Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2016-2124

Related Vulnerabilities: CVE-2016-2124  

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

Source

Description

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

Mitigation

Ensure the following [global] smb.conf parameters are set to their default values as shown below:

  client lanman auth = no
  client NTLMv2 auth = yes
  client plaintext auth = no
  client min protocol = SMB2_02

Or use the '-k' command line option only without the -U option, which will make use of an existing krb5 ccache.

Additional Information

  • Bugzilla 2019660: CVE-2016-2124 samba: SMB1 client connections can be downgraded to plaintext authentication
  • CWE-287: Improper Authentication
  • FAQ: Frequently asked questions about CVE-2016-2124

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started