5.9

CVE-2016-2110

The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SambaSamba Version3.0.0
SambaSamba Version3.0.1
SambaSamba Version3.0.2
SambaSamba Version3.0.2 Updatea
SambaSamba Version3.0.2a
SambaSamba Version3.0.3
SambaSamba Version3.0.4
SambaSamba Version3.0.4 Updaterc1
SambaSamba Version3.0.5
SambaSamba Version3.0.6
SambaSamba Version3.0.7
SambaSamba Version3.0.8
SambaSamba Version3.0.9
SambaSamba Version3.0.10
SambaSamba Version3.0.11
SambaSamba Version3.0.12
SambaSamba Version3.0.13
SambaSamba Version3.0.14
SambaSamba Version3.0.14 Updatea
SambaSamba Version3.0.14a
SambaSamba Version3.0.15
SambaSamba Version3.0.16
SambaSamba Version3.0.17
SambaSamba Version3.0.18
SambaSamba Version3.0.19
SambaSamba Version3.0.20
SambaSamba Version3.0.20 Updatea
SambaSamba Version3.0.20 Updateb
SambaSamba Version3.0.20a
SambaSamba Version3.0.20b
SambaSamba Version3.0.21
SambaSamba Version3.0.21 Updatea
SambaSamba Version3.0.21 Updateb
SambaSamba Version3.0.21 Updatec
SambaSamba Version3.0.21a
SambaSamba Version3.0.21b
SambaSamba Version3.0.21c
SambaSamba Version3.0.22
SambaSamba Version3.0.23
SambaSamba Version3.0.23 Updatea
SambaSamba Version3.0.23 Updateb
SambaSamba Version3.0.23 Updatec
SambaSamba Version3.0.23 Updated
SambaSamba Version3.0.23a
SambaSamba Version3.0.23b
SambaSamba Version3.0.23c
SambaSamba Version3.0.23d
SambaSamba Version3.0.24
SambaSamba Version3.0.25
SambaSamba Version3.0.25 Updatea
SambaSamba Version3.0.25 Updateb
SambaSamba Version3.0.25 Updatec
SambaSamba Version3.0.25 Updatepre1
SambaSamba Version3.0.25 Updatepre2
SambaSamba Version3.0.25 Updaterc1
SambaSamba Version3.0.25 Updaterc2
SambaSamba Version3.0.25 Updaterc3
SambaSamba Version3.0.25a
SambaSamba Version3.0.25b
SambaSamba Version3.0.25c
SambaSamba Version3.0.26
SambaSamba Version3.0.26 Updatea
SambaSamba Version3.0.26a
SambaSamba Version3.0.27
SambaSamba Version3.0.27 Updatea
SambaSamba Version3.0.28
SambaSamba Version3.0.28 Updatea
SambaSamba Version3.0.29
SambaSamba Version3.0.30
SambaSamba Version3.0.31
SambaSamba Version3.0.32
SambaSamba Version3.0.33
SambaSamba Version3.0.34
SambaSamba Version3.0.35
SambaSamba Version3.0.36
SambaSamba Version3.0.37
SambaSamba Version3.2.0
SambaSamba Version3.2.1
SambaSamba Version3.2.2
SambaSamba Version3.2.3
SambaSamba Version3.2.4
SambaSamba Version3.2.5
SambaSamba Version3.2.6
SambaSamba Version3.2.7
SambaSamba Version3.2.8
SambaSamba Version3.2.9
SambaSamba Version3.2.10
SambaSamba Version3.2.11
SambaSamba Version3.2.12
SambaSamba Version3.2.13
SambaSamba Version3.2.14
SambaSamba Version3.2.15
SambaSamba Version3.3.0
SambaSamba Version3.3.1
SambaSamba Version3.3.2
SambaSamba Version3.3.3
SambaSamba Version3.3.4
SambaSamba Version3.3.5
SambaSamba Version3.3.6
SambaSamba Version3.3.7
SambaSamba Version3.3.8
SambaSamba Version3.3.9
SambaSamba Version3.3.10
SambaSamba Version3.3.11
SambaSamba Version3.3.12
SambaSamba Version3.3.13
SambaSamba Version3.3.14
SambaSamba Version3.3.15
SambaSamba Version3.3.16
SambaSamba Version3.4.0
SambaSamba Version3.4.1
SambaSamba Version3.4.2
SambaSamba Version3.4.3
SambaSamba Version3.4.4
SambaSamba Version3.4.5
SambaSamba Version3.4.6
SambaSamba Version3.4.7
SambaSamba Version3.4.8
SambaSamba Version3.4.9
SambaSamba Version3.4.10
SambaSamba Version3.4.11
SambaSamba Version3.4.12
SambaSamba Version3.4.13
SambaSamba Version3.4.14
SambaSamba Version3.4.15
SambaSamba Version3.4.16
SambaSamba Version3.4.17
SambaSamba Version3.5.0
SambaSamba Version3.5.1
SambaSamba Version3.5.2
SambaSamba Version3.5.3
SambaSamba Version3.5.4
SambaSamba Version3.5.5
SambaSamba Version3.5.6
SambaSamba Version3.5.7
SambaSamba Version3.5.8
SambaSamba Version3.5.9
SambaSamba Version3.5.10
SambaSamba Version3.5.11
SambaSamba Version3.5.12
SambaSamba Version3.5.13
SambaSamba Version3.5.14
SambaSamba Version3.5.15
SambaSamba Version3.5.16
SambaSamba Version3.5.17
SambaSamba Version3.5.18
SambaSamba Version3.5.19
SambaSamba Version3.5.20
SambaSamba Version3.5.21
SambaSamba Version3.5.22
SambaSamba Version3.6.0
SambaSamba Version3.6.1
SambaSamba Version3.6.2
SambaSamba Version3.6.3
