenLDAP is updated to 2.5.13 and 2.6.3 which address this issue. End-users should update to these releases.

Red Hat Enterprise Linux 6 and 7 are affected by a critical privilege escalation issue in the Samba LDAP server. A user with the “root” account may create a trusted smb:/ path into which they may place arbitrary SQL commands. This allows an attacker with network access to this vulnerable server to run commands with root privileges.
A patch has been released for Red Hat Enterprise Linux 6 and 7. End-users are encouraged to update to these releases.

Red Hat Enterprise Linux 6 and 7 are affected by a critical privilege escalation issue in the Samba LDAP server. A user with the “root” account may create a trusted smb:/ path into which they may place arbitrary SQL commands. This allows an attacker with network access to this vulnerable server to run commands with root privileges.A patch has been released for Red Hat Enterprise Linux 6 and 7. End-users are encouraged to update to these releases.
Red Hat Enterprise Linux 5 and 6 are affected by a critical privilege escalation issue in the Samba LDAP server. A user with the “root” account may create a trusted smb:/ path into which they may place arbitrary SQL commands. This allows an attacker with network access

Red Hat Enterprise Linux 6 and 7 are affected by a critical privilege escalation issue in the Samba LDAP server. A user with the “root” account may create a trusted smb:/ path into which they may place arbitrary SQL commands. This allows an attacker with network access to this vulnerable server to run commands with root privileges.A patch has been released for Red Hat Enterprise Linux 6 and 7. End-users are encouraged to update to these releases.

Red Hat Enterprise Linux 6 and 7 are affected by a critical privilege escalation issue in the Samba LDAP server. A user with the “root” account may create a trusted smb:/ path into which they may place arbitrary SQL commands. This allows an attacker with network access to this vulnerable server to run commands with root privileges.A patch has been released for Red Hat Enterprise Linux 6 and 7. End-users are encouraged to update to these releases..

Red Hat Enterprise Linux 5 and 6 are affected by a critical privilege escalation issue in the Samba

LDAP server. A user with the “root” account may create a trusted smb:/ path into which they may place arbitrary SQL commands. This allows an attacker with network access to this vulnerable server to run commands with root privileges.
A patch has been released for Red Hat Enterprise Linux 6 and 7. End-users are encouraged to update to these releases.
Red Hat Enterprise Linux 5 and 6 are affected by a critical privilege escalation issue in the Samba LDAP server. A user with the “root” account may create a trusted smb:/ path into which they may place arbitrary SQL commands. This allows an attacker with network access to this vulnerable server to run commands with root privileges.A patch has been released for Red Hat Enterprise Linux 6 and 7. End-users are encouraged to update to these releases.
OpenLDAP is updated to 2.5.13 and 2.6.3 which address this issue, so you should upgrade your OpenLDAP installation too!

Important Information

A remote attacker may leverage this vulnerability to perform SQL injection and may also obtain additional system privileges.OpenLDAP is updated to 2.5.13 and 2.6.3 which address this issue. End-users should update to these releases.

Timeline

Published on: 05/04/2022 20:15:00 UTC
Last modified on: 06/09/2022 19:15:00 UTC

References