Wind River Support Network

HomeDefectsLIN5-21388
Fixed

LIN5-21388 : Security Advisory - samba - CVE-2016-2112

Created: Apr 25, 2016    Updated: May 29, 2018
Resolved Date: Jun 30, 2016
Found In Version: 5.0.1.35
Fix Version: 5.0.1.37
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the client ldap sasl wrapping setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112

Other Downloads


Live chat
Online