CVE-2016-2111

Name of the Vulnerable Software and Affected Versions Samba versions 3.x through 4.4.x before 4.4.2 Samba versions 4.3.x before 4.3.8 Samba versions 4.2.x before 4.2.11

Description The issue is related to security flaws in the NETLOGON service of the Samba network interaction software package. It allows a remote attacker to exploit the vulnerability, potentially gaining access to confidential data and compromising its integrity. The vulnerability can be exploited by running a crafted application and leveraging the ability to sniff network traffic, which enables the attacker to spoof the computer name of a secure channel's endpoint and obtain sensitive session information.

Recommendations For Samba versions 3.x through 4.4.x before 4.4.2, update to version 4.4.2 or later. For Samba versions 4.3.x before 4.3.8, update to version 4.3.8 or later. For Samba versions 4.2.x before 4.2.11, update to version 4.2.11 or later.