Description

The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.

References

• DEBIAN-DSA-3548
• CVE-2016-2110
• REDHAT-RHSA-2016:0611
• REDHAT-RHSA-2016:0612
• REDHAT-RHSA-2016:0613
• REDHAT-RHSA-2016:0614
• REDHAT-RHSA-2016:0618
• REDHAT-RHSA-2016:0619
• REDHAT-RHSA-2016:0620
• REDHAT-RHSA-2016:0621
• REDHAT-RHSA-2016:0623
• REDHAT-RHSA-2016:0624
• REDHAT-RHSA-2016:0625
• URL: https://support.oracle.com/epmos/faces/DocumentDisplay?id=1448883.1&displayIndex=1

Solution

Related Vulnerabilities

• RHSA-2016:0621: samba security update
• RHSA-2016:0618: samba security, bug fix, and enhancement update
• Amazon Linux AMI: Security patch for samba (ALAS-2016-686) (multiple CVEs)
• Alpine Linux: CVE-2016-2110: samba Multiple security issues
• Huawei EulerOS: CVE-2016-2110: samba security update
• RHSA-2016:0624: samba3x security update
• RHSA-2016:0623: samba security update
• HP-UX: CVE-2016-2110: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
• RHSA-2016:0613: samba3x security update
• Samba CVE-2016-2110: Man in the middle attacks possible with NTLMSSP
• RHSA-2016:0611: samba security update
• RHSA-2016:0625: samba security update
• RHSA-2016:0612: samba and samba4 security, bug fix, and enhancement update
• RHSA-2016:0619: samba security update
• RHSA-2016:0620: samba4 security, bug fix, and enhancement update
• FreeBSD: samba -- multiple vulnerabilities (Multiple CVEs)
• Debian: CVE-2016-2110: samba -- security update
• Gentoo Linux: CVE-2016-2110: Samba: Multiple vulnerabilities