SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Samba Vendors:   Samba.org
Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System
SecurityTracker Alert ID:  1036244
SecurityTracker URL:  http://securitytracker.com/id/1036244
CVE Reference:   CVE-2016-2119   (Links to External Site)
Date:  Jul 7 2016
Impact:   Disclosure of system information, Disclosure of user information, Modification of system information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.0.0 to 4.4.4
Description:   A vulnerability was reported in Samba. A remote user can downgrade client signing security controls on the target system.

A remote user that can conduct a man-in-the-middle attack can inject the SMB2_SESSION_FLAG_IS_GUEST or SMB2_SESSION_FLAG_IS_NULL flags to downgrade the client's configuration-required signing protections for SMB2 or SMB3 client connections and impersonate the target server.

Clients that are configured to use SMB signing are affected.

Management tools (e.g., net, samba-tool, rpcclient) that use DCERPC over SMB2/3 connections are also affected.

Stefan Metzmacher of SerNet (https://samba.plus) and the Samba Team (https://www.samba.org) reported this vulnerability.

Impact:   A remote user that can conduct a man-in-the-middle attack can downgrade client signing security controls on the target system.
Solution:   The vendor has issued a fix (4.2.14, 4.3.11, 4.4.5).

The vendor's advisory is available at:

https://www.samba.org/samba/security/CVE-2016-2119.html

Vendor URL:  www.samba.org/samba/security/CVE-2016-2119.html (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 26 2016 (Red Hat Issues Fix) Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System
Red Hat has issued a fix for samba4 for Red Hat Enterprise Linux 6.
Jul 26 2016 (Red Hat Issues Fix) Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Jul 26 2016 (Red Hat Issues Fix) Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System
Red Hat has issued a fix for Red Hat Enterprise Linux.
Jul 26 2016 (Oracle Issues Fix for Oracle Linux) Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System
Oracle has issued a fix for Oracle Linux 6.
Jul 26 2016 (Oracle Issues Fix for Oracle Linux) Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System
Oracle has issued a fix for Oracle Linux 7.
Jul 27 2016 (CentOS Issues Fix) Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System
CentOS has issued a fix for CentOS 7.
Jul 27 2016 (CentOS Issues Fix) Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System
CentOS has issued a fix for CentOS 6.
Dec 15 2016 (IBM Issues Fix for IBM DB2) Samba Lets Remote Users Downgrade SMB Signing Security Protections on the Target System
IBM has issued a fix for IBM DB2.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC