Amazon Linux AMI update for samba
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2016-2118 CVE-2016-2114 CVE-2016-2115 CVE-2016-2112 CVE-2016-2113 CVE-2016-2110 CVE-2016-2111 CVE-2015-5370 |
| CWE-ID | CWE-300 CWE-290 CWE-400 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Amazon Linux AMI Operating systems & Components / Operating system |
| Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Man-in-the-middle attack
EUVDB-ID: #VU241
Risk: High
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2118
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges on the system.
The vulnerability exists due to the acceptance of inadequate authentication levels by the Microsoft Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols. A remote attacker can gain elevated privileges on the system by using man-in-the-middle techniques to impersonate an authenticated user against the SAMR or LSAD service and gain access to the Security Account Manager (SAM) database.
Successful exploitation of this vulnerability may result in disclosere of sytem information.
Update the affected packages.
i686:Vulnerable software versions
ctdb-tests-4.2.10-6.33.amzn1.i686
libsmbclient-devel-4.2.10-6.33.amzn1.i686
samba-common-tools-4.2.10-6.33.amzn1.i686
samba-client-4.2.10-6.33.amzn1.i686
samba-winbind-4.2.10-6.33.amzn1.i686
ctdb-devel-4.2.10-6.33.amzn1.i686
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.i686
libsmbclient-4.2.10-6.33.amzn1.i686
samba-4.2.10-6.33.amzn1.i686
samba-client-libs-4.2.10-6.33.amzn1.i686
samba-libs-4.2.10-6.33.amzn1.i686
samba-common-libs-4.2.10-6.33.amzn1.i686
samba-devel-4.2.10-6.33.amzn1.i686
samba-test-devel-4.2.10-6.33.amzn1.i686
samba-winbind-modules-4.2.10-6.33.amzn1.i686
samba-test-libs-4.2.10-6.33.amzn1.i686
samba-debuginfo-4.2.10-6.33.amzn1.i686
samba-python-4.2.10-6.33.amzn1.i686
ctdb-4.2.10-6.33.amzn1.i686
libwbclient-devel-4.2.10-6.33.amzn1.i686
samba-winbind-clients-4.2.10-6.33.amzn1.i686
libwbclient-4.2.10-6.33.amzn1.i686
samba-test-4.2.10-6.33.amzn1.i686
noarch:
samba-pidl-4.2.10-6.33.amzn1.noarch
samba-common-4.2.10-6.33.amzn1.noarch
src:
samba-4.2.10-6.33.amzn1.src
x86_64:
libwbclient-4.2.10-6.33.amzn1.x86_64
samba-test-devel-4.2.10-6.33.amzn1.x86_64
samba-client-4.2.10-6.33.amzn1.x86_64
samba-test-libs-4.2.10-6.33.amzn1.x86_64
libwbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-4.2.10-6.33.amzn1.x86_64
ctdb-4.2.10-6.33.amzn1.x86_64
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.x86_64
samba-common-libs-4.2.10-6.33.amzn1.x86_64
ctdb-devel-4.2.10-6.33.amzn1.x86_64
libsmbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-python-4.2.10-6.33.amzn1.x86_64
samba-client-libs-4.2.10-6.33.amzn1.x86_64
samba-winbind-modules-4.2.10-6.33.amzn1.x86_64
samba-libs-4.2.10-6.33.amzn1.x86_64
samba-devel-4.2.10-6.33.amzn1.x86_64
samba-winbind-clients-4.2.10-6.33.amzn1.x86_64
libsmbclient-4.2.10-6.33.amzn1.x86_64
samba-winbind-4.2.10-6.33.amzn1.x86_64
samba-common-tools-4.2.10-6.33.amzn1.x86_64
samba-debuginfo-4.2.10-6.33.amzn1.x86_64
ctdb-tests-4.2.10-6.33.amzn1.x86_64
samba-test-4.2.10-6.33.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2016-686.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Man-in-the-middle attack
EUVDB-ID: #VU239
Risk: Medium
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2114
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to to bypass security restrictions.
