SUSE CVE-2016-2112

The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream...

Scientific Linux Security Update : samba and samba4 on SL6.x, SL7.x i386/x86_64 (20160412) (Badlock)

Security Fixes : - Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the permissions of the user...

SUSE-SU-2016:1022-1 Security update for samba

Samba was updated to the 4.2.x codestream, bringing some new features and security fixes bsc973832, FATE320709. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded...