Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.703548 |
Category: | Debian Local Security Checks |
Title: | Debian Security Advisory DSA 3548-1 (samba - security update) |
Summary: | Several vulnerabilities have been;discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common;Vulnerabilities and Exposures project identifies the following issues:;;CVE-2015-5370;Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC;code which can lead to denial of service (crashes and high cpu;consumption) and man-in-the-middle attacks.;;CVE-2016-2110;Stefan Metzmacher of SerNet and the Samba Team discovered that the;feature negotiation of NTLMSSP does not protect against downgrade;attacks.;;CVE-2016-2111When Samba is configured as domain controller, it allows remote;attackers to spoof the computer name of a secure channel's endpoint,;and obtain sensitive session information. This flaw corresponds to;the same vulnerability as CVE-2015-0005;for Windows, discovered by;Alberto Solino from Core Security.;;CVE-2016-2112;Stefan Metzmacher of SerNet and the Samba Team discovered that a;man-in-the-middle attacker can downgrade LDAP connections to avoid;integrity protection.;;CVE-2016-2113;Stefan Metzmacher of SerNet and the Samba Team discovered that;man-in-the-middle attacks are possible for client triggered LDAP;connections and ncacn_http connections.;;CVE-2016-2114;Stefan Metzmacher of SerNet and the Samba Team discovered that Samba;does not enforce required smb signing even if explicitly configured.;;CVE-2016-2115;Stefan Metzmacher of SerNet and the Samba Team discovered that SMB;connections for IPC traffic are not integrity-protected.;;CVE-2016-2118;Stefan Metzmacher of SerNet and the Samba Team discovered that a;man-in-the-middle attacker can intercept any DCERPC traffic between;a client and a server in order to impersonate the client and obtain;the same privileges as the authenticated user account. |
Description: | Summary: Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-5370 Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC code which can lead to denial of service (crashes and high cpu consumption) and man-in-the-middle attacks. CVE-2016-2110 Stefan Metzmacher of SerNet and the Samba Team discovered that the feature negotiation of NTLMSSP does not protect against downgrade attacks. CVE-2016-2111When Samba is configured as domain controller, it allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information. This flaw corresponds to the same vulnerability as CVE-2015-0005 for Windows, discovered by Alberto Solino from Core Security. CVE-2016-2112 Stefan Metzmacher of SerNet and the Samba Team discovered that a man-in-the-middle attacker can downgrade LDAP connections to avoid integrity protection. CVE-2016-2113 Stefan Metzmacher of SerNet and the Samba Team discovered that man-in-the-middle attacks are possible for client triggered LDAP connections and ncacn_http connections. CVE-2016-2114 Stefan Metzmacher of SerNet and the Samba Team discovered that Samba does not enforce required smb signing even if explicitly configured. CVE-2016-2115 Stefan Metzmacher of SerNet and the Samba Team discovered that SMB connections for IPC traffic are not integrity-protected. CVE-2016-2118 Stefan Metzmacher of SerNet and the Samba Team discovered that a man-in-the-middle attacker can intercept any DCERPC traffic between a client and a server in order to impersonate the client and obtain the same privileges as the authenticated user account. Affected Software/OS: samba on Debian Linux Solution: For the oldstable distribution (wheezy), these problems have been fixed in version 2:3.6.6-6+deb7u9. The oldstable distribution is not affected by CVE-2016-2113 and CVE-2016-2114 . For the stable distribution (jessie), these problems have been fixed in version 2:4.2.10+dfsg-0+deb8u1. The issues were addressed by upgrading to the new upstream version 4.2.10, which includes additional changes and bugfixes. The depending libraries ldb, talloc, tdb and tevent required as well an update to new upstream versions for this update. For the unstable distribution (sid), these problems have been fixed in version 2:4.3.7+dfsg-1. Please for further details (in particular for new options and defaults). We'd like to thank Andreas Schneider and Guenther Deschner (Red Hat), Stefan Metzmacher and Ralph Boehme (SerNet) and Aurelien Aptel (SUSE) for the massive backporting work required to support Samba 3.6 and Samba 4.2 and Andrew Bartlett (Catalyst), Jelmer Vernooij and Mathieu Parent for their help in preparing updates of Samba and the underlying infrastructure libraries. We recommend that you upgrade your samba packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-0005 http://seclists.org/fulldisclosure/2015/Mar/60 http://packetstormsecurity.com/files/130773/Windows-Pass-Through-Authentication-Methods-Improper-Validation.html http://www.coresecurity.com/advisories/windows-pass-through-authentication-methods-improper-validation Microsoft Security Bulletin: MS15-027 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-027 http://www.securitytracker.com/id/1031891 Common Vulnerability Exposure (CVE) ID: CVE-2015-5370 Debian Security Information: DSA-3548 (Google Search) http://www.debian.org/security/2016/dsa-3548 http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html http://badlock.org/ RedHat Security Advisories: RHSA-2016:0611 http://rhn.redhat.com/errata/RHSA-2016-0611.html RedHat Security Advisories: RHSA-2016:0612 http://rhn.redhat.com/errata/RHSA-2016-0612.html RedHat Security Advisories: RHSA-2016:0613 http://rhn.redhat.com/errata/RHSA-2016-0613.html RedHat Security Advisories: RHSA-2016:0614 http://rhn.redhat.com/errata/RHSA-2016-0614.html RedHat Security Advisories: RHSA-2016:0618 http://rhn.redhat.com/errata/RHSA-2016-0618.html RedHat Security Advisories: RHSA-2016:0619 http://rhn.redhat.com/errata/RHSA-2016-0619.html RedHat Security Advisories: RHSA-2016:0620 http://rhn.redhat.com/errata/RHSA-2016-0620.html RedHat Security Advisories: RHSA-2016:0624 http://rhn.redhat.com/errata/RHSA-2016-0624.html http://www.securitytracker.com/id/1035533 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012 SuSE Security Announcement: SUSE-SU-2016:1022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html SuSE Security Announcement: SUSE-SU-2016:1023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html SuSE Security Announcement: SUSE-SU-2016:1024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html SuSE Security Announcement: SUSE-SU-2016:1028 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html SuSE Security Announcement: openSUSE-SU-2016:1025 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html SuSE Security Announcement: openSUSE-SU-2016:1064 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html SuSE Security Announcement: openSUSE-SU-2016:1106 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html SuSE Security Announcement: openSUSE-SU-2016:1107 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html http://www.ubuntu.com/usn/USN-2950-1 http://www.ubuntu.com/usn/USN-2950-2 http://www.ubuntu.com/usn/USN-2950-3 http://www.ubuntu.com/usn/USN-2950-4 http://www.ubuntu.com/usn/USN-2950-5 Common Vulnerability Exposure (CVE) ID: CVE-2016-2110 https://security.gentoo.org/glsa/201612-47 RedHat Security Advisories: RHSA-2016:0621 http://rhn.redhat.com/errata/RHSA-2016-0621.html RedHat Security Advisories: RHSA-2016:0623 http://rhn.redhat.com/errata/RHSA-2016-0623.html RedHat Security Advisories: RHSA-2016:0625 http://rhn.redhat.com/errata/RHSA-2016-0625.html SuSE Security Announcement: SUSE-SU-2016:1105 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00046.html SuSE Security Announcement: openSUSE-SU-2016:1440 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-05/msg00124.html Common Vulnerability Exposure (CVE) ID: CVE-2016-2111 Common Vulnerability Exposure (CVE) ID: CVE-2016-2112 Common Vulnerability Exposure (CVE) ID: CVE-2016-2113 Common Vulnerability Exposure (CVE) ID: CVE-2016-2114 BugTraq ID: 86011 http://www.securityfocus.com/bid/86011 Common Vulnerability Exposure (CVE) ID: CVE-2016-2115 Common Vulnerability Exposure (CVE) ID: CVE-2016-2118 BugTraq ID: 86002 http://www.securityfocus.com/bid/86002 CERT/CC vulnerability note: VU#813296 https://www.kb.cert.org/vuls/id/813296 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |