Test ID:	1.3.6.1.4.1.25623.1.0.113288
Category:	General
Title:	Samba >= 3.0.25, <= 4.5.2 Privilege Delegation Vulnerability
Summary:	Samba is prone to a privilege delegation vulnerability.
Description:	Summary: Samba is prone to a privilege delegation vulnerability. Vulnerability Insight: Samba always requests forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. Vulnerability Impact: Successful exploitation would allow an authenticated attacker to gain additional access rights. Affected Software/OS: Samba versions 3.0.25 through 4.3.12, 4.4.0 through 4.4.7 and 4.5.0 through 4.5.2. Solution: Update to version 4.3.13, 4.4.8 or 4.5.3 respectively. CVSS Score: 3.3 CVSS Vector: AV:A/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2125 BugTraq ID: 94988 http://www.securityfocus.com/bid/94988 RedHat Security Advisories: RHSA-2017:0494 http://rhn.redhat.com/errata/RHSA-2017-0494.html RedHat Security Advisories: RHSA-2017:0495 http://rhn.redhat.com/errata/RHSA-2017-0495.html RedHat Security Advisories: RHSA-2017:0662 http://rhn.redhat.com/errata/RHSA-2017-0662.html RedHat Security Advisories: RHSA-2017:0744 http://rhn.redhat.com/errata/RHSA-2017-0744.html RedHat Security Advisories: RHSA-2017:1265 https://access.redhat.com/errata/RHSA-2017:1265 http://www.securitytracker.com/id/1037494
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.