The vulnerability exists due to the failure to enforce required smb signing. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to perform unauthorized actions.
Successful exploitation of this vulnerability may result in security restrictions bypass.
Update the affected packages.
i686:Vulnerable software versions
ctdb-tests-4.2.10-6.33.amzn1.i686
libsmbclient-devel-4.2.10-6.33.amzn1.i686
samba-common-tools-4.2.10-6.33.amzn1.i686
samba-client-4.2.10-6.33.amzn1.i686
samba-winbind-4.2.10-6.33.amzn1.i686
ctdb-devel-4.2.10-6.33.amzn1.i686
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.i686
libsmbclient-4.2.10-6.33.amzn1.i686
samba-4.2.10-6.33.amzn1.i686
samba-client-libs-4.2.10-6.33.amzn1.i686
samba-libs-4.2.10-6.33.amzn1.i686
samba-common-libs-4.2.10-6.33.amzn1.i686
samba-devel-4.2.10-6.33.amzn1.i686
samba-test-devel-4.2.10-6.33.amzn1.i686
samba-winbind-modules-4.2.10-6.33.amzn1.i686
samba-test-libs-4.2.10-6.33.amzn1.i686
samba-debuginfo-4.2.10-6.33.amzn1.i686
samba-python-4.2.10-6.33.amzn1.i686
ctdb-4.2.10-6.33.amzn1.i686
libwbclient-devel-4.2.10-6.33.amzn1.i686
samba-winbind-clients-4.2.10-6.33.amzn1.i686
libwbclient-4.2.10-6.33.amzn1.i686
samba-test-4.2.10-6.33.amzn1.i686
noarch:
samba-pidl-4.2.10-6.33.amzn1.noarch
samba-common-4.2.10-6.33.amzn1.noarch
src:
samba-4.2.10-6.33.amzn1.src
x86_64:
libwbclient-4.2.10-6.33.amzn1.x86_64
samba-test-devel-4.2.10-6.33.amzn1.x86_64
samba-client-4.2.10-6.33.amzn1.x86_64
samba-test-libs-4.2.10-6.33.amzn1.x86_64
libwbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-4.2.10-6.33.amzn1.x86_64
ctdb-4.2.10-6.33.amzn1.x86_64
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.x86_64
samba-common-libs-4.2.10-6.33.amzn1.x86_64
ctdb-devel-4.2.10-6.33.amzn1.x86_64
libsmbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-python-4.2.10-6.33.amzn1.x86_64
samba-client-libs-4.2.10-6.33.amzn1.x86_64
samba-winbind-modules-4.2.10-6.33.amzn1.x86_64
samba-libs-4.2.10-6.33.amzn1.x86_64
samba-devel-4.2.10-6.33.amzn1.x86_64
samba-winbind-clients-4.2.10-6.33.amzn1.x86_64
libsmbclient-4.2.10-6.33.amzn1.x86_64
samba-winbind-4.2.10-6.33.amzn1.x86_64
samba-common-tools-4.2.10-6.33.amzn1.x86_64
samba-debuginfo-4.2.10-6.33.amzn1.x86_64
ctdb-tests-4.2.10-6.33.amzn1.x86_64
samba-test-4.2.10-6.33.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2016-686.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Man-in-the-middle attack
EUVDB-ID: #VU240
Risk: Medium
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2115
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to to bypass security restrictions.
The vulnerability exists due to the failure to protect the integrity of SMB client connections for IPC traffic. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to perform unauthorized actions.
Successful exploitation of this vulnerability may result in security restrictions bypass.
