Lucene search

PRIOn knowledge basePRION:CVE-2016-2112

HistoryApr 25, 2016 - 12:59 a.m.

Code injection

2016-04-2500:59:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.1%

JSON

The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the “client ldap sasl wrapping” setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq15.10
ubuntu_linuxeq14.04
sambaeq4.2.9
sambaeq3.0.19
sambaeq4.2.6
sambaeq3.0.23 c
sambaeq3.0.1497
sambaeq4.1.9
sambaeq3.0.27

Name	Operator	Version
ubuntu_linux	eq	16.04
ubuntu_linux	eq	15.10
ubuntu_linux	eq	14.04
samba	eq	4.2.9
samba	eq	3.0.19
samba	eq	4.2.6
samba	eq	3.0.23 c
samba	eq	3.0.1497
samba	eq	4.1.9
samba	eq	3.0.27

Rows per page:

1-10 of 2511

References

badlock.org/

lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html

lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html

rhn.redhat.com/errata/RHSA-2016-0611.html

rhn.redhat.com/errata/RHSA-2016-0612.html

rhn.redhat.com/errata/RHSA-2016-0613.html

rhn.redhat.com/errata/RHSA-2016-0614.html

rhn.redhat.com/errata/RHSA-2016-0618.html

rhn.redhat.com/errata/RHSA-2016-0619.html

rhn.redhat.com/errata/RHSA-2016-0620.html

rhn.redhat.com/errata/RHSA-2016-0624.html

www.debian.org/security/2016/dsa-3548

www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

www.securitytracker.com/id/1035533

www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012

www.ubuntu.com/usn/USN-2950-1

www.ubuntu.com/usn/USN-2950-2

www.ubuntu.com/usn/USN-2950-3

www.ubuntu.com/usn/USN-2950-4

www.ubuntu.com/usn/USN-2950-5

bto.bluecoat.com/security-advisory/sa122

h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05087821

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05082964

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399

lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html

lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html

lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html

security.gentoo.org/glsa/201612-47

www.samba.org/samba/history/samba-4.2.10.html

www.samba.org/samba/latest_news.html

www.samba.org/samba/security/CVE-2016-2112.html