Launchpad.net

CVE 2016-2115

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.

Related bugs and status

CVE-2016-2115 (Candidate) is related to these bugs:

Bug #1566348: Patch the Badlock bug in the initial release of Ubuntu 16.04

Summary				In	Importance	Status
	1566348	Patch the Badlock bug in the initial release of Ubuntu 16.04		samba (Ubuntu)	High	Fix Released

Bug #1572122: Samba upgrade to 3.6.25-0ubuntu0.12.04.2 break domain authentication

		In	Importance	Status
1572122	Samba upgrade to 3.6.25-0ubuntu0.12.04.2 break domain authentication	samba (Ubuntu)	Undecided	Fix Released
1572122	Samba upgrade to 3.6.25-0ubuntu0.12.04.2 break domain authentication	samba (Debian)	Unknown	Fix Released
1572122	Samba upgrade to 3.6.25-0ubuntu0.12.04.2 break domain authentication	samba (CentOS)	Undecided	Fix Released

Bug #1574403: Get an error 255 when trying to share a folder in Ubuntu 12.04.

Summary				In	Importance	Status
	1574403	Get an error 255 when trying to share a folder in Ubuntu 12.04.		samba (Ubuntu)	Undecided	Fix Released
	1574403	Get an error 255 when trying to share a folder in Ubuntu 12.04.		samba (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-2115

Related bugs and status

Related bugs

References