CVE‌-2018-16860

Asked by Michael Tayo on 2019-06-20

I want to know whether the 16.04 version of ubuntu have been bckported with the corresponding samba version - that is a fix for the
Samba 4.x < 4.8.12 / 4.9.x < 4.9.8 / 4.10.x < 4.10.3 Man in the Middle Vulnerability

Here is what my vuln scanner is telling me ...

The version of Samba running on the remote host is 4.x prior to 4.8.12, 4.9.x prior to 4.9.8 or 4.10.x prior to 4.10.3.It is, therefore, affected by a man in the middle vulnerability in the Heimdal KDC due to an design error. An authenticated, remote attacker can exploit this, via replacing the user name on intercepted requests to the KDC, to bypass security restrictions.

...

It is still popping up on our scans due to the version number but I want to be sure because I know version number does not always mean a vulnerability has been unpatched/patched.

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu samba Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Manfred Hampl (m-hampl) said : #1

See the following links:

https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-16860.html

https://launchpad.net/ubuntu/xenial/+source/samba/+changelog

http://launchpadlibrarian.net/422817844/samba_2%3A4.3.11+dfsg-0ubuntu0.16.04.19_2%3A4.3.11+dfsg-0ubuntu0.16.04.20.diff.gz

For me this is sufficient evidence that this vulnerability has been taken care of (in version 2:4.3.11+dfsg-0ubuntu0.16.04.20), but please decide yourself.

Can you help with this problem?

Provide an answer of your own, or ask Michael Tayo for more information if necessary.

To post a message you must log in.