exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

CVE-2016-2118

Status Candidate

Overview

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

Related Files

Gentoo Linux Security Advisory 201612-47
Posted Dec 24, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-47 - Multiple vulnerabilities have been found in Samba, the worst of which may allow execution of arbitrary code with root privileges. Versions less than 4.2.11 are affected.

tags | advisory, arbitrary, root, vulnerability
systems | linux, gentoo
advisories | CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | a90feb7fa58b657e989e89a4f6c40472eeed2dc783afe5dad3b3e0c77040f948
HP Security Bulletin HPSBMU03614 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03614 1 - Security vulnerabilities in Samba could potentially impact HPE Systems Insight Manager. These vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in unauthorized identification of valid users and unqualified configuration changes. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2016-2118
SHA-256 | 57050fb741cc6cede64fb1fa941893f6e42b2ac7316781e959344e9cfc600e90
HPE Security Bulletin HPSBUX03616 SSRT110128 2
Posted Jun 6, 2016
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03616 SSRT110128 2 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to allow Denial of Service (DoS), disclosure of information and unauthorized access. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
SHA-256 | 475e6545fb3a6224f2c1c6a766b468787f45e3b02df99ea3ac9c7865453c1257
Ubuntu Security Notice USN-2950-5
Posted May 25, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-5 - USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | a5115fbeb6574c22cf7909ecfb3b0b6ae9b4be9907873ac8ac4827c6e8dc2822
Ubuntu Security Notice USN-2950-4
Posted May 18, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-4 - USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the "client ipc signing" parameter to "auto". Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | f4fd0e1458d4dd5d78caeb773aa4e0931c482552cdafe454a555c5a3054c7479
Ubuntu Security Notice USN-2950-3
Posted May 5, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-3 - USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were added to Samba 3.6.25 in Ubuntu 12.04 LTS. This advisory was inadvertently published as USN-2950-2 originally. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | 9964099b1f206087f80df7cd7fa0e5270996486fe34e8197537e2d4ab769d4ab
Ubuntu Security Notice USN-2950-2
Posted May 5, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-2 - USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were added to Samba 3.6.25 in Ubuntu 12.04 LTS. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | c93cbed83234be923370d6ba5d82693b733041d4363045f33e415c791441bba2
Ubuntu Security Notice USN-2950-2
Posted Apr 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-2 - USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, spoof, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | d00c71363fd9011b1911761bd598b570e7edef600cd48c0634d3cf0850df7357
Ubuntu Security Notice USN-2950-1
Posted Apr 18, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-1 - Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | 7e7ea9fcd4b1fd06b83c16d90cf9d03bcaa1f0afa52f3c19687b2dd2577594b2
Slackware Security Advisory - samba Updates
Posted Apr 16, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | 2e1f520115dc0ce156ad8eafcb817bb0a5e79dc89363864cf265e0979131fc8a
Debian Security Advisory 3548-1
Posted Apr 13, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3548-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | 7a6a72fc4b7668bd8cbc57c97d60464eeffdb556c75c1914e8530a1e6d416eb8
Red Hat Security Advisory 2016-0612-01
Posted Apr 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0612-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | ffbf714b0edd288eeaf89811100e15d4b6b63a95aa4b7b155086d46d5b7e484a
Red Hat Security Advisory 2016-0618-01
Posted Apr 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0618-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | 2ef3378782b2bc3031aa0f55cbc9dc7d137916e7c132e676b32ed6eddb2e01c8
Red Hat Security Advisory 2016-0614-01
Posted Apr 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0614-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | 28b70dba8ec3f6d0feaab4a731c2c94f34f0c5f334aa07d08384ce1e210bdf87
Red Hat Security Advisory 2016-0625-01
Posted Apr 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0625-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol and the Local Security Authority Remote Protocol. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.

tags | advisory, remote, local, protocol
systems | linux, redhat
advisories | CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
SHA-256 | ff28c74c3e9ee7ca93fb17e35f33b850df2eaf1ee08ce8f0366ddf8a1aa08d95
Red Hat Security Advisory 2016-0620-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0620-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. The following packages have been upgraded to a newer upstream version: Samba.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | 5f6d3d79919da700baf4893a8263b2e74e4c710da66d005f53851d9b19cbfadc
Red Hat Security Advisory 2016-0624-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0624-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
SHA-256 | ea7785badb40944247126ec31ac4e97e8ada0bd0e630f48e317b4de8e26f1f78
Red Hat Security Advisory 2016-0619-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0619-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
SHA-256 | ddcf6b68c566ff2d40b5f5225e025006b29b9509c7a260162b6357d22b5b92bf
Red Hat Security Advisory 2016-0623-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0623-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
SHA-256 | 9378b72c47f12f2571fb3a13b7fdce1278fc98b16317b92e0774573b4b8f9872
Red Hat Security Advisory 2016-0621-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0621-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol and the Local Security Authority Remote Protocol. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.

tags | advisory, remote, local, protocol
systems | linux, redhat
advisories | CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
SHA-256 | 81ed12f6335269d55b464d42cec3c9b7d85e6a7b1ad7e4d91156cae8662aa6c2
Red Hat Security Advisory 2016-0613-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0613-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
SHA-256 | 5633dd462f69ffaab3847b114904d8376a3fbc86b2723c88e3440a5532ec67c8
Red Hat Security Advisory 2016-0611-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0611-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
SHA-256 | c673d46b83aad8b70378276f859ae40d8d2de578960dc4d6dfe2a5a28a19b613
Page 1 of 1
Back1Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    20 Files
  • 29
    Nov 29th
    9 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close