CVE-2016-2112Channel Accessible by Non-Endpoint in Samba

CWE-254CWE-300Channel Accessible by Non-Endpoint18 documents8 sources
Severity
5.9MEDIUMNVD
EPSS
19.6%
top 4.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
SambaDebian SambaCanonical Ubuntu Linux
Timeline
PublishedApr 25
Latest updateDec 29

Description

The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages4 packages

debiandebian/samba< samba 2:4.3.7+dfsg-1 (bookworm)
Debiansamba/samba< 2:4.3.7+dfsg-1+3
Ubuntusamba/samba< 2:4.3.9+dfsg-0ubuntu0.14.04.1+4
NVDsamba/samba222 versions+221

Also affects: Ubuntu Linux 14.04, 15.10, 16.04

Patches

Patch: www.samba.orgPatch: www.samba.org

🔴Vulnerability Details

6
GHSA
GHSA-hprr-8f78-r2q7: The bundled LDAP client library in Samba 32022-05-17
OSV
samba regression2016-05-25
OSV
samba regressions2016-05-04
OSV
libsoup2.4 update2016-05-04
OSV
CVE-2016-2112: The bundled LDAP client library in Samba 32016-04-25

📋Vendor Advisories

7
Ubuntu
Samba regression2016-05-25
Ubuntu
Samba regressions2016-05-18
Ubuntu
libsoup update2016-05-04
Ubuntu
Samba regressions2016-05-04
Ubuntu
Samba vulnerabilities2016-04-18

📄Research Papers

1
arXiv
One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware2022-12-29

💬Community

3
Bugzilla
CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118 samba: various flaws [fedora-all]2016-04-12
Bugzilla
CVE-2016-2112 samba: Missing downgrade detection2016-02-25
Bugzilla
CVE-2016-2110 samba: Man-in-the-middle attacks possible with NTLMSSP authentication2016-02-25