vulnerability

SUSE: CVE-2016-2126: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
Dec 19, 2016
Added
Dec 28, 2016
Modified
Feb 4, 2022

Description

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.

Solution(s)

suse-upgrade-ctdbsuse-upgrade-ctdb-develsuse-upgrade-ldapsmbsuse-upgrade-libdcerpc-atsvc-develsuse-upgrade-libdcerpc-atsvc0suse-upgrade-libdcerpc-binding0suse-upgrade-libdcerpc-binding0-32bitsuse-upgrade-libdcerpc-develsuse-upgrade-libdcerpc-samr-develsuse-upgrade-libdcerpc-samr0suse-upgrade-libdcerpc0suse-upgrade-libdcerpc0-32bitsuse-upgrade-libgensec-develsuse-upgrade-libgensec0suse-upgrade-libgensec0-32bitsuse-upgrade-libldb-develsuse-upgrade-libldb1suse-upgrade-libndr-develsuse-upgrade-libndr-krb5pac-develsuse-upgrade-libndr-krb5pac0suse-upgrade-libndr-krb5pac0-32bitsuse-upgrade-libndr-nbt-develsuse-upgrade-libndr-nbt0suse-upgrade-libndr-nbt0-32bitsuse-upgrade-libndr-standard-develsuse-upgrade-libndr-standard0suse-upgrade-libndr-standard0-32bitsuse-upgrade-libndr0suse-upgrade-libndr0-32bitsuse-upgrade-libndr1suse-upgrade-libndr1-32bitsuse-upgrade-libnetapi-develsuse-upgrade-libnetapi0suse-upgrade-libnetapi0-32bitsuse-upgrade-libregistry-develsuse-upgrade-libregistry0suse-upgrade-libsamba-credentials-develsuse-upgrade-libsamba-credentials0suse-upgrade-libsamba-credentials0-32bitsuse-upgrade-libsamba-errors-develsuse-upgrade-libsamba-errors0suse-upgrade-libsamba-errors0-32bitsuse-upgrade-libsamba-hostconfig-develsuse-upgrade-libsamba-hostconfig0suse-upgrade-libsamba-hostconfig0-32bitsuse-upgrade-libsamba-passdb-develsuse-upgrade-libsamba-passdb0suse-upgrade-libsamba-passdb0-32bitsuse-upgrade-libsamba-policy-develsuse-upgrade-libsamba-policy-python3-develsuse-upgrade-libsamba-policy0suse-upgrade-libsamba-policy0-python3suse-upgrade-libsamba-util-develsuse-upgrade-libsamba-util0suse-upgrade-libsamba-util0-32bitsuse-upgrade-libsamdb-develsuse-upgrade-libsamdb0suse-upgrade-libsamdb0-32bitsuse-upgrade-libsmbclient-develsuse-upgrade-libsmbclient-raw-develsuse-upgrade-libsmbclient-raw0suse-upgrade-libsmbclient-raw0-32bitsuse-upgrade-libsmbclient0suse-upgrade-libsmbclient0-32bitsuse-upgrade-libsmbclient0-x86suse-upgrade-libsmbconf-develsuse-upgrade-libsmbconf0suse-upgrade-libsmbconf0-32bitsuse-upgrade-libsmbldap-develsuse-upgrade-libsmbldap0suse-upgrade-libsmbldap0-32bitsuse-upgrade-libsmbldap2suse-upgrade-libsmbldap2-32bitsuse-upgrade-libsmbsharemodes-develsuse-upgrade-libsmbsharemodes0suse-upgrade-libtalloc-develsuse-upgrade-libtalloc2suse-upgrade-libtalloc2-32bitsuse-upgrade-libtalloc2-x86suse-upgrade-libtdb-develsuse-upgrade-libtdb1suse-upgrade-libtdb1-32bitsuse-upgrade-libtdb1-x86suse-upgrade-libtevent-develsuse-upgrade-libtevent-util-develsuse-upgrade-libtevent-util0suse-upgrade-libtevent-util0-32bitsuse-upgrade-libtevent0suse-upgrade-libtevent0-32bitsuse-upgrade-libtevent0-x86suse-upgrade-libwbclient-develsuse-upgrade-libwbclient0suse-upgrade-libwbclient0-32bitsuse-upgrade-libwbclient0-x86suse-upgrade-sambasuse-upgrade-samba-32bitsuse-upgrade-samba-cephsuse-upgrade-samba-clientsuse-upgrade-samba-client-32bitsuse-upgrade-samba-client-x86suse-upgrade-samba-core-develsuse-upgrade-samba-develsuse-upgrade-samba-docsuse-upgrade-samba-dsdb-modulessuse-upgrade-samba-kdcsuse-upgrade-samba-krb-printingsuse-upgrade-samba-libssuse-upgrade-samba-libs-32bitsuse-upgrade-samba-libs-python3suse-upgrade-samba-libs-python3-32bitsuse-upgrade-samba-pythonsuse-upgrade-samba-python3suse-upgrade-samba-testsuse-upgrade-samba-test-develsuse-upgrade-samba-winbindsuse-upgrade-samba-winbind-32bitsuse-upgrade-samba-winbind-x86suse-upgrade-samba-x86

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today