Oval Definition:	oval:com.ubuntu.xenial:def:201621120000000
Revision Date: 2016-04-25 Version: 1 Title: CVE-2016-2112 on Ubuntu 16.04 LTS (xenial) - medium. Description: The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-2112 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND samba package in xenial was vulnerable but has been fixed (note: '2:4.3.8+dfsg-0ubuntu1').
BACK