CVE-2016-2112
First published: Mon Apr 25 2016(Updated: )
The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samba Samba | =3.0.0 | |
| Samba Samba | =3.0.1 | |
| Samba Samba | =3.0.2 | |
| Samba Samba | =3.0.2-a | |
| Samba Samba | =3.0.2a | |
| Samba Samba | =3.0.3 | |
| Samba Samba | =3.0.4 | |
| Samba Samba | =3.0.4-rc1 | |
| Samba Samba | =3.0.5 | |
| Samba Samba | =3.0.6 | |
| Samba Samba | =3.0.7 | |
| Samba Samba | =3.0.8 | |
| Samba Samba | =3.0.9 | |
| Samba Samba | =3.0.10 | |
| Samba Samba | =3.0.11 | |
| Samba Samba | =3.0.12 | |
| Samba Samba | =3.0.13 | |
| Samba Samba | =3.0.14 | |
| Samba Samba | =3.0.14-a | |
| Samba Samba | =3.0.14a | |
| Samba Samba | =3.0.15 | |
| Samba Samba | =3.0.16 | |
| Samba Samba | =3.0.17 | |
| Samba Samba | =3.0.18 | |
| Samba Samba | =3.0.19 | |
| Samba Samba | =3.0.20 | |
| Samba Samba | =3.0.20-a | |
| Samba Samba | =3.0.20-b | |
| Samba Samba | =3.0.20a | |
| Samba Samba | =3.0.20b | |
| Samba Samba | =3.0.21 | |
| Samba Samba | =3.0.21-a | |
| Samba Samba | =3.0.21-b | |
| Samba Samba | =3.0.21-c | |
| Samba Samba | =3.0.21a | |
| Samba Samba | =3.0.21b | |
| Samba Samba | =3.0.21c | |
| Samba Samba | =3.0.22 | |
| Samba Samba | =3.0.23 | |
| Samba Samba | =3.0.23-a | |
| Samba Samba | =3.0.23-b | |
| Samba Samba | =3.0.23-c | |
| Samba Samba | =3.0.23-d | |
| Samba Samba | =3.0.23a | |
| Samba Samba | =3.0.23b | |
| Samba Samba | =3.0.23c | |
| Samba Samba | =3.0.23d | |
| Samba Samba | =3.0.24 | |
| Samba Samba | =3.0.25 | |
| Samba Samba | =3.0.25-a | |
| Samba Samba | =3.0.25-b | |
| Samba Samba | =3.0.25-c | |
| Samba Samba | =3.0.25-pre1 | |
| Samba Samba | =3.0.25-pre2 | |
| Samba Samba | =3.0.25-rc1 | |
| Samba Samba | =3.0.25-rc2 | |
| Samba Samba | =3.0.25-rc3 | |
| Samba Samba | =3.0.25a | |
| Samba Samba | =3.0.25b | |
| Samba Samba | =3.0.25c | |
| Samba Samba | =3.0.26 | |
| Samba Samba | =3.0.26-a | |
| Samba Samba | =3.0.26a | |
| Samba Samba | =3.0.27 | |
| Samba Samba | =3.0.27-a | |
| Samba Samba | =3.0.28 | |
| Samba Samba | =3.0.28-a | |
| Samba Samba | =3.0.29 | |
| Samba Samba | =3.0.30 | |
| Samba Samba | =3.0.31 | |
| Samba Samba | =3.0.32 | |
| Samba Samba | =3.0.33 | |
| Samba Samba | =3.0.34 | |
| Samba Samba | =3.0.35 | |
| Samba Samba | =3.0.36 | |
| Samba Samba | =3.0.37 | |
| Samba Samba | =3.2.0 | |
| Samba Samba | =3.2.1 | |
| Samba Samba | =3.2.2 | |
| Samba Samba | =3.2.3 | |
| Samba Samba | =3.2.4 | |
| Samba Samba | =3.2.5 | |
| Samba Samba | =3.2.6 | |
| Samba Samba | =3.2.7 | |
| Samba Samba | =3.2.8 | |
| Samba Samba | =3.2.9 | |
| Samba Samba | =3.2.10 | |
| Samba Samba | =3.2.11 | |
| Samba Samba | =3.2.12 | |
| Samba Samba | =3.2.13 | |
| Samba Samba | =3.2.14 | |
| Samba Samba | =3.2.15 | |
| Samba Samba | =3.3.0 | |
| Samba Samba | =3.3.1 | |
| Samba Samba | =3.3.2 | |
| Samba Samba | =3.3.3 | |
| Samba Samba | =3.3.4 | |
| Samba Samba | =3.3.5 | |
| Samba Samba | =3.3.6 | |
| Samba Samba | =3.3.7 | |
| Samba Samba | =3.3.8 | |
| Samba Samba | =3.3.9 | |
| Samba Samba | =3.3.10 | |
| Samba Samba | =3.3.11 | |
| Samba Samba | =3.3.12 | |
| Samba Samba | =3.3.13 | |
| Samba Samba | =3.3.14 | |
| Samba Samba | =3.3.15 | |
| Samba Samba | =3.3.16 | |
