Severity
Medium
Vendor
Samba, Microsoft Windows
Versions Affected
- The following versions of Samba are affected: 3.6.x, 4.0.x, 4.1.x, 4.2.0-4.2.9, 4.3.0-4.3.6, and 4.4.0.
- The affected Microsoft Windows versions can be viewed here: https://technet.microsoft.com/library/security/MS16-047.
Description
There are several MITM attacks that can be performed against a variety of protocols used by Samba. These would permit execution of arbitrary Samba network calls using the context of the intercepted user. Impact examples of intercepting administrator network traffic include viewing or modifying certain types of private data on Samba servers. Additionally, Samba services are vulnerable to a denial of service from an attacker with remote network connectivity to the Samba service.
Affected Products and Versions
- The Cloud Foundry team has determined that the project is not exposed to this vulnerability and therefore does not require any upgrades.
Mitigation
Users of affected versions should apply the following mitigation:
- The Cloud Foundry team has determined that the project is not exposed to this vulnerability and therefore does not require any upgrades.
Credit
Stefan Metzmacher
References
- http://badlock.org/
- https://www.samba.org/samba/security/CVE-2016-2118.html
- https://technet.microsoft.com/library/security/MS16-047
- https://www.samba.org/samba/security/CVE-2015-5370.html
- https://www.samba.org/samba/security/CVE-2016-2110.html
- https://www.samba.org/samba/security/CVE-2016-2111.html
- https://www.samba.org/samba/security/CVE-2016-2112.html
- https://www.samba.org/samba/security/CVE-2016-2113.html
- https://www.samba.org/samba/security/CVE-2016-2114.html
- https://www.samba.org/samba/security/CVE-2016-2115.html
