Описание
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
Several flaws were found in Samba's implementation of NTLMSSP authentication. An unauthenticated, man-in-the-middle attacker could use this flaw to clear the encryption and integrity flags of a connection, causing data to be transmitted in plain text. The attacker could also force the client or server into sending data in plain text even if encryption was explicitly requested for that connection.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux Extended Update Support 5.6 | samba | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 5.6 | samba3x | Affected | ||
| Red Hat Enterprise Linux 4 Extended Lifecycle Support | samba | Fixed | RHSA-2016:0625 | 12.04.2016 |
| Red Hat Enterprise Linux 5 | samba3x | Fixed | RHSA-2016:0613 | 12.04.2016 |
| Red Hat Enterprise Linux 5 | samba | Fixed | RHSA-2016:0621 | 12.04.2016 |
| Red Hat Enterprise Linux 5.6 Long Life | samba | Fixed | RHSA-2016:0623 | 12.04.2016 |
| Red Hat Enterprise Linux 5.6 Long Life | samba3x | Fixed | RHSA-2016:0624 | 12.04.2016 |
| Red Hat Enterprise Linux 5.9 Long Life | samba | Fixed | RHSA-2016:0623 | 12.04.2016 |
| Red Hat Enterprise Linux 5.9 Long Life | samba3x | Fixed | RHSA-2016:0624 | 12.04.2016 |
| Red Hat Enterprise Linux 6 | samba | Fixed | RHSA-2016:0611 | 12.04.2016 |
Показывать по
Дополнительная информация
Статус:
4.3 Medium
CVSS2
Связанные уязвимости
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
The NTLMSSP authentication implementation in Samba 3.x and 4.x before ...
4.3 Medium
CVSS2