Lucene search
SuseSUSE-SU-2016:1024-1HistoryApr 13, 2016 - 12:13 a.m.
Security update for samba (important)
2016-04-1300:13:24
lists.opensuse.org
28
0.029 Low
EPSS
Percentile
89.7%
samba was updated to fix seven security issues.
These security issues were fixed:
- CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM
attacks (bsc#936862). - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP
authentication (bsc#973031). - CVE-2016-2111: Domain controller netlogon member computer could have
been spoofed (bsc#973032). - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM
attack (bsc#973033). - CVE-2016-2113: TLS certificate validation were missing (bsc#973034).
- CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks
(bsc#973036). - CVE-2016-2118: "Badlock" DCERPC impersonation of authenticated account
were possible (bsc#971965).
These non-security issues were fixed:
- bsc#974629: Fix samba.tests.messaging test and prevent potential tdb
corruption by removing obsolete now invalid tdb_close call. - bsc#973832: Obsolete libsmbsharemodes0 from samba-libs and
libsmbsharemodes-devel from samba-core-devel. - bsc#972197: Obsolete libsmbclient from libsmbclient0 and libpdb-devel
from libsamba-passdb-devel while not providing it. - Getting and setting Windows ACLs on symlinks can change permissions on
link - bsc#924519: Upgrade on-disk FSRVP server state to new version.
- bsc#968973: Only obsolete but do not provide gplv2/3 package names.
- bso#6482: s3:utils/smbget: Fix recursive download.
- bso#10489: s3: smbd: posix_acls: Fix check for setting u:g:o entry on a
filesystem with no ACL support. - bso#11643: docs: Add example for domain logins to smbspool man page.
- bso#11690: s3-client: Add a KRB5 wrapper for smbspool.
- bso#11708: loadparm: Fix memory leak issue.
- bso#11714: lib/tsocket: Work around sockets not supporting FIONREAD.
- bso#11719: ctdb-scripts: Drop use of "smbcontrol winbindd ip-dropped
…". - bso#11727: s3:smbd:open: Skip redundant call to file_set_dosmode when
creating a new file. - bso#11732: param: Fix str_list_v3 to accept ";" again.
- bso#11740: Real memeory leak(buildup) issue in loadparm.
Related
nessus
nessus
SUSE SLES11 Security Update : samba (SUSE-SU-2016:1028-1) (Badlock)
2016-04-15 00:00:00
SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:1022-1) (Badlock)
2016-04-15 00:00:00
openSUSE Security Update : samba (openSUSE-2016-453) (Badlock)
2016-04-14 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:1028-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:1022-1)
2021-04-19 00:00:00
SUSE: Security Advisory for samba (SUSE-SU-2016:1022-1)
2016-04-13 00:00:00
suse
suse
Security update for samba (important)
2016-04-13 00:11:56
Security update for samba (important)
2016-04-13 00:08:02
Security update for samba (important)
2016-04-13 14:07:57
redhat
redhat
(RHSA-2016:0611) Critical: samba security update
2016-04-13 06:54:34
(RHSA-2016:0613) Critical: samba3x security update
2016-04-12 00:00:00
(RHSA-2016:0619) Critical: samba security update
2016-04-12 00:00:00
centos
centos
samba3x security update
2016-04-13 00:27:00
libsmbclient, samba security update
2016-04-13 00:14:40
oraclelinux
oraclelinux
samba3x security update
2016-04-12 00:00:00
samba security update
2016-04-12 00:00:00
samba and samba4 security, bug fix, and enhancement update
2016-04-12 00:00:00
mageia
mageia
Updated samba packages fix security vulnerabilities
2016-04-26 21:02:43
ibm
ibm
altlinux
altlinux
Security fix for the ALT Linux 7 package samba-DC version 4.4.2-alt1
2016-04-12 00:00:00
Security fix for the ALT Linux 8 package samba-DC version 4.4.2-alt1
2016-04-12 00:00:00
Security fix for the ALT Linux 8 package samba version 4.4.2-alt1
2016-04-12 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: samba-4.2.11-0.fc22
2016-04-14 04:23:49
[SECURITY] Fedora 24 Update: samba-4.4.2-1.fc24
2016-04-15 03:20:46
[SECURITY] Fedora 23 Update: samba-4.3.8-0.fc23
2016-04-13 20:24:23
ubuntu
ubuntu
libsoup update
2016-05-04 00:00:00
Samba regressions
2016-05-04 00:00:00
Samba regressions
2016-05-18 00:00:00
slackware
slackware
[slackware-security] samba
2016-04-15 20:48:27
freebsd
freebsd
samba -- multiple vulnerabilities
2016-04-12 00:00:00
amazon
amazon
Critical: samba
2016-04-13 11:45:00
archlinux
archlinux
samba: multiple issues
2016-04-23 00:00:00
cloudfoundry
cloudfoundry
Samba and Windows Vulnerabilities | Cloud Foundry
2016-04-14 00:00:00
osv
osv
samba - security update
2016-04-13 00:00:00
samba - regression update
2016-04-13 00:00:00
samba - regression update
2016-04-13 00:00:00
debian
debian
[SECURITY] [DSA 3548-1] samba security update
2016-04-13 20:42:03
[SECURITY] [DSA 3548-1] samba security update
2016-04-13 20:42:03
[SECURITY] [DLA 509-1] samba security update
2016-06-09 21:14:12
symantec
symantec
SA122 : SMB Vulnerabilities in Windows and Samba (Badlock)
2016-04-15 08:00:00
samba
samba
Man in the middle attacks possible with NTLMSSP
2016-04-12 00:00:00
Multiple errors in DCE-RPC code.
2016-04-12 00:00:00
Missing TLS certificate validation allows man in the middle attacks
2016-04-12 00:00:00
f5
f5
SOL37603172 - Samba vulnerabilities CVE-2015-5370 and CVE-2016-2118
2016-05-10 00:00:00
K37603172 : Samba vulnerabilities CVE-2015-5370 and CVE-2016-2118
2016-05-10 00:00:00
K53313971 : Samba vulnerabilities CVE-2016-2110 and CVE-2016-2115
2016-05-17 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2016-12-24 00:00:00
prion
prion
Code injection
2016-04-25 00:59:00
Design/Logic Flaw
2016-04-12 23:59:00
Code injection
2016-04-25 00:59:00
debiancve
debiancve
cve
cve
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:10:59
Man-In-The-Middle (MitM)
2019-05-02 05:28:41
Man-In-The-Middle (MitM)
2019-05-02 05:28:42
ubuntucve
ubuntucve
rapid7community
rapid7community
Metasploit, [REDACTED] Edition
2017-04-01 12:03:18
fortinet
fortinet
SAM and LSAD remote protocols man in the middle vulnerability (Badlock)
2016-04-14 00:00:00