vulnerability
F5 Networks: K53313971 (CVE-2016-2110): Samba vulnerabilities CVE-2016-2110 and CVE-2016-2115
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | 04/24/2016 | 02/16/2017 | 02/01/2018 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
04/24/2016
Added
02/16/2017
Modified
02/01/2018
Description
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
Solution
f5-big-ip-upgrade-latest
References
- URL-https://support.f5.com/csp/article/K53313971
- SUSE-SUSE-SU-2016:1022
- SUSE-SUSE-SU-2016:1023
- SUSE-SUSE-SU-2016:1024
- SUSE-SUSE-SU-2016:1028
- SUSE-SUSE-SU-2016:1105
- REDHAT-RHSA-2016:0611
- REDHAT-RHSA-2016:0612
- REDHAT-RHSA-2016:0613
- REDHAT-RHSA-2016:0614
- REDHAT-RHSA-2016:0618
- REDHAT-RHSA-2016:0619
- REDHAT-RHSA-2016:0620
- REDHAT-RHSA-2016:0621
- REDHAT-RHSA-2016:0623
- REDHAT-RHSA-2016:0624
- REDHAT-RHSA-2016:0625
- DEBIAN-DSA-3548
- SECTRACK-1035533
- UBUNTU-USN-2950-1
- UBUNTU-USN-2950-2
- UBUNTU-USN-2950-3
- UBUNTU-USN-2950-4
- UBUNTU-USN-2950-5
- GENTOO-GLSA-201612-47
- NVD-CVE-2016-2110
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.