| Samba Samba | =3.4.0 | |
| Samba Samba | =3.4.1 | |
| Samba Samba | =3.4.2 | |
| Samba Samba | =3.4.3 | |
| Samba Samba | =3.4.4 | |
| Samba Samba | =3.4.5 | |
| Samba Samba | =3.4.6 | |
| Samba Samba | =3.4.7 | |
| Samba Samba | =3.4.8 | |
| Samba Samba | =3.4.9 | |
| Samba Samba | =3.4.10 | |
| Samba Samba | =3.4.11 | |
| Samba Samba | =3.4.12 | |
| Samba Samba | =3.4.13 | |
| Samba Samba | =3.4.14 | |
| Samba Samba | =3.4.15 | |
| Samba Samba | =3.4.16 | |
| Samba Samba | =3.4.17 | |
| Samba Samba | =3.5.0 | |
| Samba Samba | =3.5.1 | |
| Samba Samba | =3.5.2 | |
| Samba Samba | =3.5.3 | |
| Samba Samba | =3.5.4 | |
| Samba Samba | =3.5.5 | |
| Samba Samba | =3.5.6 | |
| Samba Samba | =3.5.7 | |
| Samba Samba | =3.5.8 | |
| Samba Samba | =3.5.9 | |
| Samba Samba | =3.5.10 | |
| Samba Samba | =3.5.11 | |
| Samba Samba | =3.5.12 | |
| Samba Samba | =3.5.13 | |
| Samba Samba | =3.5.14 | |
| Samba Samba | =3.5.15 | |
| Samba Samba | =3.5.16 | |
| Samba Samba | =3.5.17 | |
| Samba Samba | =3.5.18 | |
| Samba Samba | =3.5.19 | |
| Samba Samba | =3.5.20 | |
| Samba Samba | =3.5.21 | |
| Samba Samba | =3.5.22 | |
| Samba Samba | =3.6.0 | |
| Samba Samba | =3.6.1 | |
| Samba Samba | =3.6.2 | |
| Samba Samba | =3.6.3 | |
| Samba Samba | =3.6.4 | |
| Samba Samba | =3.6.5 | |
| Samba Samba | =3.6.6 | |
| Samba Samba | =3.6.7 | |
| Samba Samba | =3.6.8 | |
| Samba Samba | =3.6.9 | |
| Samba Samba | =3.6.10 | |
| Samba Samba | =3.6.11 | |
| Samba Samba | =3.6.12 | |
| Samba Samba | =3.6.13 | |
| Samba Samba | =3.6.14 | |
| Samba Samba | =3.6.15 | |
| Samba Samba | =3.6.16 | |
| Samba Samba | =3.6.17 | |
| Samba Samba | =3.6.18 | |
| Samba Samba | =3.6.19 | |
| Samba Samba | =3.6.20 | |
| Samba Samba | =3.6.21 | |
| Samba Samba | =3.6.22 | |
| Samba Samba | =3.6.23 | |
| Samba Samba | =3.6.24 | |
| Samba Samba | =3.6.25 | |
| Samba Samba | =4.0.0 | |
| Samba Samba | =4.0.1 | |
| Samba Samba | =4.0.2 | |
| Samba Samba | =4.0.3 | |
| Samba Samba | =4.0.4 | |
| Samba Samba | =4.0.5 | |
| Samba Samba | =4.0.6 | |
| Samba Samba | =4.0.7 | |
| Samba Samba | =4.0.8 | |
| Samba Samba | =4.0.9 | |
| Samba Samba | =4.0.10 | |
| Samba Samba | =4.0.11 | |
| Samba Samba | =4.0.12 | |
| Samba Samba | =4.0.13 | |
| Samba Samba | =4.0.14 | |
| Samba Samba | =4.0.15 | |
| Samba Samba | =4.0.16 | |
| Samba Samba | =4.0.17 | |
| Samba Samba | =4.0.18 | |
| Samba Samba | =4.0.19 | |
| Samba Samba | =4.0.20 | |
| Samba Samba | =4.0.21 | |
| Samba Samba | =4.0.22 | |
| Samba Samba | =4.0.23 | |
| Samba Samba | =4.0.24 | |
| Samba Samba | =4.0.25 | |
| Samba Samba | =4.0.26 | |
| Samba Samba | =4.1.0 | |
| Samba Samba | =4.1.1 | |
| Samba Samba | =4.1.2 | |
| Samba Samba | =4.1.3 | |
| Samba Samba | =4.1.4 | |
| Samba Samba | =4.1.5 | |
| Samba Samba | =4.1.6 | |
| Samba Samba | =4.1.7 | |
| Samba Samba | =4.1.8 | |
| Samba Samba | =4.1.9 | |
| Samba Samba | =4.1.10 | |
| Samba Samba | =4.1.11 | |
| Samba Samba | =4.1.12 | |
| Samba Samba | =4.1.13 | |
| Samba Samba | =4.1.14 | |
| Samba Samba | =4.1.15 | |
| Samba Samba | =4.1.16 | |
| Samba Samba | =4.1.17 | |
| Samba Samba | =4.1.18 | |
| Samba Samba | =4.1.19 | |
| Samba Samba | =4.1.20 | |
