CVE-2015-5296

Priority
Description
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3
supports connections that are encrypted but unsigned, which allows
man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade
attacks by modifying the client-server data stream, related to clidfs.c,
libsmb_server.c, and smbXcli_base.c.
Assigned-to
mdeslaur
Notes
mdeslaur3.2.0 to 4.3.2
3.6 patch in upstream bug
Package
Source: samba (LP Ubuntu Debian)
Upstream:released (4.3.3,4.2.7,4.1.22)
Ubuntu 12.04 ESM (Precise Pangolin):released (2:3.6.3-2ubuntu2.13)
Ubuntu 14.04 ESM (Trusty Tahr):released (2:4.1.6+dfsg-1ubuntu2.14.04.11)
Ubuntu 16.04 LTS (Xenial Xerus):released (2:4.3.3+dfsg-1ubuntu1)
Patches:
Upstream:https://git.samba.org/?p=samba.git;a=commit;h=d9e943e351a752ba627314da7fb8d2f6f1eb44b3 (4.1)
Upstream:https://git.samba.org/?p=samba.git;a=commit;h=4c3a492259ceefe3d02df690d4369291627883a2 (4.1)
Upstream:https://git.samba.org/?p=samba.git;a=commit;h=c634a143a876bd5a724d830c54fe12ef6d68d5fd (4.1)
Package
Upstream:released (4.3.3,4.2.7,4.1.22)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-12-05 18:42:21 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)