CVE-2016-2126

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2017-0494.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0495.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0662.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0744.html	Third Party Advisory
http://www.securityfocus.com/bid/94994	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037495	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2017:1265	Third Party Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730	Third Party Advisory
https://www.samba.org/samba/security/CVE-2016-2126.html	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:samba:samba::::::::
	cpe:2.3:a:samba:samba::::::::
	cpe:2.3:a:samba:samba::::::::

History

29 Aug 2022, 20:02

Type	Values Removed	Values Added
CPE	cpe:2.3:a:samba:samba:4.0.21:::::::* cpe:2.3:a:samba:samba:4.0.9:::::::* cpe:2.3:a:samba:samba:4.2.5:::::::* cpe:2.3:a:samba:samba:4.3.10:::::::* cpe:2.3:a:samba:samba:4.0.16:::::::* cpe:2.3:a:samba:samba:4.0.13:::::::* cpe:2.3:a:samba:samba:4.1.8:::::::* cpe:2.3:a:samba:samba:4.3.4:::::::* cpe:2.3:a:samba:samba:4.1.9:::::::* cpe:2.3:a:samba:samba:4.4.0:rc3:::::: cpe:2.3:a:samba:samba:4.0.25:::::::* cpe:2.3:a:samba:samba:4.1.22:::::::* cpe:2.3:a:samba:samba:4.2.0:rc2:::::: cpe:2.3:a:samba:samba:4.2.0:rc1:::::: cpe:2.3:a:samba:samba:4.2.6:::::::* cpe:2.3:a:samba:samba:4.0.4:::::::* cpe:2.3:a:samba:samba:4.0.6:::::::* cpe:2.3:a:samba:samba:4.3.7:::::::* cpe:2.3:a:samba:samba:4.4.0:rc2:::::: cpe:2.3:a:samba:samba:4.2.0:rc3:::::: cpe:2.3:a:samba:samba:4.3.2:::::::* cpe:2.3:a:samba:samba:4.0.12:::::::* cpe:2.3:a:samba:samba:4.3.11:::::::* cpe:2.3:a:samba:samba:4.4.2:::::::* cpe:2.3:a:samba:samba:4.0.10:::::::* cpe:2.3:a:samba:samba:4.4.10:::::::* cpe:2.3:a:samba:samba:4.4.0:rc1:::::: cpe:2.3:a:samba:samba:4.1.0:::::::* cpe:2.3:a:samba:samba:4.4.4:::::::* cpe:2.3:a:samba:samba:4.4.13:::::::* cpe:2.3:a:samba:samba:4.2.4:::::::* cpe:2.3:a:samba:samba:4.0.3:::::::* cpe:2.3:a:samba:samba:4.3.5:::::::* cpe:2.3:a:samba:samba:4.1.17:::::::* cpe:2.3:a:samba:samba:4.1.20:::::::* cpe:2.3:a:samba:samba:4.1.12:::::::* cpe:2.3:a:samba:samba:4.1.23:::::::* cpe:2.3:a:samba:samba:4.2.7:::::::* cpe:2.3:a:samba:samba:4.1.11:::::::* cpe:2.3:a:samba:samba:4.0.8:::::::* cpe:2.3:a:samba:samba:4.0.19:::::::* cpe:2.3:a:samba:samba:4.1.14:::::::* cpe:2.3:a:samba:samba:4.2.9:::::::* cpe:2.3:a:samba:samba:4.2.10:::::::* cpe:2.3:a:samba:samba:4.4.12:::::::* cpe:2.3:a:samba:samba:4.1.13:::::::* cpe:2.3:a:samba:samba:4.4.5:::::::* cpe:2.3:a:samba:samba:4.3.3:::::::* cpe:2.3:a:samba:samba:4.1.15:::::::* cpe:2.3:a:samba:samba:4.2.3:::::::* cpe:2.3:a:samba:samba:4.2.13:::::::* cpe:2.3:a:samba:samba:4.2.11:::::::* cpe:2.3:a:samba:samba:4.1.21:::::::* cpe:2.3:a:samba:samba:4.2.2:::::::* cpe:2.3:a:samba:samba:4.2.12:::::::* cpe:2.3:a:samba:samba:4.0.7:::::::* cpe:2.3:a:samba:samba:4.0.24:::::::* cpe:2.3:a:samba:samba:4.0.14:::::::* cpe:2.3:a:samba:samba:4.3.