CVE-2016-2114

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream.

References

http://badlock.org/

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html

http://rhn.redhat.com/errata/RHSA-2016-0612.html

http://rhn.redhat.com/errata/RHSA-2016-0614.html

http://rhn.redhat.com/errata/RHSA-2016-0618.html

http://rhn.redhat.com/errata/RHSA-2016-0620.html

http://www.debian.org/security/2016/dsa-3548

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://www.securityfocus.com/bid/86011

http://www.securitytracker.com/id/1035533

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012

http://www.ubuntu.com/usn/USN-2950-1

http://www.ubuntu.com/usn/USN-2950-2

http://www.ubuntu.com/usn/USN-2950-3

http://www.ubuntu.com/usn/USN-2950-4

http://www.ubuntu.com/usn/USN-2950-5

https://bto.bluecoat.com/security-advisory/sa122

https://security.gentoo.org/glsa/201612-47

https://www.samba.org/samba/history/samba-4.2.10.html

https://www.samba.org/samba/latest_news.html#4.4.2

https://www.samba.org/samba/security/CVE-2016-2114.html

Details

Source: MITRE

Published: 2016-04-25

Updated: 2016-12-31

Type: CWE-254

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:samba:samba:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.6:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.7:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.8:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.9:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.10:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.11:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.12:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.13:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.14:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.15:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.16:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.17:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.18:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.19:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.20:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.21:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.22:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.23:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.24:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.25:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.0.26:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.2:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.9:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.10:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.11:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.12:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.13:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.14:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.15:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.16:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.17:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.18:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.19:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.20:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.21:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.22:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.1.23:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.0:rc2:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.0:rc3:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.0:rc4:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.3:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.4:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.5:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.6:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.7:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.8:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.2.9:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.3.0:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.3.1:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.3.2:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.3.3:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.3.4:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.3.5:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.3.6:*:*:*:*:*:*:*

cpe:2.3:a:samba:samba:4.4.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

Tenable Plugins

View all (29 total)

IDNameProductFamilySeverity
99777EulerOS 2.0 SP1 : samba (EulerOS-SA-2016-1014)NessusHuawei Local Security Checks
high
96127GLSA-201612-47 : Samba: Multiple vulnerabilities (Badlock)NessusGentoo Local Security Checks
high
9822Samba 4.2.x < 4.2.11 / 4.3.x < 4.3.8 / 4.4.x < 4.4.2 Multiple MitMNessus Network MonitorSamba
medium
802024Samba < 4.4.2, 4.3.8, 4.2.11, 3.6.26 Multiple VulnerabilitiesLog Correlation EngineSamba
critical
91333Ubuntu 14.04 LTS / 15.10 / 16.04 LTS : samba regression (USN-2950-5) (Badlock)NessusUbuntu Local Security Checks
high
91256Ubuntu 12.04 LTS : samba regressions (USN-2950-4) (Badlock)NessusUbuntu Local Security Checks
high
90915Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : samba regressions (USN-2950-3) (Badlock)NessusUbuntu Local Security Checks
high
90824Ubuntu 14.04 LTS / 15.10 / 16.04 LTS : libsoup2.4 update (USN-2950-2) (Badlock)NessusUbuntu Local Security Checks
high
90646Fedora 24 : samba-4.4.2-1.fc24 (2016-383fce04e2) (Badlock)NessusFedora Local Security Checks
high
90609openSUSE Security Update : samba (openSUSE-2016-490) (Badlock)NessusSuSE Local Security Checks
high
90588Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : samba vulnerabilities (USN-2950-1) (Badlock)NessusUbuntu Local Security Checks
high
90548Slackware 14.0 / 14.1 / current : samba (SSA:2016-106-02) (Badlock)NessusSlackware Local Security Checks
high
90530RHEL 6 / 7 : Storage Server (RHSA-2016:0614) (Badlock)NessusRed Hat Local Security Checks
high
90519Fedora 23 : samba-4.3.8-0.fc23 (2016-be53260726) (Badlock)NessusFedora Local Security Checks
high
90516Fedora 22 : samba-4.2.11-0.fc22 (2016-48b3761baa) (Badlock)NessusFedora Local Security Checks
high
90515Debian DSA-3548-1 : samba - security update (Badlock)NessusDebian Local Security Checks
high
90514Amazon Linux AMI : samba (ALAS-2016-686) (Badlock)NessusAmazon Linux Local Security Checks
high
90508Samba 3.x < 4.2.10 / 4.2.x < 4.2.10 / 4.3.x < 4.3.7 / 4.4.x < 4.4.1 Multiple Vulnerabilities (Badlock)NessusMisc.
high
90502Scientific Linux Security Update : samba and samba4 on SL6.x, SL7.x i386/x86_64 (20160412) (Badlock)NessusScientific Linux Local Security Checks
high
90497RHEL 6 : samba4 (RHSA-2016:0620) (Badlock)NessusRed Hat Local Security Checks
high
90495RHEL 7 : samba (RHSA-2016:0618) (Badlock)NessusRed Hat Local Security Checks
high
90492RHEL 6 / 7 : samba and samba4 (RHSA-2016:0612) (Badlock)NessusRed Hat Local Security Checks
high
90487Oracle Linux 6 / 7 : samba / samba4 (ELSA-2016-0612) (Badlock)NessusOracle Linux Local Security Checks
high
90474FreeBSD : samba -- multiple vulnerabilities (a636fc26-00d9-11e6-b704-000c292e4fd8) (Badlock)NessusFreeBSD Local Security Checks
high
90450CentOS 6 / 7 : ipa / libldb / libtalloc / libtdb / libtevent / openchange / samba / samba4 (CESA-2016:0612) (Badlock)NessusCentOS Local Security Checks
high
9233Samba 4.4.x < 4.4.1 Multiple Vulnerabilities (Badlock)Nessus Network MonitorSamba
high
9232Samba 4.3.x < 4.3.7 Multiple Vulnerabilities (Badlock)Nessus Network MonitorSamba
high
9231Samba 4.2.x < 4.2.10 Multiple Vulnerabilities (Badlock)Nessus Network MonitorSamba
high
801967Samba < 4.2.10/11, < 4.3.7/8, < 4.4.1/2 badlock VulnerabilityLog Correlation EngineSamba
high