vulnerability
Samba CVE-2016-2111: NETLOGON Spoofing Vulnerability.
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:A/AC:M/Au:N/C:P/I:P/A:N) | Apr 12, 2016 | Apr 12, 2016 | Mar 27, 2026 |
Severity
4
CVSS
(AV:A/AC:M/Au:N/C:P/I:P/A:N)
Published
Apr 12, 2016
Added
Apr 12, 2016
Modified
Mar 27, 2026
Description
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
Solutions
samba-upgrade-4_2_11samba-upgrade-4_3_8samba-upgrade-4_4_2
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.