Update the affected packages.
i686:Vulnerable software versions
ctdb-tests-4.2.10-6.33.amzn1.i686
libsmbclient-devel-4.2.10-6.33.amzn1.i686
samba-common-tools-4.2.10-6.33.amzn1.i686
samba-client-4.2.10-6.33.amzn1.i686
samba-winbind-4.2.10-6.33.amzn1.i686
ctdb-devel-4.2.10-6.33.amzn1.i686
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.i686
libsmbclient-4.2.10-6.33.amzn1.i686
samba-4.2.10-6.33.amzn1.i686
samba-client-libs-4.2.10-6.33.amzn1.i686
samba-libs-4.2.10-6.33.amzn1.i686
samba-common-libs-4.2.10-6.33.amzn1.i686
samba-devel-4.2.10-6.33.amzn1.i686
samba-test-devel-4.2.10-6.33.amzn1.i686
samba-winbind-modules-4.2.10-6.33.amzn1.i686
samba-test-libs-4.2.10-6.33.amzn1.i686
samba-debuginfo-4.2.10-6.33.amzn1.i686
samba-python-4.2.10-6.33.amzn1.i686
ctdb-4.2.10-6.33.amzn1.i686
libwbclient-devel-4.2.10-6.33.amzn1.i686
samba-winbind-clients-4.2.10-6.33.amzn1.i686
libwbclient-4.2.10-6.33.amzn1.i686
samba-test-4.2.10-6.33.amzn1.i686
noarch:
samba-pidl-4.2.10-6.33.amzn1.noarch
samba-common-4.2.10-6.33.amzn1.noarch
src:
samba-4.2.10-6.33.amzn1.src
x86_64:
libwbclient-4.2.10-6.33.amzn1.x86_64
samba-test-devel-4.2.10-6.33.amzn1.x86_64
samba-client-4.2.10-6.33.amzn1.x86_64
samba-test-libs-4.2.10-6.33.amzn1.x86_64
libwbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-4.2.10-6.33.amzn1.x86_64
ctdb-4.2.10-6.33.amzn1.x86_64
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.x86_64
samba-common-libs-4.2.10-6.33.amzn1.x86_64
ctdb-devel-4.2.10-6.33.amzn1.x86_64
libsmbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-python-4.2.10-6.33.amzn1.x86_64
samba-client-libs-4.2.10-6.33.amzn1.x86_64
samba-winbind-modules-4.2.10-6.33.amzn1.x86_64
samba-libs-4.2.10-6.33.amzn1.x86_64
samba-devel-4.2.10-6.33.amzn1.x86_64
samba-winbind-clients-4.2.10-6.33.amzn1.x86_64
libsmbclient-4.2.10-6.33.amzn1.x86_64
samba-winbind-4.2.10-6.33.amzn1.x86_64
samba-common-tools-4.2.10-6.33.amzn1.x86_64
samba-debuginfo-4.2.10-6.33.amzn1.x86_64
ctdb-tests-4.2.10-6.33.amzn1.x86_64
samba-test-4.2.10-6.33.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2016-686.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Man-in-the-middle attack
EUVDB-ID: #VU237
Risk: Medium
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2112
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to the failure to enforce integrity protection by the LDAP client and server. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to downgrade LDAP connections.
Successful exploitation of this vulnerability may result in security restrictions bypass.
Update the affected packages.
i686:Vulnerable software versions
ctdb-tests-4.2.10-6.33.amzn1.i686
libsmbclient-devel-4.2.10-6.33.amzn1.i686
samba-common-tools-4.2.10-6.33.amzn1.i686
samba-client-4.2.10-6.33.amzn1.i686
samba-winbind-4.2.10-6.33.amzn1.i686
ctdb-devel-4.2.10-6.33.amzn1.i686
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.i686
libsmbclient-4.2.10-6.33.amzn1.i686
samba-4.2.10-6.33.amzn1.i686
samba-client-libs-4.2.10-6.33.amzn1.i686
samba-libs-4.2.10-6.33.amzn1.i686
samba-common-libs-4.2.10-6.33.amzn1.i686
samba-devel-4.2.10-6.33.amzn1.i686
samba-test-devel-4.2.10-6.33.amzn1.i686
samba-winbind-modules-4.2.10-6.33.amzn1.i686
samba-test-libs-4.2.10-6.33.amzn1.i686
samba-debuginfo-4.2.10-6.33.amzn1.i686
samba-python-4.2.10-6.33.amzn1.i686
ctdb-4.2.10-6.33.amzn1.i686
libwbclient-devel-4.2.10-6.33.amzn1.i686
samba-winbind-clients-4.2.10-6.33.amzn1.i686
libwbclient-4.2.10-6.33.amzn1.i686
samba-test-4.2.10-6.33.amzn1.i686
noarch:
samba-pidl-4.2.10-6.33.amzn1.noarch
samba-common-4.2.10-6.33.amzn1.noarch
src:
samba-4.2.10-6.33.amzn1.src
x86_64:
libwbclient-4.2.10-6.33.amzn1.x86_64
samba-test-devel-4.2.10-6.33.amzn1.x86_64
samba-client-4.2.10-6.33.amzn1.x86_64
samba-test-libs-4.2.10-6.33.amzn1.x86_64
libwbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-4.2.10-6.33.amzn1.x86_64
ctdb-4.2.10-6.33.amzn1.x86_64
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.x86_64
samba-common-libs-4.2.10-6.33.amzn1.x86_64
ctdb-devel-4.2.10-6.33.amzn1.x86_64
libsmbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-python-4.2.10-6.33.amzn1.x86_64
samba-client-libs-4.2.10-6.33.amzn1.x86_64
samba-winbind-modules-4.2.10-6.33.amzn1.x86_64
samba-libs-4.2.10-6.33.amzn1.x86_64
samba-devel-4.2.10-6.33.amzn1.x86_64
samba-winbind-clients-4.2.10-6.33.amzn1.x86_64
libsmbclient-4.2.10-6.33.amzn1.x86_64
samba-winbind-4.2.10-6.33.amzn1.x86_64
samba-common-tools-4.2.10-6.33.amzn1.x86_64
samba-debuginfo-4.2.10-6.33.amzn1.x86_64
ctdb-tests-4.2.10-6.33.amzn1.x86_64
samba-test-4.2.10-6.33.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2016-686.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Man-in-the-middle attack
EUVDB-ID: #VU238
Risk: Medium
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2113
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to to bypass security restrictions.
The vulnerability exists due to the failure to validate TLS certificates. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to perform unauthorized actions.
Successful exploitation of this vulnerability may result in security restrictions bypass.
Update the affected packages.
i686:Vulnerable software versions
ctdb-tests-4.2.10-6.33.amzn1.i686
libsmbclient-devel-4.2.10-6.33.amzn1.i686
samba-common-tools-4.2.10-6.33.amzn1.i686
samba-client-4.2.10-6.33.amzn1.i686
samba-winbind-4.2.10-6.33.amzn1.i686
ctdb-devel-4.2.10-6.33.amzn1.i686
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.i686
libsmbclient-4.2.10-6.33.amzn1.i686
samba-4.2.10-6.33.amzn1.i686
samba-client-libs-4.2.10-6.33.amzn1.i686
samba-libs-4.2.10-6.33.amzn1.i686
samba-common-libs-4.2.10-6.33.amzn1.i686
samba-devel-4.2.10-6.33.amzn1.i686
samba-test-devel-4.2.10-6.33.amzn1.i686
samba-winbind-modules-4.2.10-6.33.amzn1.i686
samba-test-libs-4.2.10-6.33.amzn1.i686
samba-debuginfo-4.2.10-6.33.amzn1.i686
samba-python-4.2.10-6.33.amzn1.i686
ctdb-4.2.10-6.33.amzn1.i686
libwbclient-devel-4.2.10-6.33.amzn1.i686
samba-winbind-clients-4.2.10-6.33.amzn1.i686
libwbclient-4.2.10-6.33.amzn1.i686
samba-test-4.2.10-6.33.amzn1.i686
noarch:
samba-pidl-4.2.10-6.33.amzn1.noarch
samba-common-4.2.10-6.33.amzn1.noarch
src:
samba-4.2.10-6.33.amzn1.src
x86_64:
libwbclient-4.2.10-6.33.amzn1.x86_64
samba-test-devel-4.2.10-6.33.amzn1.x86_64
samba-client-4.2.10-6.33.amzn1.x86_64
samba-test-libs-4.2.10-6.33.amzn1.x86_64
libwbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-4.2.10-6.33.amzn1.x86_64
ctdb-4.2.10-6.33.amzn1.x86_64
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.x86_64
samba-common-libs-4.2.10-6.33.amzn1.x86_64
ctdb-devel-4.2.10-6.33.amzn1.x86_64
libsmbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-python-4.2.10-6.33.amzn1.x86_64
samba-client-libs-4.2.10-6.33.amzn1.x86_64
samba-winbind-modules-4.2.10-6.33.amzn1.x86_64
samba-libs-4.2.10-6.33.amzn1.x86_64
samba-devel-4.2.10-6.33.amzn1.x86_64
samba-winbind-clients-4.2.10-6.33.amzn1.x86_64
libsmbclient-4.2.10-6.33.amzn1.x86_64
samba-winbind-4.2.10-6.33.amzn1.x86_64
samba-common-tools-4.2.10-6.33.amzn1.x86_64
samba-debuginfo-4.2.10-6.33.amzn1.x86_64
ctdb-tests-4.2.10-6.33.amzn1.x86_64
samba-test-4.2.10-6.33.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2016-686.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Man-in-the-middle attack
EUVDB-ID: #VU235
Risk: Medium
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2110
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to the failure to protect the feature negotiation of NTLMSSP from a downgrade. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to clear NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL flags and perform downgrade attacks.
Successful exploitation of this vulnerability may result in security restrictions bypass.
Update the affected packages.
i686:Vulnerable software versions
ctdb-tests-4.2.10-6.33.amzn1.i686
libsmbclient-devel-4.2.10-6.33.amzn1.i686
samba-common-tools-4.2.10-6.33.amzn1.i686
samba-client-4.2.10-6.33.amzn1.i686
samba-winbind-4.2.10-6.33.amzn1.i686
ctdb-devel-4.2.10-6.33.amzn1.i686
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.i686
libsmbclient-4.2.10-6.33.amzn1.i686
samba-4.2.10-6.33.amzn1.i686
samba-client-libs-4.2.10-6.33.amzn1.i686
samba-libs-4.2.10-6.33.amzn1.i686
samba-common-libs-4.2.10-6.33.amzn1.i686
samba-devel-4.2.10-6.33.amzn1.i686
samba-test-devel-4.2.10-6.33.amzn1.i686
samba-winbind-modules-4.2.10-6.33.amzn1.i686
samba-test-libs-4.2.10-6.33.amzn1.i686
samba-debuginfo-4.2.10-6.33.amzn1.i686
samba-python-4.2.10-6.33.amzn1.i686
ctdb-4.2.10-6.33.amzn1.i686
libwbclient-devel-4.2.10-6.33.amzn1.i686
samba-winbind-clients-4.2.10-6.33.amzn1.i686
libwbclient-4.2.10-6.33.amzn1.i686
samba-test-4.2.10-6.33.amzn1.i686
noarch:
samba-pidl-4.2.10-6.33.amzn1.noarch
samba-common-4.2.10-6.33.amzn1.noarch
src:
samba-4.2.10-6.33.amzn1.src
x86_64:
libwbclient-4.2.10-6.33.amzn1.x86_64
samba-test-devel-4.2.10-6.33.amzn1.x86_64
samba-client-4.2.10-6.33.amzn1.x86_64
samba-test-libs-4.2.10-6.33.amzn1.x86_64
libwbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-4.2.10-6.33.amzn1.x86_64
ctdb-4.2.10-6.33.amzn1.x86_64
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.x86_64
samba-common-libs-4.2.10-6.33.amzn1.x86_64
ctdb-devel-4.2.10-6.33.amzn1.x86_64
libsmbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-python-4.2.10-6.33.amzn1.x86_64
samba-client-libs-4.2.10-6.33.amzn1.x86_64
samba-winbind-modules-4.2.10-6.33.amzn1.x86_64
samba-libs-4.2.10-6.33.amzn1.x86_64
samba-devel-4.2.10-6.33.amzn1.x86_64
samba-winbind-clients-4.2.10-6.33.amzn1.x86_64
libsmbclient-4.2.10-6.33.amzn1.x86_64
samba-winbind-4.2.10-6.33.amzn1.x86_64
samba-common-tools-4.2.10-6.33.amzn1.x86_64
samba-debuginfo-4.2.10-6.33.amzn1.x86_64
ctdb-tests-4.2.10-6.33.amzn1.x86_64
samba-test-4.2.10-6.33.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2016-686.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Man-in-the-middle attack
EUVDB-ID: #VU236
Risk: Medium
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2111
CWE-ID:
CWE-290 - Authentication Bypass by Spoofing
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to to conduct spoofing attacks.
