The Register is reporting that "On a Samba 4 Active Directory domain controller (AD DC) any authenticated user can change other users' passwords over LDAP, including the passwords of administrative users and service accounts." The problem is in all versions of Samba from 4.0.0 and newer where it incorrectly validates permissions to change any other users' passwords over LDAP.
Pretty big bug that has been going on for a while from what it sounds like. You can read the full advisory warning from Samba here, and then get to patching.
There’s some good news in the form of this simple workaround samba_CVE-2018-1057_helper --lock-pwchange that turns off the mistakenly loose password-setting permissions. Once you’ve done that, visit samba.org/samba/security/ to download patched Samba versions 4.7.6, 4.6.14 and 4.5.16 to fix recent releases.
Pretty big bug that has been going on for a while from what it sounds like. You can read the full advisory warning from Samba here, and then get to patching.
There’s some good news in the form of this simple workaround samba_CVE-2018-1057_helper --lock-pwchange that turns off the mistakenly loose password-setting permissions. Once you’ve done that, visit samba.org/samba/security/ to download patched Samba versions 4.7.6, 4.6.14 and 4.5.16 to fix recent releases.