| Samba Samba | =4.1.21 | |
| Samba Samba | =4.1.22 | |
| Samba Samba | =4.1.23 | |
| Samba Samba | =4.2.0-rc1 | |
| Samba Samba | =4.2.0-rc2 | |
| Samba Samba | =4.2.0-rc3 | |
| Samba Samba | =4.2.0-rc4 | |
| Samba Samba | =4.2.1 | |
| Samba Samba | =4.2.2 | |
| Samba Samba | =4.2.3 | |
| Samba Samba | =4.2.4 | |
| Samba Samba | =4.2.5 | |
| Samba Samba | =4.2.6 | |
| Samba Samba | =4.2.7 | |
| Samba Samba | =4.2.8 | |
| Samba Samba | =4.2.9 | |
| Samba Samba | =4.3.0 | |
| Samba Samba | =4.3.1 | |
| Samba Samba | =4.3.2 | |
| Samba Samba | =4.3.3 | |
| Samba Samba | =4.3.4 | |
| Samba Samba | =4.3.5 | |
| Samba Samba | =4.3.6 | |
| Samba Samba | =4.4.0 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =15.10 | |
| Canonical Ubuntu Linux | =16.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://badlock.org/
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
- http://rhn.redhat.com/errata/RHSA-2016-0611.html
- http://rhn.redhat.com/errata/RHSA-2016-0612.html
- http://rhn.redhat.com/errata/RHSA-2016-0613.html
- http://rhn.redhat.com/errata/RHSA-2016-0614.html
- http://rhn.redhat.com/errata/RHSA-2016-0618.html
- http://rhn.redhat.com/errata/RHSA-2016-0619.html
- http://rhn.redhat.com/errata/RHSA-2016-0620.html
- http://rhn.redhat.com/errata/RHSA-2016-0624.html
- http://www.debian.org/security/2016/dsa-3548
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.securitytracker.com/id/1035533
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012
- http://www.ubuntu.com/usn/USN-2950-1
- http://www.ubuntu.com/usn/USN-2950-2
- http://www.ubuntu.com/usn/USN-2950-3
- http://www.ubuntu.com/usn/USN-2950-4
- http://www.ubuntu.com/usn/USN-2950-5
- https://bto.bluecoat.com/security-advisory/sa122
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05087821
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05082964
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399
- https://security.gentoo.org/glsa/201612-47
- https://www.samba.org/samba/history/samba-4.2.10.html
- https://www.samba.org/samba/latest_news.html#4.4.2
- https://www.samba.org/samba/security/CVE-2016-2112.html
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/event
- agent/references
- agent/type
- agent/description
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/samba
- canonical/samba samba
- version/samba samba/3.0.0
- version/samba samba/3.0.1
- version/samba samba/3.0.2
- version/samba samba/3.0.2-a
- version/samba samba/3.0.2a
- version/samba samba/3.0.3
- version/samba samba/3.0.4
- version/samba samba/3.0.4-rc1
- version/samba samba/3.0.5
- version/samba samba/3.0.6
- version/samba samba/3.0.7
- version/samba samba/3.0.8
- version/samba samba/3.0.9
- version/samba samba/3.0.10
- version/samba samba/3.0.11
- version/samba samba/3.0.12
- version/samba samba/3.0.13
- version/samba samba/3.0.14
- version/samba samba/3.0.14-a
- version/samba samba/3.0.14a
- version/samba samba/3.0.15
- version/samba samba/3.0.16
- version/samba samba/3.0.17
- version/samba samba/3.0.18
- version/samba samba/3.0.19
- version/samba samba/3.0.20
- version/samba samba/3.0.20-a
- version/samba samba/3.0.20-b
- version/samba samba/3.0.20a
- version/samba samba/3.0.20b
- version/samba samba/3.0.21
