VIR Vulnerability Intelligence Relay

CVE-2016-2111

medium
Published 2016-04-25 · Modified 2026-05-06
CVSS v3
6.3
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CVSS v2
4.3
VIR risk
6.3

Description

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.

Predictions

Exploit likelihood
63%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2016-2111

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — https://www.samba.org/samba/security/CVE-2016-2111.html

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2016-2111.html

OS impact
OSVersionStatusFixed in
suse slesaffected
ubuntu ubuntu14.04affected
ubuntu ubuntu15.10affected
ubuntu ubuntu16.04affected
debian debianbookwormfixed2:4.3.7+dfsg-1
debian debianbullseyefixed2:4.3.7+dfsg-1
debian debianforkyfixed2:4.3.7+dfsg-1
debian debiansidfixed2:4.3.7+dfsg-1
debian debiantrixiefixed2:4.3.7+dfsg-1

Application impact
VendorProductVersionsFixed
sambasamba3.0.0
sambasamba3.0.1
sambasamba3.0.2
sambasamba3.0.2a
sambasamba3.0.3
sambasamba3.0.4
sambasamba3.0.5
sambasamba3.0.6
sambasamba3.0.7
sambasamba3.0.8
sambasamba3.0.9
sambasamba3.0.10
sambasamba3.0.11
sambasamba3.0.12
sambasamba3.0.13
sambasamba3.0.14
sambasamba3.0.14a
sambasamba3.0.15
sambasamba3.0.16
sambasamba3.0.17
sambasamba3.0.18
sambasamba3.0.19
sambasamba3.0.20
sambasamba3.0.20a
sambasamba3.0.20b
sambasamba3.0.21
sambasamba3.0.21a
sambasamba3.0.21b
sambasamba3.0.21c
sambasamba3.0.22
sambasamba3.0.23
sambasamba3.0.23a
sambasamba3.0.23b
sambasamba3.0.23c
sambasamba3.0.23d
sambasamba3.0.24
sambasamba3.0.25
sambasamba3.0.25a
sambasamba3.0.25b
sambasamba3.0.25c
sambasamba3.0.26
sambasamba3.0.26a
sambasamba3.0.27
sambasamba3.0.28
sambasamba3.0.29
sambasamba3.0.30
sambasamba3.0.31
sambasamba3.0.32
sambasamba3.0.33
sambasamba3.0.34
sambasamba3.0.35
sambasamba3.0.36
sambasamba3.0.37
sambasamba3.2.0
sambasamba3.2.1
sambasamba3.2.2
sambasamba3.2.3
sambasamba3.2.4
sambasamba3.2.5
sambasamba3.2.6
sambasamba3.2.7
sambasamba3.2.8
sambasamba3.2.9
sambasamba3.2.10
sambasamba3.2.11
sambasamba3.2.12
sambasamba3.2.13
sambasamba3.2.14
sambasamba3.2.15
sambasamba3.3.0
sambasamba3.3.1
sambasamba3.3.2
sambasamba3.3.3
sambasamba3.3.4
sambasamba3.3.5
sambasamba3.3.6
sambasamba3.3.7
sambasamba3.3.8
sambasamba3.3.9
sambasamba3.3.10
sambasamba3.3.11
sambasamba3.3.12
sambasamba3.3.13
sambasamba3.3.14
sambasamba3.3.15
sambasamba3.3.16
sambasamba3.4.0
sambasamba3.4.1
sambasamba3.4.2
sambasamba3.4.3
sambasamba3.4.4
sambasamba3.4.5
sambasamba3.4.6
sambasamba3.4.7
sambasamba3.4.8
sambasamba3.4.9
sambasamba3.4.10
sambasamba3.4.11
sambasamba3.4.12
sambasamba3.4.13
sambasamba3.4.14
sambasamba3.4.15
sambasamba3.4.16
sambasamba3.4.17
sambasamba3.5.0
sambasamba3.5.1
sambasamba3.5.2
sambasamba3.5.3
sambasamba3.5.4
sambasamba3.5.5
sambasamba3.5.6
sambasamba3.5.7
sambasamba3.5.8
sambasamba3.5.9
sambasamba3.5.10
sambasamba3.5.11
sambasamba3.5.12
sambasamba3.5.13
sambasamba3.5.14
sambasamba3.5.15
sambasamba3.5.16
sambasamba3.5.17
sambasamba3.5.18
sambasamba3.5.19
sambasamba3.5.20
sambasamba3.5.21
sambasamba3.5.22
sambasamba3.6.0
sambasamba3.6.1
sambasamba3.6.2
sambasamba3.6.3
sambasamba3.6.4
sambasamba3.6.5
sambasamba3.6.6
sambasamba3.6.7
sambasamba3.6.8
sambasamba3.6.9
sambasamba3.6.10
sambasamba3.6.11
sambasamba3.6.12
sambasamba3.6.13
sambasamba3.6.14
sambasamba3.6.15
sambasamba3.6.16
sambasamba3.6.17
sambasamba3.6.18
sambasamba3.6.19
sambasamba3.6.20
sambasamba3.6.21
sambasamba3.6.22
sambasamba3.6.23
sambasamba3.6.24
sambasamba3.6.25
sambasamba4.0.0
sambasamba4.0.1
sambasamba4.0.2
sambasamba4.0.3
sambasamba4.0.4
sambasamba4.0.5
sambasamba4.0.6
sambasamba4.0.7
sambasamba4.0.8
sambasamba4.0.9
sambasamba4.0.10
sambasamba4.0.11
sambasamba4.0.12
sambasamba4.0.13
sambasamba4.0.14
sambasamba4.0.15
sambasamba4.0.16
sambasamba4.0.17
sambasamba4.0.18
sambasamba4.0.19
sambasamba4.0.20
sambasamba4.0.21
sambasamba4.0.22
sambasamba4.0.23
sambasamba4.0.24
sambasamba4.0.25
sambasamba4.0.26
sambasamba4.1.0
sambasamba4.1.1
sambasamba4.1.2
sambasamba4.1.3
sambasamba4.1.4
sambasamba4.1.5
sambasamba4.1.6
sambasamba4.1.7
sambasamba4.1.8
sambasamba4.1.9
sambasamba4.1.10
sambasamba4.1.11
sambasamba4.1.12
sambasamba4.1.13
sambasamba4.1.14
sambasamba4.1.15
sambasamba4.1.16
sambasamba4.1.17
sambasamba4.1.18
sambasamba4.1.19

References

CWEs

CWE-254

Verify integrity in audit chain (admin only). AS-IS.