The vulnerability exists due to an error in the NETLOGON service when a Domain Controller is configured. A remote unauthenticated attacker can conduct spoofing attacks by using a specially crafted application to connect to another domain joined system and access session-related information of the spoofed computer.
Successful exploitation of this vulnerability may result in disclosure of user information.
Update the affected packages.
i686:Vulnerable software versions
ctdb-tests-4.2.10-6.33.amzn1.i686
libsmbclient-devel-4.2.10-6.33.amzn1.i686
samba-common-tools-4.2.10-6.33.amzn1.i686
samba-client-4.2.10-6.33.amzn1.i686
samba-winbind-4.2.10-6.33.amzn1.i686
ctdb-devel-4.2.10-6.33.amzn1.i686
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.i686
libsmbclient-4.2.10-6.33.amzn1.i686
samba-4.2.10-6.33.amzn1.i686
samba-client-libs-4.2.10-6.33.amzn1.i686
samba-libs-4.2.10-6.33.amzn1.i686
samba-common-libs-4.2.10-6.33.amzn1.i686
samba-devel-4.2.10-6.33.amzn1.i686
samba-test-devel-4.2.10-6.33.amzn1.i686
samba-winbind-modules-4.2.10-6.33.amzn1.i686
samba-test-libs-4.2.10-6.33.amzn1.i686
samba-debuginfo-4.2.10-6.33.amzn1.i686
samba-python-4.2.10-6.33.amzn1.i686
ctdb-4.2.10-6.33.amzn1.i686
libwbclient-devel-4.2.10-6.33.amzn1.i686
samba-winbind-clients-4.2.10-6.33.amzn1.i686
libwbclient-4.2.10-6.33.amzn1.i686
samba-test-4.2.10-6.33.amzn1.i686
noarch:
samba-pidl-4.2.10-6.33.amzn1.noarch
samba-common-4.2.10-6.33.amzn1.noarch
src:
samba-4.2.10-6.33.amzn1.src
x86_64:
libwbclient-4.2.10-6.33.amzn1.x86_64
samba-test-devel-4.2.10-6.33.amzn1.x86_64
samba-client-4.2.10-6.33.amzn1.x86_64
samba-test-libs-4.2.10-6.33.amzn1.x86_64
libwbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-4.2.10-6.33.amzn1.x86_64
ctdb-4.2.10-6.33.amzn1.x86_64
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.x86_64
samba-common-libs-4.2.10-6.33.amzn1.x86_64
ctdb-devel-4.2.10-6.33.amzn1.x86_64
libsmbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-python-4.2.10-6.33.amzn1.x86_64
samba-client-libs-4.2.10-6.33.amzn1.x86_64
samba-winbind-modules-4.2.10-6.33.amzn1.x86_64
samba-libs-4.2.10-6.33.amzn1.x86_64
samba-devel-4.2.10-6.33.amzn1.x86_64
samba-winbind-clients-4.2.10-6.33.amzn1.x86_64
libsmbclient-4.2.10-6.33.amzn1.x86_64
samba-winbind-4.2.10-6.33.amzn1.x86_64
samba-common-tools-4.2.10-6.33.amzn1.x86_64
samba-debuginfo-4.2.10-6.33.amzn1.x86_64
ctdb-tests-4.2.10-6.33.amzn1.x86_64
samba-test-4.2.10-6.33.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2016-686.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Resource exhaustion
EUVDB-ID: #VU234
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-5370
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper validation of DCE-RPC packets by the DCE-RPC client and server implementations. A remote attacker can downgrade a secure connection to an insecure one and consume a large amount of CPU resources by using man-in-the-middle techniques.
