Description
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
CVSS breakdown
CVSS 3.0
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Affected products
- Unknown / samba4.5.3 – 4.5.3
- Unknown / samba4.4.8 – 4.4.8
- Unknown / samba4.3.13 – 4.3.13
References
- MISChttp://rhn.redhat.com/errata/RHSA-2017-0495.html
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2125
- MISChttp://rhn.redhat.com/errata/RHSA-2017-0494.html
- MISChttp://www.securitytracker.com/id/1037494
- VENDOR_ADVISORYhttps://access.redhat.com/errata/RHSA-2017:1265
- MISChttp://www.securityfocus.com/bid/94988
- MISChttps://www.samba.org/samba/security/CVE-2016-2125.html
- MISChttp://rhn.redhat.com/errata/RHSA-2017-0744.html
- MISChttp://rhn.redhat.com/errata/RHSA-2017-0662.html