SUSE-SU-2016:1023-1 -- SLES ldapsmb, libldb1, libsmbclient0, libtalloc2, libtdb1, libtevent0, libwbclient0, sambaID: oval:org.secpod.oval:def:89045232 | Date: (C)2021-08-03 (M)2023-12-07 |
Class: PATCH | Family: unix |
samba was updated to fix seven security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks . - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication . - CVE-2016-2111: Domain controller netlogon member computer could have been spoofed . - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack . - CVE-2016-2113: TLS certificate validation were missing . - CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks . - CVE-2016-2118: Badlock DCERPC impersonation of authenticated account were possible . These non-security issues were fixed: - bsc#967017: Fix leaking memory in libsmbclient in cli_set_mntpoint function - Getting and setting Windows ACLs on symlinks can change permissions on link
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
ldapsmb |
libldb1 |
libsmbclient0 |
libtalloc2 |
libtdb1 |
libtevent0 |
libwbclient0 |
samba |