Bug 1290292 (CVE-2015-5296)
Summary: | CVE-2015-5296 samba: client requesting encryption vulnerable to downgrade attack | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Huzaifa S. Sidhpurwala <huzaifas> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | aavati, asn, gdeschner, jrivera, jrusnack, nlevinki, rfortier, sbose, security-response-team, sgirijan, sisharma, slong, smohan, ssaha, vbellur |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | samba 4.1.22, samba 4.2.7, samba 4.3.3 | Doc Type: | Bug Fix |
Doc Text: |
A man-in-the-middle vulnerability was found in the way "connection signing" was implemented by Samba. A remote attacker could use this flaw to downgrade an existing Samba client connection and force the use of plain text.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2016-01-08 12:19:30 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1290706, 1290707, 1290708, 1290709, 1290710, 1290711, 1290727, 1292069 | ||
Bug Blocks: | 1281327 |
Description
Huzaifa S. Sidhpurwala
2015-12-10 05:29:52 UTC
Acknowledgements: Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Stefan Metzmacher of the Samba Team and Sernet.de as the original reporters. Created samba tracking bugs for this issue: Affects: fedora-all [bug 1292069] External References: https://www.samba.org/samba/security/CVE-2015-5296.html Upstream commits: https://git.samba.org/?p=samba.git;a=commitdiff;h=d724f835acb9f4886c0001af32cd325dbbf1f895 https://git.samba.org/?p=samba.git;a=commitdiff;h=1ba49b8f389eda3414b14410c7fbcb4041ca06b1 https://git.samba.org/?p=samba.git;a=commitdiff;h=a819d2b440aafa3138d95ff6e8b824da885a70e9 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:0010 https://rhn.redhat.com/errata/RHSA-2016-0010.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:0011 https://rhn.redhat.com/errata/RHSA-2016-0011.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:0006 https://rhn.redhat.com/errata/RHSA-2016-0006.html This issue has been addressed in the following products: Red Hat Gluster Storage 3.1 for RHEL 7 Via RHSA-2016:0016 https://rhn.redhat.com/errata/RHSA-2016-0016.html This issue has been addressed in the following products: Red Hat Gluster Storage 3.1 for RHEL 6 Via RHSA-2016:0015 https://rhn.redhat.com/errata/RHSA-2016-0015.html |