CVE-2016-2124
MEDIUM5.9EPSS 0.70%samba - security update
Published: 2/18/2022Modified: 4/28/2026
Description
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
Affected packages (4)
- Alpine/sambafrom 0, < 4.13.17-r0
- Debian/sambafrom 0, < 2:4.13.13+dfsg-1~deb11u2
- Debian/sambafrom 0, < 2:4.9.5+dfsg-5+deb10u4
- Debian/sambafrom 0, < 2:4.13.13+dfsg-1~deb11u2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |