Oval Definition:	oval:org.cisecurity:def:1225
Revision Date: 2016-11-10 Version: 12 Title: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access Description: The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2016-2112 Platform(s): HP-UX 11 Product(s): Definition Synopsis HP-UX B.11.31 AND filesets test CIFS-Development.CIFS-PRG version is less than A.03.02.07 OR CIFS-Server.CIFS-ADMIN version is less than A.03.02.07 OR CIFS-Server.CIFS-DOC version is less than A.03.02.07 OR CIFS-Server.CIFS-LIB version is less than A.03.02.07 OR CIFS-Server.CIFS-RUN version is less than A.03.02.07 OR CIFS-Server.CIFS-UTIL version is less than A.03.02.07
BACK