Your submission was sent successfully! Close

CVE-2016-2124

Published: 09 November 2021

SMB1 client connections can be downgraded to plaintext authentication. A man in the middle attack can force the client side SMB1 code to fall-back to plaintext or NTLM based authentication even if Kerberos authentication was requested by the user or application.

Priority

Medium

Status

Package Release Status
samba
Launchpad, Ubuntu, Debian
Upstream
Released (4.13.14)
Ubuntu 21.10 (Impish Indri)
Released (2:4.13.14+dfsg-0ubuntu0.21.10.1)
Ubuntu 21.04 (Hirsute Hippo)
Released (2:4.13.14+dfsg-0ubuntu0.21.04.1)
Ubuntu 20.04 LTS (Focal Fossa)
Released (2:4.13.14+dfsg-0ubuntu0.20.04.1)
Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 ESM (Xenial Xerus) Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Needs triage