CVE-2016-2126

Name of the Vulnerable Software and Affected Versions Samba versions 4.0.0 through 4.5.2

Description The issue is related to the incorrect handling of the PAC (Privilege Attribute Certificate) checksum in the implementation of the Kerberos protocol in Samba. This can be exploited by a remote, authenticated attacker to cause the winbindd process to crash using a legitimate Kerberos ticket, potentially leading to privilege elevation. A local service with access to the winbindd privileged pipe can also cause winbindd to cache elevated access permissions, further exacerbating the issue. The vulnerability can result in a denial of service and potentially allow an attacker to gain elevated privileges.

Recommendations For Samba versions 4.0.0 through 4.5.2, consider restricting access to the winbindd privileged pipe to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider disabling the use of Kerberos tickets in the affected Samba versions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.