CVE-2016-2110

Name of the Vulnerable Software and Affected Versions Samba versions 3.x through 4.1.x Samba versions 4.2.0 through 4.2.10 Samba versions 4.3.0 through 4.3.7 Samba versions 4.4.0 through 4.4.1

Description The issue is related to the NTLMSSP authentication implementation, allowing man-in-the-middle attackers to perform protocol-downgrade attacks. This can be achieved by modifying the client-server data stream to remove application-layer flags or encryption settings, such as clearing the NTLMSSP NEGOTIATE SEAL or NTLMSSP NEGOTIATE SIGN option, which can disrupt LDAP security. The vulnerability is associated with security weaknesses in the Samba package, potentially allowing a remote attacker to impact data integrity.

Recommendations For Samba versions 3.x, update to version 4.2.11 or later. For Samba versions 4.2.x, update to version 4.2.11 or later. For Samba versions 4.3.x, update to version 4.3.8 or later. For Samba versions 4.4.x, update to version 4.4.2 or later.