Back to bug 1403114
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Huzaifa S. Sidhpurwala | 2016-12-09 05:34:07 UTC | CC | security-response-team | |
| Huzaifa S. Sidhpurwala | 2016-12-09 05:34:16 UTC | Blocks | 1392703 | |
| Huzaifa S. Sidhpurwala | 2016-12-16 09:57:40 UTC | Depends On | 1405355 | |
| Huzaifa S. Sidhpurwala | 2016-12-16 09:57:49 UTC | Depends On | 1405356 | |
| Huzaifa S. Sidhpurwala | 2016-12-16 09:57:58 UTC | Depends On | 1405357 | |
| Huzaifa S. Sidhpurwala | 2016-12-16 09:58:09 UTC | Depends On | 1405358 | |
| Huzaifa S. Sidhpurwala | 2016-12-16 09:59:07 UTC | Depends On | 1405357 | |
| Huzaifa S. Sidhpurwala | 2016-12-16 09:59:21 UTC | Depends On | 1405355 | |
| Huzaifa S. Sidhpurwala | 2016-12-16 10:02:00 UTC | Whiteboard | impact=moderate,public=no,reported=20161209,source=upstream,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba=affected,rhel-6/samba4=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected | impact=moderate,public=no,reported=20161209,source=upstream,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,rhel-5/samba=wontfix,rhel-5/samba3x=wontfix,rhel-6/samba=affected,rhel-6/samba4=affected,rhel-7/samba=wontfix,rhes-3.1/samba=affected,fedora-all/samba=affected |
| Huzaifa S. Sidhpurwala | 2016-12-16 10:19:47 UTC | Blocks | 1386080 | |
| Siddharth Sharma | 2016-12-16 12:08:45 UTC | Depends On | 1405399 | |
| Siddharth Sharma | 2016-12-19 12:18:26 UTC | Whiteboard | impact=moderate,public=no,reported=20161209,source=upstream,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,rhel-5/samba=wontfix,rhel-5/samba3x=wontfix,rhel-6/samba=affected,rhel-6/samba4=affected,rhel-7/samba=wontfix,rhes-3.1/samba=affected,fedora-all/samba=affected | impact=moderate,public=20161219,reported=20161209,source=upstream,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,rhel-5/samba=wontfix,rhel-5/samba3x=wontfix,rhel-6/samba=affected,rhel-6/samba4=affected,rhel-7/samba=wontfix,rhes-3.1/samba=affected,fedora-all/samba=affected |
| Siddharth Sharma | 2016-12-19 12:18:33 UTC | Summary | EMBARGOED CVE-2016-2125 samba: Unconditional privilege delegation to Kerberos servers in trusted realms | CVE-2016-2125 samba: Unconditional privilege delegation to Kerberos servers in trusted realms |
| Siddharth Sharma | 2016-12-19 12:18:40 UTC | Group | security, qe_staff | |
| Siddharth Sharma | 2016-12-19 12:35:43 UTC | Depends On | 1405984 | |
| Scott Nicholas | 2016-12-22 18:24:03 UTC | CC | scott.nicholas.ctr | |
| Yoshinori Takahashi | 2017-01-23 01:41:48 UTC | CC | hkim | |
| Huzaifa S. Sidhpurwala | 2017-03-08 06:53:40 UTC | Doc Text | A flaw was found in the way Samba clients always requests a forwardable ticket when using Kerberos authentication. A Man-in-the-middle attacker could use this flaw to impersonate a samba server or a client in the trusted Kerberos realm. | |
| Eric Christensen | 2017-03-08 14:17:13 UTC | Doc Text | A flaw was found in the way Samba clients always requests a forwardable ticket when using Kerberos authentication. A Man-in-the-middle attacker could use this flaw to impersonate a samba server or a client in the trusted Kerberos realm. | A flaw was found in the way Samba clients always request a forwardable ticket when using Kerberos authentication. A Man-in-the-middle attacker could use this flaw to impersonate a samba server or a client in the trusted Kerberos realm. |
| Huzaifa S. Sidhpurwala | 2017-03-16 05:56:43 UTC | Doc Text | A flaw was found in the way Samba clients always request a forwardable ticket when using Kerberos authentication. A Man-in-the-middle attacker could use this flaw to impersonate a samba server or a client in the trusted Kerberos realm. | It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticates using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. |
| Tomas Hoger | 2017-03-17 10:11:53 UTC | Doc Text | It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticates using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. | It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. |
| Huzaifa S. Sidhpurwala | 2017-03-23 04:59:19 UTC | Fixed In Version | samba 4.5.3, samba 4.4.8, samba 4.3.13 | |
| Huzaifa S. Sidhpurwala | 2017-03-23 05:14:32 UTC | Whiteboard | impact=moderate,public=20161219,reported=20161209,source=upstream,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,rhel-5/samba=wontfix,rhel-5/samba3x=wontfix,rhel-6/samba=affected,rhel-6/samba4=affected,rhel-7/samba=wontfix,rhes-3.1/samba=affected,fedora-all/samba=affected | impact=moderate,public=20161219,reported=20161209,source=upstream,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,rhel-5/samba=wontfix,rhel-5/samba3x=wontfix,rhel-6/samba=affected,rhel-6/samba4=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected |
| Huzaifa S. Sidhpurwala | 2017-03-23 05:15:04 UTC | Depends On | 1435079 | |
| Huzaifa S. Sidhpurwala | 2017-03-23 05:15:52 UTC | Blocks | 1415638 | |
| Huzaifa S. Sidhpurwala | 2017-03-31 04:26:30 UTC | Depends On | 1437741 | |
| kat | 2017-04-17 18:18:39 UTC | CC | kbost | |
| PnT Account Manager | 2018-01-30 14:46:23 UTC | CC | hkim | |
| Laura Pardo | 2018-10-30 21:48:32 UTC | Whiteboard | impact=moderate,public=20161219,reported=20161209,source=upstream,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,rhel-5/samba=wontfix,rhel-5/samba3x=wontfix,rhel-6/samba=affected,rhel-6/samba4=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected | impact=moderate,public=20161219,reported=20161209,source=upstream,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,cwe=CWE-287,rhel-5/samba=wontfix,rhel-5/samba3x=wontfix,rhel-6/samba=affected,rhel-6/samba4=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected |
| PnT Account Manager | 2019-05-31 14:22:10 UTC | CC | smohan | |
| Product Security DevOps Team | 2019-06-08 03:04:03 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 03:04:03 UTC | |||
| Product Security DevOps Team | 2019-09-29 14:02:45 UTC | Whiteboard | impact=moderate,public=20161219,reported=20161209,source=upstream,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,cwe=CWE-287,rhel-5/samba=wontfix,rhel-5/samba3x=wontfix,rhel-6/samba=affected,rhel-6/samba4=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected |
Back to bug 1403114