CVE-2016-2110 — Channel Accessible by Non-Endpoint in Samba

CWE-254 CWE-300 — Channel Accessible by Non-Endpoint16 documents7 sources

Severity

5.9MEDIUMNVD

EPSS

20.9%

top 4.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samba Debian Samba Canonical Ubuntu Linux

Timeline

PublishedApr 25

Latest updateMay 17

Description

The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/samba< samba 2:4.3.7+dfsg-1 (bookworm)

▶Debiansamba/samba< 2:4.3.7+dfsg-1+3

▶Ubuntusamba/samba< 2:4.3.9+dfsg-0ubuntu0.14.04.1+4

▶NVDsamba/samba222 versions+221

Also affects: Ubuntu Linux 14.04, 15.10, 16.04

Patches

Patch: www.samba.org ↗Patch: www.samba.org ↗

🔴Vulnerability Details

GHSA

GHSA-59r3-hh3x-g9v9: The NTLMSSP authentication implementation in Samba 3↗2022-05-17

▶

OSV

samba regression↗2016-05-25

▶

OSV

samba regressions↗2016-05-04

▶

OSV

libsoup2.4 update↗2016-05-04

▶

OSV

CVE-2016-2110: The NTLMSSP authentication implementation in Samba 3↗2016-04-25

▶

📋Vendor Advisories

Ubuntu

Samba regression↗2016-05-25

▶

Ubuntu

Samba regressions↗2016-05-18

▶

Ubuntu

libsoup update↗2016-05-04

▶

Ubuntu

Samba regressions↗2016-05-04

▶

Ubuntu

Samba vulnerabilities↗2016-04-18

▶

💬Community

Bugzilla

CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118 samba: various flaws [fedora-all]↗2016-04-12

▶

Bugzilla

CVE-2016-2110 samba: Man-in-the-middle attacks possible with NTLMSSP authentication↗2016-02-25

▶