vulnerability
Arch Linux: Authentication bypass (CVE-2016-2125)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:A/AC:L/Au:N/C:P/I:N/A:N) | Oct 31, 2018 | Jul 11, 2025 | Nov 27, 2025 |
Severity
3
CVSS
(AV:A/AC:L/Au:N/C:P/I:N/A:N)
Published
Oct 31, 2018
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
Samba client code always requests a forwardable ticket when using Kerberos authentication. This means the target server, which must be in the current or trusted domain/realm, is given a valid general purpose Kerberos "Ticket Granting Ticket" (TGT), which can be used to fully impersonate the authenticated user or service.
The risks of impersonation of the client are similar to the well known risks from forwarding of NTLM credentials, with two important differences:
- NTLM forwarding can and should be mitigated with packet signing
- Kerberos forwarding can only be attempted after the trusted destination server decrypts the ticket.
The risks of impersonation of the client are similar to the well known risks from forwarding of NTLM credentials, with two important differences:
- NTLM forwarding can and should be mitigated with packet signing
- Kerberos forwarding can only be attempted after the trusted destination server decrypts the ticket.
Solution
arch-linux-upgrade-latest
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.