vulnerability
FreeBSD: VID-e4bc323f-cc73-11e6-b704-000c292e4fd8 (CVE-2016-2126): samba -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:N/A:P) | Dec 26, 2016 | Dec 28, 2016 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
Dec 26, 2016
Added
Dec 28, 2016
Modified
Dec 10, 2025
Description
Samba team reports: [CVE-2016-2123] Authenticated users can supply malicious dnsRecord attributes on DNS objects and trigger a controlled memory corruption. [CVE-2016-2125] Samba client code always requests a forwardable ticket when using Kerberos authentication. This means the target server, which must be in the current or trusted domain/realm, is given a valid general purpose Kerberos "Ticket Granting Ticket" (TGT), which can be used to fully impersonate the authenticated user or service. [CVE-2016-2126] A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket due to incorrect handling of the PAC checksum. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.
Solutions
freebsd-upgrade-package-samba36freebsd-upgrade-package-samba4freebsd-upgrade-package-samba41freebsd-upgrade-package-samba42freebsd-upgrade-package-samba43freebsd-upgrade-package-samba44freebsd-upgrade-package-samba45
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.