CVE-2016-2114

Source
https://cve.org/CVERecord?id=CVE-2016-2114
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2114.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-2114
Downstream
Published
2016-04-25T00:59:05.113Z
Modified
2026-07-07T08:46:23.102182102Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream.

Database specific
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "14.04"
                },
                {
                    "last_affected": "14.04"
                },
                {
                    "introduced": "15.10"
                },
                {
                    "last_affected": "15.10"
                },
                {
                    "introduced": "16.04"
                },
                {
                    "last_affected": "16.04"
                }
            ],
            "vendor_product": "canonical:ubuntu_linux",
            "source": "CPE_STRING",
            "cpes": [
                "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"
            ]
        }
    ]
}
References

Affected packages

Git / github.com/samba-team/samba

Affected ranges

Type
GIT
Repo
https://github.com/samba-team/samba
Events
Database specific
{
    "cpe": [
        "cpe:2.3:a:samba:samba:4.0.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.6:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.7:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.8:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.9:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.10:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.11:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.12:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.13:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.14:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.15:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.16:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.17:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.18:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.19:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.20:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.21:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.22:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.23:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.24:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.25:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.0.26:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.9:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.10:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.11:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.12:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.13:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.14:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.15:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.16:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.17:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.18:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.19:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.20:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.21:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.22:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.1.23:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.0:rc1:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.0:rc2:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.0:rc3:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.0:rc4:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.6:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.7:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.8:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.2.9:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.3.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.3.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.3.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.3.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.3.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.3.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.3.6:*:*:*:*:*:*:*",
        "cpe:2.3:a:samba:samba:4.4.0:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "4.0.0"
        },
        {
            "last_affected": "4.0.0"
        },
        {
            "introduced": "4.0.1"
        },
        {
            "last_affected": "4.0.1"
        },
        {
            "introduced": "4.0.2"
        },
        {
            "last_affected": "4.0.2"
        },
        {
            "introduced": "4.0.3"
        },
        {
            "last_affected": "4.0.3"
        },
        {
            "introduced": "4.0.4"
        },
        {
            "last_affected": "4.0.4"
        },
        {
            "introduced": "4.0.5"
        },
        {
            "last_affected": "4.0.5"
        },
        {
            "introduced": "4.0.6"
        },
        {
            "last_affected": "4.0.6"
        },
        {
            "introduced": "4.0.7"
        },
        {
            "last_affected": "4.0.7"
        },
        {
            "introduced": "4.0.8"
        },
        {
            "last_affected": "4.0.8"
        },
        {
            "introduced": "4.0.9"
        },
        {
            "last_affected": "4.0.9"
        },
        {
            "introduced": "4.0.10"
        },
        {
            "last_affected": "4.0.10"
        },
        {
            "introduced": "4.0.11"
        },
        {
            "last_affected": "4.0.11"
        },
        {
            "introduced": "4.0.12"
        },
        {
            "last_affected": "4.0.12"
        },
        {
            "introduced": "4.0.13"
        },
        {
            "last_affected": "4.0.13"
        },
        {
            "introduced": "4.0.14"
        },
        {
            "last_affected": "4.0.14"
        },
        {
            "introduced": "4.0.15"
        },
        {
            "last_affected": "4.0.15"
        },
        {
            "introduced": "4.0.16"
        },
        {
            "last_affected": "4.0.16"
        },
        {
            "introduced": "4.0.17"
        },
        {
            "last_affected": "4.0.17"
        },
        {
            "introduced": "4.0.18"
        },
        {
            "last_affected": "4.0.18"
        },
        {
            "introduced": "4.0.19"
        },
        {
            "last_affected": "4.0.19"
        },
        {
            "introduced": "4.0.20"
