Back to bug 1311902
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-02-25 09:57:39 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-02-25 09:57:39 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-02-25 10:17:25 UTC | Blocks | 1311915 | |
| Huzaifa S. Sidhpurwala | 2016-03-29 09:17:58 UTC | Whiteboard | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=new,rhel-5/samba3x=new,rhel-6/samba4=new,rhel-6/samba=new,rhel-7/samba=new,rhes-3.1/samba=new,fedora-all/samba=affected | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:06 UTC | Depends On | 1322684 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:16 UTC | Depends On | 1322685 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:23 UTC | Depends On | 1322686 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:33 UTC | Depends On | 1322687 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:41 UTC | Depends On | 1322688 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:51 UTC | Depends On | 1322689 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:59 UTC | Depends On | 1322690 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:30:09 UTC | Depends On | 1322691 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:30:17 UTC | Depends On | 1322692 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 08:23:04 UTC | CC | abokovoy, madam | |
| Huzaifa S. Sidhpurwala | 2016-03-31 08:32:49 UTC | CC | rhack | |
| Summer Long | 2016-04-06 02:42:28 UTC | CC | slong | |
| Doc Text | An authentication flaw was found in Samba. When Samba is configured to act as a Domain Controller, it allows remote attackers to spoof the computer name of a secure channel's endpoints. The attacker could exploit this flaw to obtain sensitive session information by running a crafted application and leveraging the ability to sniff network traffic. This flaw only affects Samba running as a classic primary domain controller, classic backup domain controller, or Active Directory domain controller. Note:This flaw was addressed in CVE-2015-0005 for Microsoft Windows Server. New smb.conf option: raw NTLMv2 auth (G) This parameter determines whether or not smbd(8) allows SMB1 clients without extended security (without SPNEGO) to use NTLMv2 authentication. If this option, lanman auth, and ntlm auth are all disabled, only clients with SPNEGO support are permitted. That means NTLMv2 is only supported within NTLMSSP. Default: raw NTLMv2 auth = no |
|||
| Huzaifa S. Sidhpurwala | 2016-04-07 10:33:49 UTC | Whiteboard | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:42:50 UTC | Depends On | 1324800 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:42:59 UTC | Depends On | 1324801 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:07 UTC | Depends On | 1324802 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:17 UTC | Depends On | 1324803 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:25 UTC | Depends On | 1324804 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:34 UTC | Depends On | 1324805 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:42 UTC | Depends On | 1324806 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:52 UTC | Depends On | 1324807 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 15:59:39 UTC | Whiteboard | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:06 UTC | Depends On | 1325382 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:18 UTC | Depends On | 1325383 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:28 UTC | Depends On | 1325384 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:40 UTC | Depends On | 1325385 | |
| Huzaifa S. Sidhpurwala | 2016-04-09 05:13:26 UTC | Doc Text | An authentication flaw was found in Samba. When Samba is configured to act as a Domain Controller, it allows remote attackers to spoof the computer name of a secure channel's endpoints. The attacker could exploit this flaw to obtain sensitive session information by running a crafted application and leveraging the ability to sniff network traffic. This flaw only affects Samba running as a classic primary domain controller, classic backup domain controller, or Active Directory domain controller. Note:This flaw was addressed in CVE-2015-0005 for Microsoft Windows Server. New smb.conf option: raw NTLMv2 auth (G) This parameter determines whether or not smbd(8) allows SMB1 clients without extended security (without SPNEGO) to use NTLMv2 authentication. If this option, lanman auth, and ntlm auth are all disabled, only clients with SPNEGO support are permitted. That means NTLMv2 is only supported within NTLMSSP. Default: raw NTLMv2 auth = no | An authentication flaw was found in Samba. When Samba is configured to act as a Domain Controller, it allows remote attackers to spoof the computer name of a secure channel's endpoints. The attacker could exploit this flaw to obtain sensitive session information by running a crafted application and leveraging the ability to sniff network traffic. |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:15:59 UTC | Depends On | 1325645 | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:23:48 UTC | Depends On | 1325649 | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:24:03 UTC | Depends On | 1325650 | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:24:15 UTC | Depends On | 1325651 | |
| Huzaifa S. Sidhpurwala | 2016-04-11 05:27:08 UTC | Whiteboard | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected | impact=moderate,public=20160412,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected |
| Huzaifa S. Sidhpurwala | 2016-04-11 10:33:33 UTC | Whiteboard | impact=moderate,public=20160412,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected | impact=moderate,public=20160412,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected,rhel-5.6.z/samba3x=affected,rhel-5.9.z/samba3x=affected |
| Huzaifa S. Sidhpurwala | 2016-04-11 10:37:14 UTC | Depends On | 1325832 | |
| Huzaifa S. Sidhpurwala | 2016-04-11 10:39:10 UTC | Depends On | 1325838 | |
| Martin Prpič | 2016-04-12 07:45:37 UTC | Doc Text | An authentication flaw was found in Samba. When Samba is configured to act as a Domain Controller, it allows remote attackers to spoof the computer name of a secure channel's endpoints. The attacker could exploit this flaw to obtain sensitive session information by running a crafted application and leveraging the ability to sniff network traffic. | It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine. |
| Jose A. Rivera | 2016-04-12 12:29:13 UTC | Status | NEW | ON_QA |
| Fixed In Version | 4.2.11-1 | |||
| Tomas Hoger | 2016-04-12 12:38:04 UTC | Status | ON_QA | NEW |
| Fixed In Version | 4.2.11-1 | |||
| Huzaifa S. Sidhpurwala | 2016-04-12 14:20:59 UTC | Depends On | 1326361 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:21:27 UTC | Depends On | 1326362 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:22:06 UTC | Depends On | 1326364 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:22:14 UTC | Depends On | 1326365 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:26:29 UTC | Depends On | 1326368 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:26:48 UTC | Depends On | 1326369 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:29:52 UTC | Depends On | 1326370 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 17:10:15 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2016-2111 samba: Spoofing vulnerability when domain controller is configured | CVE-2016-2111 samba: Spoofing vulnerability when domain controller is configured | ||
| Siddharth Sharma | 2016-04-12 17:27:46 UTC | Depends On | 1326453 | |
| Tomas Hoger | 2016-04-12 20:34:25 UTC | Fixed In Version | samba 4.4.2, samba 4.3.8, samba 4.2.11 | |
| Tomas Hoger | 2016-04-13 11:56:19 UTC | Depends On | 1326369 | |
| Tomas Hoger | 2016-04-13 11:58:53 UTC | Depends On | 1326368 | |
| Tomas Hoger | 2016-04-13 11:59:04 UTC | Depends On | 1326370 | |
| Tomas Hoger | 2016-04-13 12:03:03 UTC | Depends On | 1326365 | |
| Tomas Hoger | 2016-04-13 12:03:11 UTC | Depends On | 1326364 | |
| Tomas Hoger | 2016-04-13 12:03:13 UTC | Depends On | 1326362 | |
| Tomas Hoger | 2016-04-13 12:03:17 UTC | Depends On | 1326361 | |
| Tomas Hoger | 2016-04-13 12:47:38 UTC | Fixed In Version | samba 4.4.2, samba 4.3.8, samba 4.2.11 | samba 4.4.1, samba 4.3.7, samba 4.2.10 |
| Huzaifa S. Sidhpurwala | 2016-04-19 05:28:31 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-04-19 01:28:31 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:45:06 UTC | Whiteboard | impact=moderate,public=20160412,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-290,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected,rhel-5.6.z/samba3x=affected,rhel-5.9.z/samba3x=affected |
Back to bug 1311902