HP-UX: CVE-2016-2110: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
Description
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
Solution(s)
- hpux-update-cifs-development-cifs-prg
- hpux-update-cifs-server-cifs-admin
- hpux-update-cifs-server-cifs-doc
- hpux-update-cifs-server-cifs-lib
- hpux-update-cifs-server-cifs-run
- hpux-update-cifs-server-cifs-util
References
- hpux-update-cifs-development-cifs-prg
- hpux-update-cifs-server-cifs-admin
- hpux-update-cifs-server-cifs-doc
- hpux-update-cifs-server-cifs-lib
- hpux-update-cifs-server-cifs-run
- hpux-update-cifs-server-cifs-util
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center