VDB
GCVE-110-MAGEIA-2014-138
GCVE-110-MAGEIA-2014-138
Advisory Published
In Samba before 3.6.23, the SAMR server neglects to ensure that attempted
password changes will update the bad password count, and does not set the
lockout flags. This would allow a user unlimited attempts against the
password by simply calling ChangePasswordUser2 repeatedly. This is
available without any other authentication (CVE-2013-4496)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | x11-driver-video-intel | 2.99.909-1.2.mga4 (unaffected), 0 (affected) | — |
| Mageia | samba | 0 (affected), 3.6.15-1.4.mga3 (unaffected), 0 (affected), 3.6.15-1.4.mga3 (unaffected) | — |
| Mageia | samba | 0 (affected), 3.6.23-1.mga4 (unaffected), 0 (affected), 3.6.23-1.mga4 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,196 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.