The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the โclient ldap sasl wrappingโ setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.
badlock.org/
lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
rhn.redhat.com/errata/RHSA-2016-0611.html
rhn.redhat.com/errata/RHSA-2016-0612.html
rhn.redhat.com/errata/RHSA-2016-0613.html
rhn.redhat.com/errata/RHSA-2016-0614.html
rhn.redhat.com/errata/RHSA-2016-0618.html
rhn.redhat.com/errata/RHSA-2016-0619.html
rhn.redhat.com/errata/RHSA-2016-0620.html
rhn.redhat.com/errata/RHSA-2016-0624.html
www.debian.org/security/2016/dsa-3548
www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
www.securitytracker.com/id/1035533
www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012
www.ubuntu.com/usn/USN-2950-1
www.ubuntu.com/usn/USN-2950-2
www.ubuntu.com/usn/USN-2950-3
www.ubuntu.com/usn/USN-2950-4
www.ubuntu.com/usn/USN-2950-5
bto.bluecoat.com/security-advisory/sa122
h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05087821
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05082964
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399
lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html
lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html
lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html
security.gentoo.org/glsa/201612-47
www.samba.org/samba/history/samba-4.2.10.html
www.samba.org/samba/latest_news.html
www.samba.org/samba/security/CVE-2016-2112.html