Vulnerability Details : CVE-2015-5296
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c.
Vulnerability category: Input validation
Products affected by CVE-2015-5296
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-5296
0.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 56 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-5296
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
5.4
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N |
2.2
|
2.7
|
NIST |
CWE ids for CVE-2015-5296
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-5296
-
https://git.samba.org/?p=samba.git;a=commit;h=1ba49b8f389eda3414b14410c7fbcb4041ca06b1
git.samba.org - samba.git/commitPatch;Vendor Advisory
-
https://security.gentoo.org/glsa/201612-47
Samba: Multiple vulnerabilities (GLSA 201612-47) — Gentoo securityThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00017.html
[security-announce] SUSE-SU-2016:0164-1: important: Security update forMailing List;Third Party Advisory
-
http://www.debian.org/security/2016/dsa-3433
Debian -- Security Information -- DSA-3433-1 sambaThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00032.html
[security-announce] openSUSE-SU-2015:2354-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
[security-announce] openSUSE-SU-2016:1064-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html
[SECURITY] Fedora 23 Update: samba-4.3.3-0.fc23Mailing List;Third Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993
HPSBUX03574 rev.1 - HPE HP-UX CIFS-Server (Samba), Remote Access Restriction Bypass, Authentication bypass, Denial of Service (DoS), Unauthorized Access to Files, Access Restriction Bypass, UnauthorizThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html
[security-announce] SUSE-SU-2015:2304-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html
[security-announce] openSUSE-SU-2015:2356-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00020.html
[security-announce] SUSE-SU-2015:2305-1: important: Security update forMailing List;Third Party Advisory
-
https://git.samba.org/?p=samba.git;a=commit;h=a819d2b440aafa3138d95ff6e8b824da885a70e9
git.samba.org - samba.git/commitPatch;Vendor Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html
[SECURITY] Fedora 22 Update: samba-4.2.7-0.fc22Mailing List;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2855-2
USN-2855-2: Samba regression | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00002.html
[security-announce] SUSE-SU-2016:0032-1: important: Security update forMailing List;Third Party Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Oracle Linux Bulletin - January 2016Third Party Advisory
-
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
Oracle Solaris Bulletin - January 2016Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
[security-announce] openSUSE-SU-2016:1106-1: important: Security updateMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1034493
Samba Multiple Flaws Let Remote Users Access Data and Files, Obtain Potentially Sensitive Information, and Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
-
https://bugzilla.redhat.com/show_bug.cgi?id=1290292
1290292 – (CVE-2015-5296) CVE-2015-5296 samba: client requesting encryption vulnerable to downgrade attackIssue Tracking;Third Party Advisory
-
https://git.samba.org/?p=samba.git;a=commit;h=d724f835acb9f4886c0001af32cd325dbbf1f895
git.samba.org - samba.git/commitPatch;Vendor Advisory
-
http://www.securityfocus.com/bid/79732
Samba CVE-2015-5296 Man in the Middle Multiple Security Bypass VulnerabilitiesThird Party Advisory;VDB Entry
-
https://www.samba.org/samba/security/CVE-2015-5296.html
Samba - Security Announcement ArchiveVendor Advisory
-
http://www.ubuntu.com/usn/USN-2855-1
USN-2855-1: Samba vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
[security-announce] openSUSE-SU-2016:1107-1: important: Security updateMailing List;Third Party Advisory
Jump to