- version/samba samba/3.0.21-a
- version/samba samba/3.0.21-b
- version/samba samba/3.0.21-c
- version/samba samba/3.0.21a
- version/samba samba/3.0.21b
- version/samba samba/3.0.21c
- version/samba samba/3.0.22
- version/samba samba/3.0.23
- version/samba samba/3.0.23-a
- version/samba samba/3.0.23-b
- version/samba samba/3.0.23-c
- version/samba samba/3.0.23-d
- version/samba samba/3.0.23a
- version/samba samba/3.0.23b
- version/samba samba/3.0.23c
- version/samba samba/3.0.23d
- version/samba samba/3.0.24
- version/samba samba/3.0.25
- version/samba samba/3.0.25-a
- version/samba samba/3.0.25-b
- version/samba samba/3.0.25-c
- version/samba samba/3.0.25-pre1
- version/samba samba/3.0.25-pre2
- version/samba samba/3.0.25-rc1
- version/samba samba/3.0.25-rc2
- version/samba samba/3.0.25-rc3
- version/samba samba/3.0.25a
- version/samba samba/3.0.25b
- version/samba samba/3.0.25c
- version/samba samba/3.0.26
- version/samba samba/3.0.26-a
- version/samba samba/3.0.26a
- version/samba samba/3.0.27
- version/samba samba/3.0.27-a
- version/samba samba/3.0.28
- version/samba samba/3.0.28-a
- version/samba samba/3.0.29
- version/samba samba/3.0.30
- version/samba samba/3.0.31
- version/samba samba/3.0.32
- version/samba samba/3.0.33
- version/samba samba/3.0.34
- version/samba samba/3.0.35
- version/samba samba/3.0.36
- version/samba samba/3.0.37
- version/samba samba/3.2.0
- version/samba samba/3.2.1
- version/samba samba/3.2.2
- version/samba samba/3.2.3
- version/samba samba/3.2.4
- version/samba samba/3.2.5
- version/samba samba/3.2.6
- version/samba samba/3.2.7
- version/samba samba/3.2.8
- version/samba samba/3.2.9
- version/samba samba/3.2.10
- version/samba samba/3.2.11
- version/samba samba/3.2.12
- version/samba samba/3.2.13
- version/samba samba/3.2.14
- version/samba samba/3.2.15
- version/samba samba/3.3.0
- version/samba samba/3.3.1
- version/samba samba/3.3.2
- version/samba samba/3.3.3
- version/samba samba/3.3.4
- version/samba samba/3.3.5
- version/samba samba/3.3.6
- version/samba samba/3.3.7
- version/samba samba/3.3.8
- version/samba samba/3.3.9
- version/samba samba/3.3.10
- version/samba samba/3.3.11
- version/samba samba/3.3.12
- version/samba samba/3.3.13
- version/samba samba/3.3.14
- version/samba samba/3.3.15
- version/samba samba/3.3.16
- version/samba samba/3.4.0
- version/samba samba/3.4.1
- version/samba samba/3.4.2
- version/samba samba/3.4.3
- version/samba samba/3.4.4
- version/samba samba/3.4.5
- version/samba samba/3.4.6
- version/samba samba/3.4.7
- version/samba samba/3.4.8
- version/samba samba/3.4.9
- version/samba samba/3.4.10
- version/samba samba/3.4.11
- version/samba samba/3.4.12
- version/samba samba/3.4.13
- version/samba samba/3.4.14
- version/samba samba/3.4.15
- version/samba samba/3.4.16
- version/samba samba/3.4.17
- version/samba samba/3.5.0
- version/samba samba/3.5.1
- version/samba samba/3.5.2
- version/samba samba/3.5.3
- version/samba samba/3.5.4
- version/samba samba/3.5.5
- version/samba samba/3.5.6
- version/samba samba/3.5.7
- version/samba samba/3.5.8
- version/samba samba/3.5.9
- version/samba samba/3.5.10
- version/samba samba/3.5.11
- version/samba samba/3.5.12
