{"id":2046,"date":"2018-03-13T20:52:32","date_gmt":"2018-03-13T18:52:32","guid":{"rendered":"http:\/\/www.identitycosmos.com\/?p=2046"},"modified":"2018-03-13T20:52:32","modified_gmt":"2018-03-13T18:52:32","slug":"important-vulnerabilite-pour-samba-4-active-directory-dc-cve-2018-1057","status":"publish","type":"post","link":"https:\/\/identitycosmos.com\/index.php\/2018\/03\/13\/important-vulnerabilite-pour-samba-4-active-directory-dc-cve-2018-1057\/","title":{"rendered":"Important: vuln\u00e9rabilit\u00e9 concernant Samba 4 – Active Directory DC – CVE-2018-1057"},"content":{"rendered":"

L’\u00e9quipe Samba a d\u00e9couvert une vuln\u00e9rabilit\u00e9 critique\u00a0(CVE-2018-1057) sur Samba 4 en mode Active Directory Domain Controller. Cette vuln\u00e9rabilit\u00e9 n’impacte pas Samba en mode NT ou mode serveur de fichier.<\/p>\n

Cette vuln\u00e9rabilit\u00e9 permet \u00e0 n’importe quel utilisateur authentifi\u00e9 de modifier le mot de passe de tous les autres utilisateurs, ceci incluant les mots de passe des comptes d’administration de l’annuaire ! Tout cela au travers d’une simple connexion LDAP.<\/p>\n

Voir ce lien:\u00a0https:\/\/wiki.samba.org\/index.php\/CVE-2018-1057<\/a> pour l’explication li\u00e9e \u00e0 cette vuln\u00e9rabilit\u00e9 et comment corriger le probl\u00e8me.<\/p>\n

A corriger imm\u00e9diatement !<\/p>\n","protected":false},"excerpt":{"rendered":"

L’\u00e9quipe Samba a d\u00e9couvert une vuln\u00e9rabilit\u00e9 critique\u00a0(CVE-2018-1057) sur Samba 4 en mode Active Directory Domain Controller. Cette vuln\u00e9rabilit\u00e9 n’impacte pas Samba en mode NT ou mode serveur de fichier.<\/p>\n

Cette vuln\u00e9rabilit\u00e9 permet \u00e0 n’importe quel utilisateur authentifi\u00e9 de modifier le mot de passe de tous les autres utilisateurs, ceci incluant les mots de passe des comptes d’administration de l’annuaire ! Tout cela au travers d’une simple connexion LDAP.<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[14,75,209],"class_list":["post-2046","post","type-post","status-publish","format-standard","hentry","category-technique","tag-active-directory","tag-cve","tag-samba"],"_links":{"self":[{"href":"https:\/\/identitycosmos.com\/index.php\/wp-json\/wp\/v2\/posts\/2046","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/identitycosmos.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/identitycosmos.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/identitycosmos.com\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/identitycosmos.com\/index.php\/wp-json\/wp\/v2\/comments?post=2046"}],"version-history":[{"count":0,"href":"https:\/\/identitycosmos.com\/index.php\/wp-json\/wp\/v2\/posts\/2046\/revisions"}],"wp:attachment":[{"href":"https:\/\/identitycosmos.com\/index.php\/wp-json\/wp\/v2\/media?parent=2046"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/identitycosmos.com\/index.php\/wp-json\/wp\/v2\/categories?post=2046"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/identitycosmos.com\/index.php\/wp-json\/wp\/v2\/tags?post=2046"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}