OVAL Reference oval:com.ubuntu.xenial:def:201621250000000

Oval Definition:

oval:com.ubuntu.xenial:def:201621250000000

Revision Date:	2018-10-31	Version:	1
Title:	CVE-2016-2125 on Ubuntu 16.04 LTS (xenial) - medium.
Description:	It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. Simo Sorce discovered that that Samba clients always requested a forwardable ticket when using Kerberos authentication. An attacker could use this to impersonate an authenticated user or service.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2016-2125
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND samba package in xenial was vulnerable but has been fixed (note: '2:4.3.11+dfsg-0ubuntu0.16.04.3').