K 10
svn:author
V 5
timur
K 8
svn:date
V 27
2016-04-12T18:49:29.103436Z
K 7
svn:log
V 1654
Multiple vulnerabilities in Samba.
[CVE-2015-5370] Errors in Samba DCE-RPC code can lead to denial of service (crashes and high cpu consumption) and man in the middle attacks.
[CVE-2016-2110] The feature negotiation of NTLMSSP is not downgrade protected. A man in the middle is able to clear even required flags,
    especially NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL.
[CVE-2016-2111] When Samba is configured as Domain Controller it allows remote attackers to spoof the computer name of a secure channel's endpoints,
    and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic.
[CVE-2016-2112] A man in the middle is able to downgrade LDAP connections to no integrity protection.
[CVE-2016-2113] Man in the middle attacks are possible for client triggered LDAP connections (with ldaps://) and ncacn_http connections (with https://).
[CVE-2016-2114] Due to a bug Samba doesn't enforce required smb signing, even if explicitly configured.
[CVE-2016-2115] The protection of DCERPC communication over ncacn_np (which is the default for most the file server related protocols) is inherited
    from the underlying SMB connection.
[CVE-2016-2118] a.k.a. BADLOCK. A man in the middle can intercept any DCERPC traffic between a client and a server in order to impersonate the client
    and get the same privileges as the authenticated user account. This is most problematic against active directory domain controllers.
Security:	CVE-2015-5370
		CVE-2016-2110
		CVE-2016-2111
		CVE-2016-2112
		CVE-2016-2113
		CVE-2016-2114
		CVE-2016-2115
		CVE-2016-2118
Sponsored by:	Micro$oft

END