SB2016041409 - Red Hat Enterprise Linux 5 update for samba
Published: April 14, 2016 Updated: April 24, 2025
Security Bulletin ID
SB2016041409
Severity
High
Patch available
YES
Number of vulnerabilities
5
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Man-in-the-middle attack (CVE-ID: CVE-2016-2110)
The vulnerability allows a remote attacker to bypass security restrictions.The vulnerability exists due to the failure to protect the feature negotiation of NTLMSSP from a downgrade. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to clear NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL flags and perform downgrade attacks.
Successful exploitation of this vulnerability may result in security restrictions bypass.
2) Man-in-the-middle attack (CVE-ID: CVE-2016-2111)
The vulnerability allows a remote attacker to to conduct spoofing attacks.The vulnerability exists due to an error in the NETLOGON service when a Domain Controller is configured. A remote unauthenticated attacker can conduct spoofing attacks by using a specially crafted application to connect to another domain joined system and access session-related information of the spoofed computer.
Successful exploitation of this vulnerability may result in disclosure of user information.
3) Man-in-the-middle attack (CVE-ID: CVE-2016-2118)
The vulnerability allows a remote attacker to gain elevated privileges on the system.The vulnerability exists due to the acceptance of inadequate authentication levels by the Microsoft Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols. A remote attacker can gain elevated privileges on the system by using man-in-the-middle techniques to impersonate an authenticated user against the SAMR or LSAD service and gain access to the Security Account Manager (SAM) database.
Successful exploitation of this vulnerability may result in disclosere of sytem information.
4) Man-in-the-middle attack (CVE-ID: CVE-2016-2112)
The vulnerability allows a remote attacker to bypass security restrictions.The vulnerability exists due to the failure to enforce integrity protection by the LDAP client and server. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to downgrade LDAP connections.
Successful exploitation of this vulnerability may result in security restrictions bypass.
5) Man-in-the-middle attack (CVE-ID: CVE-2016-2115)
The vulnerability allows a remote attacker to to bypass security restrictions.The vulnerability exists due to the failure to protect the integrity of SMB client connections for IPC traffic. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to perform unauthorized actions.
Successful exploitation of this vulnerability may result in security restrictions bypass.
Remediation
Install update from vendor's website.