CVE-2015-5296Improper Input Validation in Samba

CWE-20Improper Input ValidationCWE-345Insufficient Verification of Data Authenticity12 documents7 sources
Severity
5.4MEDIUMNVD
OSV5.3
EPSS
3.7%
top 12.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
SambaDebian SambaCanonical Ubuntu Linux+1 more
Timeline
PublishedDec 29
Latest updateMay 14

Description

Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:NExploitability: 2.2 | Impact: 2.7

Affected Packages4 packages

NVDsamba/samba3.2.04.1.22+2
debiandebian/samba< samba 2:4.1.22+dfsg-1 (bookworm)
Debiansamba/samba< 2:4.1.22+dfsg-1+3
Ubuntusamba/samba< 2:4.1.6+dfsg-1ubuntu2.14.04.11+1

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 12.04, 14.04, 15.04, 15.10

🔴Vulnerability Details

4
GHSA
GHSA-pcgp-3vvv-qw57: Samba 32022-05-14
OSV
samba regression2016-02-16
OSV
samba vulnerabilities2016-01-05
OSV
CVE-2015-5296: Samba 32015-12-29

📋Vendor Advisories

4
Ubuntu
Samba regression2016-02-16
Ubuntu
Samba vulnerabilities2016-01-05
Red Hat
samba: client requesting encryption vulnerable to downgrade attack2015-12-16
Debian
CVE-2015-5296: samba - Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supp...2015

💬Community

3
Bugzilla
CVE-2017-12150 samba: Some code path don't enforce smb signing, when they should2017-09-05
Bugzilla
CVE-2015-5299 CVE-2015-7540 CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 samba: various flaws [fedora-all]2015-12-16
Bugzilla
CVE-2015-5296 samba: client requesting encryption vulnerable to downgrade attack2015-12-10