This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Samba team reports :
[CVE-2016-2123] Authenticated users can supply malicious dnsRecord
attributes on DNS objects and trigger a controlled memory corruption.
[CVE-2016-2125] Samba client code always requests a forwardable ticket
when using Kerberos authentication. This means the target server,
which must be in the current or trusted domain/realm, is given a valid
general purpose Kerberos 'Ticket Granting Ticket' (TGT), which can be
used to fully impersonate the authenticated user or service.
[CVE-2016-2126] A remote, authenticated, attacker can cause the
winbindd process to crash using a legitimate Kerberos ticket due to
incorrect handling of the PAC checksum. A local service with access to
the winbindd privileged pipe can cause winbindd to cache elevated
See also :
Update the affected packages.
Risk factor :