SambaSamba Version3.6.4
SambaSamba Version3.6.5
SambaSamba Version3.6.6
SambaSamba Version3.6.7
SambaSamba Version3.6.8
SambaSamba Version3.6.9
SambaSamba Version3.6.10
SambaSamba Version3.6.11
SambaSamba Version3.6.12
SambaSamba Version3.6.13
SambaSamba Version3.6.14
SambaSamba Version3.6.15
SambaSamba Version3.6.16
SambaSamba Version3.6.17
SambaSamba Version3.6.18
SambaSamba Version3.6.19
SambaSamba Version3.6.20
SambaSamba Version3.6.21
SambaSamba Version3.6.22
SambaSamba Version3.6.23
SambaSamba Version3.6.24
SambaSamba Version3.6.25
SambaSamba Version4.0.0
SambaSamba Version4.0.1
SambaSamba Version4.0.2
SambaSamba Version4.0.3
SambaSamba Version4.0.4
SambaSamba Version4.0.5
SambaSamba Version4.0.6
SambaSamba Version4.0.7
SambaSamba Version4.0.8
SambaSamba Version4.0.9
SambaSamba Version4.0.10
SambaSamba Version4.0.11
SambaSamba Version4.0.12
SambaSamba Version4.0.13
SambaSamba Version4.0.14
SambaSamba Version4.0.15
SambaSamba Version4.0.16
SambaSamba Version4.0.17
SambaSamba Version4.0.18
SambaSamba Version4.0.19
SambaSamba Version4.0.20
SambaSamba Version4.0.21
SambaSamba Version4.0.22
SambaSamba Version4.0.23
SambaSamba Version4.0.24
SambaSamba Version4.0.25
SambaSamba Version4.0.26
SambaSamba Version4.1.0
SambaSamba Version4.1.1
SambaSamba Version4.1.2
SambaSamba Version4.1.3
SambaSamba Version4.1.4
SambaSamba Version4.1.5
SambaSamba Version4.1.6
SambaSamba Version4.1.7
SambaSamba Version4.1.8
SambaSamba Version4.1.9
SambaSamba Version4.1.10
SambaSamba Version4.1.11
SambaSamba Version4.1.12
SambaSamba Version4.1.13
SambaSamba Version4.1.14
SambaSamba Version4.1.15
SambaSamba Version4.1.16
SambaSamba Version4.1.17
SambaSamba Version4.1.18
SambaSamba Version4.1.19
SambaSamba Version4.1.20
SambaSamba Version4.1.21
SambaSamba Version4.1.22
SambaSamba Version4.1.23
SambaSamba Version4.2.0 Updaterc1
SambaSamba Version4.2.0 Updaterc2
SambaSamba Version4.2.0 Updaterc3
SambaSamba Version4.2.0 Updaterc4
SambaSamba Version4.2.1
SambaSamba Version4.2.2
SambaSamba Version4.2.3
SambaSamba Version4.2.4
SambaSamba Version4.2.5
SambaSamba Version4.2.6
SambaSamba Version4.2.7
SambaSamba Version4.2.8
SambaSamba Version4.2.9
SambaSamba Version4.3.0
SambaSamba Version4.3.1
SambaSamba Version4.3.2
SambaSamba Version4.3.3
SambaSamba Version4.3.4
SambaSamba Version4.3.5
SambaSamba Version4.3.6
SambaSamba Version4.4.0
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version15.10
CanonicalUbuntu Linux Version16.04 SwEditionlts
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.31% 0.942
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
https://www.samba.org/samba/history/samba-4.2.10.html
https://security.gentoo.org/glsa/201612-47
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00046.html
http://badlock.org/
https://bto.bluecoat.com/security-advisory/sa122
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html
http://rhn.redhat.com/errata/RHSA-2016-0611.html
http://rhn.redhat.com/errata/RHSA-2016-0612.html
http://rhn.redhat.com/errata/RHSA-2016-0613.html
http://rhn.redhat.com/errata/RHSA-2016-0614.html
http://rhn.redhat.com/errata/RHSA-2016-0618.html
http://rhn.redhat.com/errata/RHSA-2016-0619.html
http://rhn.redhat.com/errata/RHSA-2016-0620.html
http://rhn.redhat.com/errata/RHSA-2016-0621.html
http://rhn.redhat.com/errata/RHSA-2016-0623.html
http://rhn.redhat.com/errata/RHSA-2016-0624.html
http://rhn.redhat.com/errata/RHSA-2016-0625.html
http://www.debian.org/security/2016/dsa-3548
http://www.securitytracker.com/id/1035533
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012
http://www.ubuntu.com/usn/USN-2950-1
http://www.ubuntu.com/usn/USN-2950-2
http://www.ubuntu.com/usn/USN-2950-3
http://www.ubuntu.com/usn/USN-2950-4
http://www.ubuntu.com/usn/USN-2950-5
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399
https://www.samba.org/samba/latest_news.html#4.4.2
http://lists.opensuse.org/opensuse-updates/2016-05/msg00124.html
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05087821
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05082964
https://www.samba.org/samba/security/CVE-2016-2110.html
Patch
Vendor Advisory