Successful exploitation of this vulnerability may result in a a denial of service.
Update the affected packages.
i686:Vulnerable software versions
ctdb-tests-4.2.10-6.33.amzn1.i686
libsmbclient-devel-4.2.10-6.33.amzn1.i686
samba-common-tools-4.2.10-6.33.amzn1.i686
samba-client-4.2.10-6.33.amzn1.i686
samba-winbind-4.2.10-6.33.amzn1.i686
ctdb-devel-4.2.10-6.33.amzn1.i686
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.i686
libsmbclient-4.2.10-6.33.amzn1.i686
samba-4.2.10-6.33.amzn1.i686
samba-client-libs-4.2.10-6.33.amzn1.i686
samba-libs-4.2.10-6.33.amzn1.i686
samba-common-libs-4.2.10-6.33.amzn1.i686
samba-devel-4.2.10-6.33.amzn1.i686
samba-test-devel-4.2.10-6.33.amzn1.i686
samba-winbind-modules-4.2.10-6.33.amzn1.i686
samba-test-libs-4.2.10-6.33.amzn1.i686
samba-debuginfo-4.2.10-6.33.amzn1.i686
samba-python-4.2.10-6.33.amzn1.i686
ctdb-4.2.10-6.33.amzn1.i686
libwbclient-devel-4.2.10-6.33.amzn1.i686
samba-winbind-clients-4.2.10-6.33.amzn1.i686
libwbclient-4.2.10-6.33.amzn1.i686
samba-test-4.2.10-6.33.amzn1.i686
noarch:
samba-pidl-4.2.10-6.33.amzn1.noarch
samba-common-4.2.10-6.33.amzn1.noarch
src:
samba-4.2.10-6.33.amzn1.src
x86_64:
libwbclient-4.2.10-6.33.amzn1.x86_64
samba-test-devel-4.2.10-6.33.amzn1.x86_64
samba-client-4.2.10-6.33.amzn1.x86_64
samba-test-libs-4.2.10-6.33.amzn1.x86_64
libwbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-4.2.10-6.33.amzn1.x86_64
ctdb-4.2.10-6.33.amzn1.x86_64
samba-winbind-krb5-locator-4.2.10-6.33.amzn1.x86_64
samba-common-libs-4.2.10-6.33.amzn1.x86_64
ctdb-devel-4.2.10-6.33.amzn1.x86_64
libsmbclient-devel-4.2.10-6.33.amzn1.x86_64
samba-python-4.2.10-6.33.amzn1.x86_64
samba-client-libs-4.2.10-6.33.amzn1.x86_64
samba-winbind-modules-4.2.10-6.33.amzn1.x86_64
samba-libs-4.2.10-6.33.amzn1.x86_64
samba-devel-4.2.10-6.33.amzn1.x86_64
samba-winbind-clients-4.2.10-6.33.amzn1.x86_64
libsmbclient-4.2.10-6.33.amzn1.x86_64
samba-winbind-4.2.10-6.33.amzn1.x86_64
samba-common-tools-4.2.10-6.33.amzn1.x86_64
samba-debuginfo-4.2.10-6.33.amzn1.x86_64
ctdb-tests-4.2.10-6.33.amzn1.x86_64
samba-test-4.2.10-6.33.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2016-686.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
