Samba and Windows Vulnerabilities

Medium

Vendor

Samba, Microsoft Windows

Versions Affected

• The following versions of Samba are affected: 3.6.x, 4.0.x, 4.1.x, 4.2.0-4.2.9, 4.3.0-4.3.6, and 4.4.0.
• The affected Microsoft Windows versions can be viewed here: <https://technet.microsoft.com/library/security/MS16-047&gt;.

Description

There are several MITM attacks that can be performed against a variety of protocols used by Samba. These would permit execution of arbitrary Samba network calls using the context of the intercepted user. Impact examples of intercepting administrator network traffic include viewing or modifying certain types of private data on Samba servers. Additionally, Samba services are vulnerable to a denial of service from an attacker with remote network connectivity to the Samba service.

Affected Products and Versions

• The Cloud Foundry team has determined that the project is not exposed to this vulnerability and therefore does not require any upgrades.

Mitigation

Users of affected versions should apply the following mitigation:

• The Cloud Foundry team has determined that the project is not exposed to this vulnerability and therefore does not require any upgrades.

Credit

Stefan Metzmacher

References

• <http://badlock.org/&gt;
• <https://www.samba.org/samba/security/CVE-2016-2118.html&gt;
• <https://technet.microsoft.com/library/security/MS16-047&gt;
• <https://www.samba.org/samba/security/CVE-2015-5370.html&gt;
• <https://www.samba.org/samba/security/CVE-2016-2110.html&gt;
• <https://www.samba.org/samba/security/CVE-2016-2111.html&gt;
• <https://www.samba.org/samba/security/CVE-2016-2112.html&gt;
• <https://www.samba.org/samba/security/CVE-2016-2113.html&gt;
• <https://www.samba.org/samba/security/CVE-2016-2114.html&gt;
• <https://www.samba.org/samba/security/CVE-2016-2115.html&gt;