Описание
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux Extended Update Support 5.6 | samba | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 5.6 | samba3x | Affected | ||
| Red Hat Enterprise Linux 4 Extended Lifecycle Support | samba | Fixed | RHSA-2016:0625 | 12.04.2016 |
| Red Hat Enterprise Linux 5 | samba3x | Fixed | RHSA-2016:0613 | 12.04.2016 |
| Red Hat Enterprise Linux 5 | samba | Fixed | RHSA-2016:0621 | 12.04.2016 |
| Red Hat Enterprise Linux 5.6 Long Life | samba | Fixed | RHSA-2016:0623 | 12.04.2016 |
| Red Hat Enterprise Linux 5.6 Long Life | samba3x | Fixed | RHSA-2016:0624 | 12.04.2016 |
| Red Hat Enterprise Linux 5.9 Long Life | samba | Fixed | RHSA-2016:0623 | 12.04.2016 |
| Red Hat Enterprise Linux 5.9 Long Life | samba3x | Fixed | RHSA-2016:0624 | 12.04.2016 |
| Red Hat Enterprise Linux 6 | samba | Fixed | RHSA-2016:0611 | 12.04.2016 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before ...
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
Уязвимость службы NETLOGON пакета программ сетевого взаимодействия Samba, связанная с недостатках элементов безопасности, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
EPSS
4.3 Medium
CVSS2