CVE 2016-2125
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
Related bugs and status
CVE-2016-2125 (Candidate) is related to these bugs:
Bug #1584485: Upgrading samba to latest security fixes together with winbind in nsswitch.conf can harm entire OS
Bug #1635491: nmbd hangs on service start if only the loopback interface is configured
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1635491 | nmbd hangs on service start if only the loopback interface is configured | samba (Ubuntu) | High | Fix Released | ||
| 1635491 | nmbd hangs on service start if only the loopback interface is configured | samba (Debian) | Unknown | Fix Released | ||
Bug #1639962: smbd crashed on startup with newest libtevent
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1639962 | smbd crashed on startup with newest libtevent | samba (Ubuntu) | Critical | Fix Released | ||
| 1639962 | smbd crashed on startup with newest libtevent | samba | Unknown | Unknown | ||
Bug #1659707: Please merge with Debian unstable 2:4.5.4+dfsg-1
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1659707 | Please merge with Debian unstable 2:4.5.4+dfsg-1 | samba (Ubuntu) | High | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