        },
        {
            "last_affected": "4.0.20"
        },
        {
            "introduced": "4.0.21"
        },
        {
            "last_affected": "4.0.21"
        },
        {
            "introduced": "4.0.22"
        },
        {
            "last_affected": "4.0.22"
        },
        {
            "introduced": "4.0.23"
        },
        {
            "last_affected": "4.0.23"
        },
        {
            "introduced": "4.0.24"
        },
        {
            "last_affected": "4.0.24"
        },
        {
            "introduced": "4.0.25"
        },
        {
            "last_affected": "4.0.25"
        },
        {
            "introduced": "4.0.26"
        },
        {
            "last_affected": "4.0.26"
        },
        {
            "introduced": "4.1.0"
        },
        {
            "last_affected": "4.1.0"
        },
        {
            "introduced": "4.1.1"
        },
        {
            "last_affected": "4.1.1"
        },
        {
            "introduced": "4.1.2"
        },
        {
            "last_affected": "4.1.2"
        },
        {
            "introduced": "4.1.3"
        },
        {
            "last_affected": "4.1.3"
        },
        {
            "introduced": "4.1.4"
        },
        {
            "last_affected": "4.1.4"
        },
        {
            "introduced": "4.1.5"
        },
        {
            "last_affected": "4.1.5"
        },
        {
            "introduced": "4.1.6"
        },
        {
            "last_affected": "4.1.6"
        },
        {
            "introduced": "4.1.7"
        },
        {
            "last_affected": "4.1.7"
        },
        {
            "introduced": "4.1.8"
        },
        {
            "last_affected": "4.1.8"
        },
        {
            "introduced": "4.1.9"
        },
        {
            "last_affected": "4.1.9"
        },
        {
            "introduced": "4.1.10"
        },
        {
            "last_affected": "4.1.10"
        },
        {
            "introduced": "4.1.11"
        },
        {
            "last_affected": "4.1.11"
        },
        {
            "introduced": "4.1.12"
        },
        {
            "last_affected": "4.1.12"
        },
        {
            "introduced": "4.1.13"
        },
        {
            "last_affected": "4.1.13"
        },
        {
            "introduced": "4.1.14"
        },
        {
            "last_affected": "4.1.14"
        },
        {
            "introduced": "4.1.15"
        },
        {
            "last_affected": "4.1.15"
        },
        {
            "introduced": "4.1.16"
        },
        {
            "last_affected": "4.1.16"
        },
        {
            "introduced": "4.1.17"
        },
        {
            "last_affected": "4.1.17"
        },
        {
            "introduced": "4.1.18"
        },
        {
            "last_affected": "4.1.18"
        },
        {
            "introduced": "4.1.19"
        },
        {
            "last_affected": "4.1.19"
        },
        {
            "introduced": "4.1.20"
        },
        {
            "last_affected": "4.1.20"
        },
        {
            "introduced": "4.1.21"
        },
        {
            "last_affected": "4.1.21"
        },
        {
            "introduced": "4.1.22"
        },
        {
            "last_affected": "4.1.22"
        },
        {
            "introduced": "4.1.23"
        },
        {
            "last_affected": "4.1.23"
        },
        {
            "introduced": "4.2.0-rc1"
        },
        {
            "last_affected": "4.2.0-rc1"
        },
        {
            "introduced": "4.2.0-rc2"
        },
        {
            "last_affected": "4.2.0-rc2"
        },
        {
            "introduced": "4.2.0-rc3"
        },
        {
            "last_affected": "4.2.0-rc3"
        },
        {
            "introduced": "4.2.0-rc4"
        },
        {
            "last_affected": "4.2.0-rc4"
        },
        {
            "introduced": "4.2.1"
        },
        {
            "last_affected": "4.2.1"
        },
        {
            "introduced": "4.2.2"
        },
        {
            "last_affected": "4.2.2"
        },
        {
            "introduced": "4.2.3"
        },
        {
            "last_affected": "4.2.3"
        },
        {
            "introduced": "4.2.4"
        },
        {
            "last_affected": "4.2.4"
        },
        {
            "introduced": "4.2.5"
        },
        {
            "last_affected": "4.2.5"
        },
        {
            "introduced": "4.2.6"
        },
        {
            "last_affected": "4.2.6"
        },
        {
            "introduced": "4.2.7"
        },
        {
            "last_affected": "4.2.7"
        },
        {
            "introduced": "4.2.8"
        },
        {
            "last_affected": "4.2.8"
        },
        {
            "introduced": "4.2.9"
        },
        {
            "last_affected": "4.2.9"
        },
        {
            "introduced": "4.3.0"
        },
        {
            "last_affected": "4.3.0"
        },
        {
            "introduced": "4.3.1"
        },
        {
            "last_affected": "4.3.1"
        },
        {
            "introduced": "4.3.2"
        },
        {
            "last_affected": "4.3.2"
        },
        {
            "introduced": "4.3.3"
        },
        {
            "last_affected": "4.3.3"
        },
        {
            "introduced": "4.3.4"
        },
        {
            "last_affected": "4.3.4"
        },
        {
            "introduced": "4.3.5"
        },
        {
            "last_affected": "4.3.5"
        },
        {
            "introduced": "4.3.6"
        },
        {
            "last_affected": "4.3.6"
        },
        {
            "introduced": "4.4.0"
        },
        {
            "last_affected": "4.4.0"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

4.*
4.0.0
4.0.1
4.0.10
4.0.11
4.0.12
4.0.13
4.0.14
4.0.15
4.0.16
4.0.17
4.0.18
4.0.19
4.0.2
4.0.20
4.0.21
4.0.22
4.0.23
4.0.24
4.0.25
4.0.26
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.1.0
4.1.1
4.1.10
4.1.11
4.1.12
4.1.13
4.1.14
4.1.15
4.1.16
4.1.17
4.1.18
4.1.19
4.1.2
4.1.20
4.1.21
4.1.22
4.1.23
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.1.8
4.1.9
4.2.0-rc1
4.2.0-rc2
4.2.0-rc3
4.2.0-rc4
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.2.6
4.2.7
4.2.8
4.2.9
4.3.0
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.4.0

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2114.json"