55 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-2112
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the client ldap sasl wrapping...
K47133310: Samba vulnerability CVE-2016-2112
Security Advisory Description The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying...
Slackware: Security Advisory (SSA:2016-106-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities in Samba – including Badlock – affect ProtecTIER
Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by ProtecTIER. ProtecTIER has addressed the applicable CVEs including the vulnerability commonly referred to as “Badlock”. Vulnerability Details CVEID: CVE-2016-2118 DESCRIPTION: Samba could allow a remote attacker to...
SUSE: Security Advisory (SUSE-SU-2016:1024-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1022-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities in Samba, including Badlock, affect IBM i
Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2118 DESCRIPTION: Samba could allow a remote attacker to gain elevated privileges on the system, caused by the acceptance of...
Security Bulletin: Multiple vulnerabilities in ISC BIND and Samba - including Badlock - affect IBM Netezza Host Management
Summary ISC BIND is used by IBM Netezza Host Management. Samba is delivered in IBM Netezza Host Management RHEL 5.11 and 6.6 OS upgrade kits. IBM Netezza Host Management has addressed the applicable CVEs including the vulnerability commonly referred to as "Badlock." Vulnerability Details CVEID:...
Security Bulletin: Multiple vulnerabilities in Samba – including Badlock - affect IBM Spectrum Scale SMB protocol access method
Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM Spectrum Scale SMB protocol access method. IBM Spectrum Scale has addressed the applicable CVEs including the vulnerability commonly referred to as “Badlock”. Vulnerability Details CVEID: CVE-2016-2118 DESCRIPTIO...
Security Bulletin: Multiple vulnerabilities in Samba affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM SmartCloud Provisioning for IBM Software Virtual Appliance. IBM SmartCloud Provisioning for IBM Software Virtual Appliance has addressed the applicable CVEs including the vulnerability commonly referred to as...
Security Bulletin: Samba as used in IBM QRadar SIEM is vulnerable to multiple CVE's. (CVE-2016-2110, CVE-2016-2112, CVE-2016-2115)
Summary Samba is susceptible to multiple vulnerabilities as used in IBM QRadar SIEM. Vulnerability Details CVE-ID: CVE-2016-2110 Description: Samba could allow a remote attacker to bypass security restrictions, caused by the failure to protect the feature negotiation of NTLMSSP from a downgrade. ...
Security Bulletin: Multiple vulnerabilities in Samba –including Badlock - affect IBM OS Images for Red Hat Linux Systems.
Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM OS Images for Red Hat Linux Systems. IBM OS Images for Red Hat Linux Systems has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2118 DESCRIPTION: Samba could allow a remote attacker to gain...
Mageia: Security Advisory (MGASA-2016-0151)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2016-0613)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2950-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2950-3: Samba regressions
USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were adde...
Updated samba packages fix security vulnerabilities
Updated samba packages fix security vulnerability: Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibl...
CVE-2016-2112
CVE-2016-2112 affects Samba 3.x and 4.x: the bundled LDAP client library fails to enforce integrity for LDAP connections due to the client ldap sasl wrapping setting, enabling man-in-the-middle attackers to downgrade LDAP connections and modify the data stream. Affected versions include Samba 3.x...
Fedora 24 : samba-4.4.2-1.fc24 (2016-383fce04e2) (Badlock)
Security fix for CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatical...
openSUSE Security Update : samba (openSUSE-2016-490) (Badlock)
This update fixes these security vulnerabilities : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain controller netlogon member computer...