Published: 11/05/2017 Updated: 29/08/2022

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba

Several security issues were fixed in Samba ...

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-2119 Stefan Metzmacher discovered that client-side SMB2/3 required signing can be downgraded, allowing a man-in-the-middle attacker to imper ...

Synopsis Moderate: Red Hat Gluster Storage 320 samba security, bug fixes and enhancement update Type/Severity Security Advisory: Moderate Topic An update for samba is now available for Red Hat Gluster Storage 32 for RHEL 6Red Hat Product Security has rated this update as having a security impact of Mode ...

Synopsis Moderate: Red Hat Gluster Storage 320 samba security, bug fixes and enhancement update Type/Severity Security Advisory: Moderate Topic An update for samba is now available for Red Hat Gluster Storage 32 for RHEL 7Red Hat Product Security has rated this update as having a security impact of Mode ...

Synopsis Moderate: samba4 security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for samba4 is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...

Synopsis Moderate: samba security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for samba is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base s ...

Synopsis Moderate: samba security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for samba is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base s ...

A remote code execution flaw was found in Samba A malicious authenticatedsamba client, having write access to the samba share, could use this flaw toexecute arbitrary code as root (CVE-2017-7494) It was found that Samba always requested forwardable tickets when using Kerberos authentication A service to which Samba authenticated using Kerberos c ...

A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket due to incorrect handling of the PAC checksum A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions For the remote attack, the memory overwrite kills the main winbindd process a ...

CWE-264 https://www.samba.org/samba/security/CVE-2016-2126.html http://www.securitytracker.com/id/1037495 http://www.securityfocus.com/bid/94994 https://access.redhat.com/errata/RHSA-2017:1265 http://rhn.redhat.com/errata/RHSA-2017-0744.html http://rhn.redhat.com/errata/RHSA-2017-0662.html http://rhn.redhat.com/errata/RHSA-2017-0495.html http://rhn.redhat.com/errata/RHSA-2017-0494.html https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730 https://usn.ubuntu.com/3158-1/https://nvd.nist.gov

Get Started

CVE-2016-2126

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect