It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-05T23:17:50.585Z

Reserved: 2016-01-29T00:00:00

Link: CVE-2016-2125

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-10-31T20:29:00.247

Modified: 2024-11-21T02:47:52.913

Link: CVE-2016-2125

cve-icon Redhat

Severity : Moderate

Publid Date: 2016-12-19T00:00:00Z

Links: CVE-2016-2125 - Bugzilla

cve-icon OpenCVE Enrichment

No data.