- Home
- CVEs with nessus.description==This update fixes these security vulnerabilities :
- CVE-2015-5370: DCERPC server and client were vulnerable
to DOS and MITM attacks (bsc#936862).
- CVE-2016-2110: A man-in-the-middle could have downgraded
NTLMSSP authentication (bsc#973031).
- CVE-2016-2111: Domain controller netlogon member
computer could have been spoofed (bsc#973032).
- CVE-2016-2112: LDAP conenctions were vulnerable to
downgrade and MITM attack (bsc#973033).
- CVE-2016-2113: TLS certificate validation were missing
(bsc#973034).
- CVE-2016-2114: 'server signing = mandatory' not enforced
(bsc#973035).
- CVE-2016-2115: Named pipe IPC were vulnerable to MITM
attacks (bsc#973036).
- CVE-2016-2118: 'Badlock' DCERPC impersonation of
authenticated account were possible (bsc#971965).
The openSUSE 13.1 update also upgrades to samba 4.2.4 as 4.1.x
versions are no longer supported by upstream. As a side effect,
libpdb0 package was replaced by libsamba-passdb0.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top