9:::::::* cpe:2.3:a:samba:samba:4.1.6:::::::* cpe:2.3:a:samba:samba:4.0.18:::::::* cpe:2.3:a:samba:samba:4.1.18:::::::* cpe:2.3:a:samba:samba:4.1.5:::::::* cpe:2.3:a:samba:samba:4.2.1:::::::* cpe:2.3:a:samba:samba:4.3.0:::::::* cpe:2.3:a:samba:samba:4.0.0:::::::* cpe:2.3:a:samba:samba:4.4.8:::::::* cpe:2.3:a:samba:samba:4.0.26:::::::* cpe:2.3:a:samba:samba:4.0.11:::::::* cpe:2.3:a:samba:samba:4.4.9:::::::* cpe:2.3:a:samba:samba:4.0.5:::::::* cpe:2.3:a:samba:samba:4.2.14:::::::* cpe:2.3:a:samba:samba:4.5.2:::::::* cpe:2.3:a:samba:samba:4.4.1:::::::* cpe:2.3:a:samba:samba:4.1.19:::::::* cpe:2.3:a:samba:samba:4.2.0:rc4:::::: cpe:2.3:a:samba:samba:4.3.1:::::::* cpe:2.3:a:samba:samba:4.3.8:::::::* cpe:2.3:a:samba:samba:4.3.6:::::::* cpe:2.3:a:samba:samba:4.4.14:::::::* cpe:2.3:a:samba:samba:4.5.0:::::::* cpe:2.3:a:samba:samba:4.1.10:::::::* cpe:2.3:a:samba:samba:4.4.11:::::::* cpe:2.3:a:samba:samba:4.0.20:::::::* cpe:2.3:a:samba:samba:4.5.1:::::::* cpe:2.3:a:samba:samba:4.1.4:::::::* cpe:2.3:a:samba:samba:4.0.22:::::::* cpe:2.3:a:samba:samba:4.0.15:::::::* cpe:2.3:a:samba:samba:4.1.1:::::::* cpe:2.3:a:samba:samba:4.1.16:::::::* cpe:2.3:a:samba:samba:4.0.23:::::::* cpe:2.3:a:samba:samba:4.4.7:::::::* cpe:2.3:a:samba:samba:4.0.17:::::::* cpe:2.3:a:samba:samba:4.4.6:::::::* cpe:2.3:a:samba:samba:4.1.7:::::::* cpe:2.3:a:samba:samba:4.1.3:::::::* cpe:2.3:a:samba:samba:4.1.2:::::::* cpe:2.3:a:samba:samba:4.0.2:::::::* cpe:2.3:a:samba:samba:4.4.3:::::::* cpe:2.3:a:samba:samba:4.4.15:::::::* cpe:2.3:a:samba:samba:4.2.8:::::::* cpe:2.3:a:samba:samba:4.0.1:::::::*	cpe:2.3:a:samba:samba::::::::
References	~~(CONFIRM) https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730 -~~	(CONFIRM) https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730 - Third Party Advisory
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2017-0662.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2017-0662.html - Third Party Advisory
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2017-0744.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2017-0744.html - Third Party Advisory
References	~~(REDHAT) https://access.redhat.com/errata/RHSA-2017:1265 -~~	(REDHAT) https://access.redhat.com/errata/RHSA-2017:1265 - Third Party Advisory
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2017-0494.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2017-0494.html - Third Party Advisory
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2017-0495.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2017-0495.html - Third Party Advisory

Information

Published : 2017-05-11 14:29

Updated : 2023-12-10 12:01

NVD link : CVE-2016-2126

Mitre link : CVE-2016-2126

CVE.ORG link : CVE-2016-2126

JSON object : View

Products Affected

samba

samba

CWE

CWE-264

Permissions, Privileges, and Access Controls

6.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2016-2126

6.5^/10

4.0^/10

Attach tags to `CVE-2016-2126`