- version/samba samba/3.5.13
- version/samba samba/3.5.14
- version/samba samba/3.5.15
- version/samba samba/3.5.16
- version/samba samba/3.5.17
- version/samba samba/3.5.18
- version/samba samba/3.5.19
- version/samba samba/3.5.20
- version/samba samba/3.5.21
- version/samba samba/3.5.22
- version/samba samba/3.6.0
- version/samba samba/3.6.1
- version/samba samba/3.6.2
- version/samba samba/3.6.3
- version/samba samba/3.6.4
- version/samba samba/3.6.5
- version/samba samba/3.6.6
- version/samba samba/3.6.7
- version/samba samba/3.6.8
- version/samba samba/3.6.9
- version/samba samba/3.6.10
- version/samba samba/3.6.11
- version/samba samba/3.6.12
- version/samba samba/3.6.13
- version/samba samba/3.6.14
- version/samba samba/3.6.15
- version/samba samba/3.6.16
- version/samba samba/3.6.17
- version/samba samba/3.6.18
- version/samba samba/3.6.19
- version/samba samba/3.6.20
- version/samba samba/3.6.21
- version/samba samba/3.6.22
- version/samba samba/3.6.23
- version/samba samba/3.6.24
- version/samba samba/3.6.25
- version/samba samba/4.0.0
- version/samba samba/4.0.1
- version/samba samba/4.0.2
- version/samba samba/4.0.3
- version/samba samba/4.0.4
- version/samba samba/4.0.5
- version/samba samba/4.0.6
- version/samba samba/4.0.7
- version/samba samba/4.0.8
- version/samba samba/4.0.9
- version/samba samba/4.0.10
- version/samba samba/4.0.11
- version/samba samba/4.0.12
- version/samba samba/4.0.13
- version/samba samba/4.0.14
- version/samba samba/4.0.15
- version/samba samba/4.0.16
- version/samba samba/4.0.17
- version/samba samba/4.0.18
- version/samba samba/4.0.19
- version/samba samba/4.0.20
- version/samba samba/4.0.21
- version/samba samba/4.0.22
- version/samba samba/4.0.23
- version/samba samba/4.0.24
- version/samba samba/4.0.25
- version/samba samba/4.0.26
- version/samba samba/4.1.0
- version/samba samba/4.1.1
- version/samba samba/4.1.2
- version/samba samba/4.1.3
- version/samba samba/4.1.4
- version/samba samba/4.1.5
- version/samba samba/4.1.6
- version/samba samba/4.1.7
- version/samba samba/4.1.8
- version/samba samba/4.1.9
- version/samba samba/4.1.10
- version/samba samba/4.1.11
- version/samba samba/4.1.12
- version/samba samba/4.1.13
- version/samba samba/4.1.14
- version/samba samba/4.1.15
- version/samba samba/4.1.16
- version/samba samba/4.1.17
- version/samba samba/4.1.18
- version/samba samba/4.1.19
- version/samba samba/4.1.20
- version/samba samba/4.1.21
- version/samba samba/4.1.22
- version/samba samba/4.1.23
- version/samba samba/4.2.0-rc1
- version/samba samba/4.2.0-rc2
- version/samba samba/4.2.0-rc3
- version/samba samba/4.2.0-rc4
- version/samba samba/4.2.1
- version/samba samba/4.2.2
- version/samba samba/4.2.3
- version/samba samba/4.2.4
- version/samba samba/4.2.5
- version/samba samba/4.2.6
- version/samba samba/4.2.7
- version/samba samba/4.2.8
- version/samba samba/4.2.9
- version/samba samba/4.3.0
- version/samba samba/4.3.1
- version/samba samba/4.3.2
- version/samba samba/4.3.3
- version/samba samba/4.3.4
- version/samba samba/4.3.5
- version/samba samba/4.3.6
- version/samba samba/4.4.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/15.10
- version/canonical ubuntu linux/16.04