Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian Security Advisory DSA 3740-1 (samba - security update)

Information

Severity

Severity

Medium

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

6.8

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

5 years ago

Modified

Modified

3 years ago

Summary

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-2119 Stefan Metzmacher discovered that client-side SMB2/3 required signing can be downgraded, allowing a man-in-the-middle attacker to impersonate a server being connected to by Samba, and return malicious results. CVE-2016-2123 Trend Micro's Zero Day Initiative and Frederic Besler discovered that the routine ndr_pull_dnsp_name, used to parse data from the Samba Active Directory ldb database, contains an integer overflow flaw, leading to an attacker-controlled memory overwrite. An authenticated user can take advantage of this flaw for remote privilege escalation. CVE-2016-2125 Simo Sorce of Red Hat discovered that the Samba client code always requests a forwardable ticket when using Kerberos authentication. A target server, which must be in the current or trusted domain/realm, is given a valid general purpose Kerberos Ticket Granting Ticket (TGT), which can be used to fully impersonate the authenticated user or service. CVE-2016-2126 Volker Lendecke discovered several flaws in the Kerberos PAC validation. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket due to incorrect handling of the PAC checksum. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.

Affected Software

Affected Software

samba on Debian Linux

Detection Method

Detection Method

This check tests the installed software version using the apt package manager.

Solution

Solution

For the stable distribution (jessie), these problems have been fixed in version 2:4.2.14+dfsg-0+deb8u2. In addition, this update contains several changes originally targeted for the upcoming jessie point release. We recommend that you upgrade your samba packages.

Common Vulnerabilities and Exposures (CVE)