Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 580
Alerts This Week
Warning Icon 1 580

Fedora: 2016-48b3761baa Critical: Samba Man-in-the-Middle Attack

fedora
Calendar Grey April 14, 2016
Dist Fedora Esm H88
Essential Samba security updates for Fedora 22 tackle significant risks concerning login processes and potential network breaches.
Security fix for CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118

Summary

Samba is the standard Windows interoperability suite of programs for Linux and Unix.

Update Information:

Security fix for CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118

Change Log

References


[ 1 ] Bug #1309987 - CVE-2015-5370 samba: crash in dcesrv_auth_bind_ack due to missing error check https://bugzilla.redhat.com/show_bug.cgi?id=1309987 [ 2 ] Bug #1311893 - CVE-2016-2110 samba: Man-in-the-middle attacks possible with NTLMSSP authentication https://bugzilla.redhat.com/show_bug.cgi?id=1311893 [ 3 ] Bug #1311902 - CVE-2016-2111 samba: Spoofing vulnerability when domain controller is configured https://bugzilla.redhat.com/show_bug.cgi?id=1311902 [ 4 ] Bug #1311903 - CVE-2016-2112 samba: Missing downgrade detection https://bugzilla.redhat.com/show_bug.cgi?id=1311903 [ 5 ] Bug #1311910 - CVE-2016-2113 samba: Server certificates not validated at client side https://bugzilla.redhat.com/show_bug.cgi?id=1311910 [ 6 ] Bug #1312082 - CVE-2016-2114 samba: Samba based active directory domain controller does not enforce smb signing https://bugzilla.redhat.com/show_bug.cgi?id=1312082 [ 7 ] Bug #1312084 - CVE-2016-2115 sam...

Read the Full Advisory

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update samba' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: samba
Product: Fedora 22
Version: 4.2.11
Release: 0.fc22
URL:
Summary: Server and Client software to interoperate with Windows machines

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.