CVE-2016-2112
Published: 12 April 2016
The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.
Priority
CVSS 3 base score: 5.9
Status
| Package | Release | Status |
|---|---|---|
|
samba Launchpad, Ubuntu, Debian |
precise |
Released
(2:3.6.25-0ubuntu0.12.04.2)
|
| trusty |
Released
(2:4.3.8+dfsg-0ubuntu0.14.04.2)
|
|
| upstream |
Released
(4.4.2,4.3.8,4.2.11)
|
|
| wily |
Released
(2:4.3.8+dfsg-0ubuntu0.15.10.2)
|
|
| xenial |
Released
(2:4.3.8+dfsg-0ubuntu1)
|
|
| yakkety |
Released
(2:4.3.8+dfsg-0ubuntu1)
|
|
| zesty |
Released
(2:4.3.8+dfsg-0ubuntu1)
|
|
|
samba4 Launchpad, Ubuntu, Debian |
precise |
Does not exist
(precise was needed)
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| wily |
Does not exist
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|