{"id":"CVE-2016-2125","details":"It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.","modified":"2026-05-18T05:48:12.970642465Z","published":"2018-10-31T20:29:00.247Z","related":["SUSE-SU-2016:3271-1","SUSE-SU-2016:3272-1","SUSE-SU-2016:3298-1","SUSE-SU-2016:3299-1","SUSE-SU-2016:3300-1","openSUSE-SU-2024:11365-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0"},{"last_affected":"7.0"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_desktop"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0"},{"last_affected":"7.0"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_server"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"7.4"},{"last_affected":"7.6"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_server_aus"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"7.3"},{"last_affected":"7.4"},{"last_affected":"7.5"},{"last_affected":"7.6"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_server_eus"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"7.3"},{"last_affected":"7.6"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_server_tus"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0"},{"last_affected":"7.0"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_workstation"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"3.0"}],"cpes":["cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:gluster_storage"}]},"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2017-0494.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2017-0495.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2017-0662.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2017-0744.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/94988"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1037494"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1265"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2125"},{"type":"FIX","url":"https://www.samba.org/samba/security/CVE-2016-2125.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/samba-team/samba","events":[{"introduced":"ad4be8a01adacd96c5f0fe1bb87a170ab88d2b88"},{"fixed":"09348d38684215a34b091dd98ea7df21fc07f32c"},{"introduced":"30812c414bb0ceb95abae08c35b94b2f97be4c5c"},{"fixed":"bb02ee99eadd74bf471d1fff9a2be24d1ba2a52d"},{"introduced":"916fab083a8cb5c10365da7f3a85d0bbfde4a30e"},{"fixed":"3da5d752a987ec1e60d7e773dfe44d38a91d8776"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"3.0.25"},{"fixed":"4.3.13"},{"introduced":"4.4.0"},{"fixed":"4.4.8"},{"introduced":"4.5.0"},{"fixed":"4.5.3"}],"cpe":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*"}}],"versions":["samba-4.4.7","samba-4.5.2","samba-4.5.0","samba-4.4.4","samba-4.4.3","samba-4.4.2","samba-4.4.1","samba-4.4.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2125.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}