CVE-2016-2119

Name of the Vulnerable Software and Affected Versions Samba versions 4.2.14 and earlier, 4.3.11 and earlier, 4.4.5 and earlier Samba versions prior to 4.2.14 Samba versions prior to 4.3.11 Samba versions prior to 4.4.5

Description The issue allows man-in-the-middle attackers to bypass a client-signing protection mechanism and consequently spoof SMB2 and SMB3 servers via the SMB2 SESSION FLAG IS GUEST or SMB2 SESSION FLAG IS NULL flag. This is related to a function in libcli/smb/smbXcli base.c that is associated with inadequate access control. The exploitation of this issue may enable a remote attacker to substitute SMB2 and SMB3 server protocols using the SMB2 SESSION FLAG IS GUEST or SMB2 SESSION FLAG IS NULL flags.

Recommendations For Samba versions prior to 4.2.14, update to version 4.2.14 or later. For Samba versions prior to 4.3.11, update to version 4.3.11 or later. For Samba versions prior to 4.4.5, update to version 4.4.5 or later. As a temporary workaround, consider restricting access to the libcli/smb/smbXcli base.c function until a patch is available. Avoid using the SMB2 SESSION FLAG IS GUEST or SMB2 SESSION FLAG IS NULL flags in the affected API endpoints until the issue is resolved.