Lucene search

K

Veracode Vulnerability DatabaseVERACODE:16784

HistoryMay 02, 2019 - 5:28 a.m.

Man-In-The-Middle (MitM)

2019-05-0205:28:43

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Samba is vulnerable to man-in-the-middle attacks. This allows an attacker to spoof SMB servers and decrypt all traffic, by modifying the client-server data stream.

CPENameOperatorVersion
openchangeeq1.0__4.el6
openchangeeq1.0__6.el6
openchangeeq0.9__7.el6
libldbeq1.1.24__1.el6rhs
libldbeq1.1.24__1.el7rhgs
libldbeq1.1.13__3.el6_7.1
libldbeq1.1.20__1.el7rhgs
libldbeq1.1.20__3.el7rhgs
libldbeq1.1.20__1.el6rhs
libldbeq1.1.20__3.el6rhs

Rows per page:

1-10 of 2641

References

badlock.org/

lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html

lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html

lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html

rhn.redhat.com/errata/RHSA-2016-0612.html

rhn.redhat.com/errata/RHSA-2016-0614.html

rhn.redhat.com/errata/RHSA-2016-0618.html

rhn.redhat.com/errata/RHSA-2016-0620.html

www.debian.org/security/2016/dsa-3548

www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

www.securityfocus.com/bid/86011

www.securitytracker.com/id/1035533

www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012

www.ubuntu.com/usn/USN-2950-1

www.ubuntu.com/usn/USN-2950-2

www.ubuntu.com/usn/USN-2950-3

www.ubuntu.com/usn/USN-2950-4

www.ubuntu.com/usn/USN-2950-5

access.redhat.com/articles/2243351

access.redhat.com/articles/2253041

access.redhat.com/security/updates/classification/#critical

access.redhat.com/security/vulnerabilities/badlock

bto.bluecoat.com/security-advisory/sa122

rhn.redhat.com/errata/RHSA-2016-0612.html

security.gentoo.org/glsa/201612-47

www.samba.org/samba/history/samba-4.2.10.html

www.samba.org/samba/latest_news.html#4.4.2

www.samba.org/samba/security/CVE-2016-2114.html

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Related for VERACODE:16784

cve1 ubuntucve1 prion1 samba1 debiancve1 f52 nessus28 ibm7 altlinux5 archlinux1 redhat4 ubuntu5 openvas30 fedora3 freebsd1 centos1 amazon1 slackware1 oraclelinux1 cloudfoundry1 osv3 debian2 symantec1 gentoo1 suse2