accept no compromises
Showing 1 - 22 of 22 RSS Feed

CVE-2016-2111

Status Candidate

Overview

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.

Related Files

Gentoo Linux Security Advisory 201612-47
Posted Dec 24, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-47 - Multiple vulnerabilities have been found in Samba, the worst of which may allow execution of arbitrary code with root privileges. Versions less than 4.2.11 are affected.

tags | advisory, arbitrary, root, vulnerability
systems | linux, gentoo
advisories | CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 5d0bbf9be3b6a8b8128b3fdfd0cf42f5
HP Security Bulletin HPSBUX03616 SSRT110128 2
Posted Jun 6, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03616 SSRT110128 2 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to allow Denial of Service (DoS), disclosure of information and unauthorized access. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | ebfb5f97f3b07aa510bdf13e35a60831
Ubuntu Security Notice USN-2950-5
Posted May 25, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-5 - USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 7f2849110fcafc453c4992ae1b5c5912
Ubuntu Security Notice USN-2950-4
Posted May 18, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-4 - USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the "client ipc signing" parameter to "auto". Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 1780dca9b450e271a20be885a010ac02
HP Security Bulletin HPSBNS03581 2
Posted May 12, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBNS03581 2 - Security vulnerabilities in Samba could potentially impact HPE NonStop Servers. These vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in Denial of Service (DoS), arbitrary file deletion, disclosure of sensitive information, unauthorized access, or unauthorized modification of file or database. Note: This product is NOT affected by the 'Badlock' vulnerability (CVE-2016-2118). Affected RVUs: L15.02 - L15.08.01 J06.04 - J06.19.02 H06.15 - H06.29.01. Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
advisories | CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115
MD5 | 1bb2c8e02d009ad76188a91614d092d3
Ubuntu Security Notice USN-2950-3
Posted May 5, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-3 - USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were added to Samba 3.6.25 in Ubuntu 12.04 LTS. This advisory was inadvertently published as USN-2950-2 originally. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 2b5b3bf6d45f78f9460d354326a1a7a8
Ubuntu Security Notice USN-2950-2
Posted May 5, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-2 - USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were added to Samba 3.6.25 in Ubuntu 12.04 LTS. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 2177d04c09c14d945df9c438bb1b467d
Ubuntu Security Notice USN-2950-2
Posted Apr 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-2 - USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, spoof, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 4378a3e1b91e771dd7893d559ac783d4
Ubuntu Security Notice USN-2950-1
Posted Apr 18, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-1 - Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | dc1e4865a1a9a527e20eef823d98ed45
Slackware Security Advisory - samba Updates
Posted Apr 16, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 6e9fc76acdbb8023eda4407466dafef9
Debian Security Advisory 3548-1
Posted Apr 13, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3548-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | aa623116dad7d4f332ecf0a289652b6c
Red Hat Security Advisory 2016-0612-01
Posted Apr 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0612-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | b9d4c194c5cc8d378824a3744ea40275
Red Hat Security Advisory 2016-0618-01
Posted Apr 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0618-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 00d38a2ac22503f92f2e871af3d6b63a
Red Hat Security Advisory 2016-0614-01
Posted Apr 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0614-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | c14d71b889be611435eeec04445a61fd
Red Hat Security Advisory 2016-0625-01
Posted Apr 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0625-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol and the Local Security Authority Remote Protocol. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.

tags | advisory, remote, local, protocol
systems | linux, redhat
advisories | CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | 5a8efe293b99249b65c5201ebcb5461f
Red Hat Security Advisory 2016-0620-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0620-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. The following packages have been upgraded to a newer upstream version: Samba.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 8f4ed3b14b95c091c06a962fcf9a1deb
Red Hat Security Advisory 2016-0624-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0624-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | bd886d49681bbb4b290a389b7c13cac5
Red Hat Security Advisory 2016-0619-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0619-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | db8e359bb1a3ecd2968685f1a4b1a6e5
Red Hat Security Advisory 2016-0623-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0623-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | 0022ff7ca37c188d322e7a31ec45ec5a
Red Hat Security Advisory 2016-0621-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0621-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol and the Local Security Authority Remote Protocol. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.

tags | advisory, remote, local, protocol
systems | linux, redhat
advisories | CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | 5a5a54c79c42cba1d4da606b43ee932f
Red Hat Security Advisory 2016-0613-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0613-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | 47ace9eafbb0054244cabc57ed4d373e
Red Hat Security Advisory 2016-0611-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0611-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | ff1e4aa271b5719bc43e907e9416f0c9
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    2 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close