Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

604 matches found

Tenable Nessus
Tenable Nessusadded 2016/06/14 12:0 a.m.71 views

MS16-076: Security Update for Netlogon (3167691)

The remote Windows host is missing a security update. It is, therefore, affected by a remote code execution vulnerability due to improper handling of objects in memory. A domain-authenticated attacker can exploit this, via a specially crafted Netlogon request to a domain controller, to execute...

9CVSS9.1AI score0.13336EPSS
Exploits0References2
NVD
NVDadded 2016/04/25 12:59 a.m.22 views

CVE-2016-2111

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted applicatio...

6.3CVSS6.9AI score0.02926EPSS
Exploits0References41
OSV
OSVadded 2016/04/25 12:59 a.m.1 views

DEBIAN-CVE-2016-2111

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted applicatio...

6.3CVSS6.6AI score0.02926EPSS
Exploits0References1
OSV
OSVadded 2016/04/25 12:59 a.m.6 views

CVE-2016-2111

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted applicatio...

6.3CVSS6.7AI score0.02926EPSS
Exploits0References41
Prion
Prionadded 2016/04/25 12:59 a.m.39 views

Design/Logic Flaw

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted applicatio...

4.3CVSS7.4AI score0.18313EPSS
Exploits2References41Affected Software2
Debian CVE
Debian CVEadded 2016/04/25 12:0 a.m.50 views

CVE-2016-2111

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted applicatio...

6.3CVSS6.9AI score0.02926EPSS
Exploits0
Cvelist
Cvelistadded 2016/04/25 12:0 a.m.29 views

CVE-2016-2111

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted applicatio...

7.1AI score0.02926EPSS
Exploits0References41
CVE
CVEadded 2016/04/25 12:0 a.m.160 views

CVE-2016-2111

The NETLOGON vulnerability (CVE-2016-2111) affects Samba 3.x and 4.x prior to: 4.2.11, 4.3.x prior to 4.3.8, and 4.4.x prior to 4.4.2. When a domain controller is configured, remote attackers can spoof the computer name of a secure channel endpoint and obtain sensitive session information by craf...

6.3CVSS6.9AI score0.02926EPSS
Exploits0References41Affected Software1
Tenable Nessus
Tenable Nessusadded 2016/04/21 12:0 a.m.37 views

SUSE SLES10 Security Update : samba (SUSE-SU-2016:1105-1)

Samba was updated to fix three security issues. These security issues were fixed : CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bso11688, bsc973031. CVE-2016-2111: Domain controller netlogon member computer could have been spoofed bso11749, bsc973032...

7.2CVSS6.7AI score0.13274EPSS
Exploits1References12
OPENSUSE Linux
OPENSUSE Linuxadded 2016/04/20 12:11 p.m.42 views

Security update for samba (important)

This update fixes these security vulnerabilities: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain controller netlogon member computer...

10CVSS2.6AI score0.87636EPSS
Exploits9References17
Tenable Nessus
Tenable Nessusadded 2016/04/15 12:0 a.m.47 views

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:1024-1) (Badlock)

samba was updated to fix seven security issues. These security issues were fixed : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain...

7.5CVSS6.6AI score0.37043EPSS
Exploits0References27
Tenable Nessus
Tenable Nessusadded 2016/04/14 12:0 a.m.43 views

openSUSE Security Update : samba (openSUSE-2016-453) (Badlock)

samba was updated to fix seven security issues. These security issues were fixed : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain...

7.5CVSS6.7AI score0.37043EPSS
Exploits0References19
OPENSUSE Linux
OPENSUSE Linuxadded 2016/04/13 2:7 p.m.52 views

Security update for samba (important)

samba was updated to fix seven security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain...

6.8CVSS0.5AI score0.37043EPSS
Exploits0References12
Tenable Nessus
Tenable Nessusadded 2016/04/13 12:0 a.m.491 views

Samba 3.x < 4.2.10 / 4.2.x < 4.2.10 / 4.3.x < 4.3.7 / 4.4.x < 4.4.1 Multiple Vulnerabilities (Badlock)

The version of Samba running on the remote host is 3.x or 4.2.x prior to 4.2.10, 4.3.x prior to 4.3.7, or 4.4.x prior to 4.4.1. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the DCE-RPC client when handling specially crafted DCE-RPC packets. A man-in-the-middle MitM...

7.5CVSS7AI score0.37043EPSS
Exploits0References19
OSV
OSVadded 2016/04/12 6:46 p.m.10 views

SUSE-SU-2016:1022-1 Security update for samba

Samba was updated to the 4.2.x codestream, bringing some new features and security fixes bsc973832, FATE320709. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded...

7.5CVSS7.2AI score0.37043EPSS
Exploits0References28
ThreatPost
ThreatPostadded 2016/04/12 2:30 p.m.58 views

Badlock Windows, Samba Man-in-the-Middle Vulnerability

Weeks of anxiety and concern over the Badlock vulnerability ended today with an anticlimactic thud. Badlock was the security boogeyman since the appearance three weeks ago of a website and logo branding the bug as something serious in Samba, an open source implementation of the server message blo...

6.8CVSS0.37043EPSS
Exploits0References14
ALT Linux
ALT Linuxadded 2016/04/12 12:0 a.m.43 views

Security fix for the ALT Linux 8 package samba version 4.4.2-alt1

April 12, 2016 Andrey Cherepanov 4.4.2-alt1 - New version - Security fixes: - CVE-2015-5370 Multiple errors in DCE-RPC code - CVE-2016-2110 Man in the middle attacks possible with NTLMSSP - CVE-2016-2111 NETLOGON Spoofing Vulnerability - CVE-2016-2112 LDAP client and server don't enforce integrit...

6.8CVSS6.2AI score0.37043EPSS
Exploits0
ALT Linux
ALT Linuxadded 2016/04/12 12:0 a.m.39 views

Security fix for the ALT Linux 10 package samba version 4.4.2-alt1

April 12, 2016 Andrey Cherepanov 4.4.2-alt1 - New version - Security fixes: - CVE-2015-5370 Multiple errors in DCE-RPC code - CVE-2016-2110 Man in the middle attacks possible with NTLMSSP - CVE-2016-2111 NETLOGON Spoofing Vulnerability - CVE-2016-2112 LDAP client and server don't enforce integrit...

6.8CVSS6.1AI score0.37043EPSS
Exploits0
Samba
Sambaadded 2016/04/12 12:0 a.m.575 views

NETLOGON Spoofing Vulnerability.

Description It's basically the same as CVE-2015-0005 for Windows: The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a...

6.3CVSS0.5AI score0.18313EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2016/04/12 12:0 a.m.36 views

Samba 4.3.x < 4.3.7 Multiple Vulnerabilities (Badlock)

Binary data 9232.prm...

7.5CVSS7AI score0.37043EPSS
Exploits0References18
Rows per page
Query Builder