Man-in-the-middle attack in Samba - CVE-2016-2118
Published: July 29, 2016 / Updated: November 22, 2018
Vulnerability identifier: #VU241
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2016-2118
CWE-ID: CWE-300
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Samba
Affected software:
Samba
Samba
Detailed vulnerability description
The vulnerability allows a remote attacker to gain elevated privileges on the system.
The vulnerability exists due to the acceptance of inadequate authentication levels by the Microsoft Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols. A remote attacker can gain elevated privileges on the system by using man-in-the-middle techniques to impersonate an authenticated user against the SAMR or LSAD service and gain access to the Security Account Manager (SAM) database.
Successful exploitation of this vulnerability may result in disclosere of sytem information.
The vulnerability exists due to the acceptance of inadequate authentication levels by the Microsoft Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols. A remote attacker can gain elevated privileges on the system by using man-in-the-middle techniques to impersonate an authenticated user against the SAMR or LSAD service and gain access to the Security Account Manager (SAM) database.
Successful exploitation of this vulnerability may result in disclosere of sytem information.
How to mitigate CVE-2016-2118
Install Samba 4.4.2, 4.3.8 and 4.2.11