Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/samba@3.6.23-30?arch=el6_4

Type rpm

Namespace redhat

Name samba

Version 3.6.23-30

Qualifiers

arch	el6_4

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-8tyg-f73c-zuh3

vulnerability_id VCID-8tyg-f73c-zuh3

summary Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2115.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2115.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2115

reference_id

reference_type

scores

value	0.22744
scoring_system	epss
scoring_elements	0.95973
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1312084
reference_id	1312084
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1312084

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0611
reference_id	RHSA-2016:0611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0611

reference_url	https://access.redhat.com/errata/RHSA-2016:0612
reference_id	RHSA-2016:0612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0612

reference_url	https://access.redhat.com/errata/RHSA-2016:0613
reference_id	RHSA-2016:0613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0613

reference_url	https://access.redhat.com/errata/RHSA-2016:0614
reference_id	RHSA-2016:0614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0614

reference_url	https://access.redhat.com/errata/RHSA-2016:0618
reference_id	RHSA-2016:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0618

reference_url	https://access.redhat.com/errata/RHSA-2016:0619
reference_id	RHSA-2016:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0619

reference_url	https://access.redhat.com/errata/RHSA-2016:0620
reference_id	RHSA-2016:0620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0620

reference_url	https://access.redhat.com/errata/RHSA-2016:0624
reference_id	RHSA-2016:0624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0624

fixed_packages

aliases CVE-2016-2115

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8tyg-f73c-zuh3

url VCID-eaxm-5jgj-eqcg

vulnerability_id VCID-eaxm-5jgj-eqcg

summary The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2111.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2111.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2111

reference_id

reference_type

scores

value	0.02808
scoring_system	epss
scoring_elements	0.864
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1311902
reference_id	1311902
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1311902

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0611
reference_id	RHSA-2016:0611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0611

reference_url	https://access.redhat.com/errata/RHSA-2016:0612
reference_id	RHSA-2016:0612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0612

reference_url	https://access.redhat.com/errata/RHSA-2016:0613
reference_id	RHSA-2016:0613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0613

reference_url	https://access.redhat.com/errata/RHSA-2016:0614
reference_id	RHSA-2016:0614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0614

reference_url	https://access.redhat.com/errata/RHSA-2016:0618
reference_id	RHSA-2016:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0618

reference_url	https://access.redhat.com/errata/RHSA-2016:0619
reference_id	RHSA-2016:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0619

reference_url	https://access.redhat.com/errata/RHSA-2016:0620
reference_id	RHSA-2016:0620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0620

reference_url	https://access.redhat.com/errata/RHSA-2016:0621
reference_id	RHSA-2016:0621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0621

reference_url	https://access.redhat.com/errata/RHSA-2016:0623
reference_id	RHSA-2016:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0623

reference_url	https://access.redhat.com/errata/RHSA-2016:0624
reference_id	RHSA-2016:0624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0624

reference_url	https://access.redhat.com/errata/RHSA-2016:0625
reference_id	RHSA-2016:0625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0625

fixed_packages

aliases CVE-2016-2111

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eaxm-5jgj-eqcg

url VCID-egeg-4ds7-d3d1

vulnerability_id VCID-egeg-4ds7-d3d1

summary The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2118.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2118.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2118

reference_id

reference_type

scores

value	0.78522
scoring_system	epss
scoring_elements	0.99061
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2118

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1317990
reference_id	1317990
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1317990

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0611
reference_id	RHSA-2016:0611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0611

reference_url	https://access.redhat.com/errata/RHSA-2016:0612
reference_id	RHSA-2016:0612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0612

reference_url	https://access.redhat.com/errata/RHSA-2016:0613
reference_id	RHSA-2016:0613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0613

reference_url	https://access.redhat.com/errata/RHSA-2016:0614
reference_id	RHSA-2016:0614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0614

reference_url	https://access.redhat.com/errata/RHSA-2016:0618
reference_id	RHSA-2016:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0618

reference_url	https://access.redhat.com/errata/RHSA-2016:0619
reference_id	RHSA-2016:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0619

reference_url	https://access.redhat.com/errata/RHSA-2016:0620
reference_id	RHSA-2016:0620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0620

reference_url	https://access.redhat.com/errata/RHSA-2016:0621
reference_id	RHSA-2016:0621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0621

reference_url	https://access.redhat.com/errata/RHSA-2016:0623
reference_id	RHSA-2016:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0623

reference_url	https://access.redhat.com/errata/RHSA-2016:0624
reference_id	RHSA-2016:0624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0624

reference_url	https://access.redhat.com/errata/RHSA-2016:0625
reference_id	RHSA-2016:0625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0625

fixed_packages

aliases CVE-2016-2118

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-egeg-4ds7-d3d1

url

VCID-m364-w7f6-aug7

vulnerability_id

VCID-m364-w7f6-aug7

summary

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5370.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5370.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5370

reference_id

reference_type

scores

value	0.21108
scoring_system	epss
scoring_elements	0.95764
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1309987
reference_id	1309987
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1309987

reference_url	https://access.redhat.com/errata/RHSA-2016:0611
reference_id	RHSA-2016:0611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0611

reference_url	https://access.redhat.com/errata/RHSA-2016:0612
reference_id	RHSA-2016:0612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0612

reference_url	https://access.redhat.com/errata/RHSA-2016:0613
reference_id	RHSA-2016:0613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0613

reference_url	https://access.redhat.com/errata/RHSA-2016:0614
reference_id	RHSA-2016:0614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0614

reference_url	https://access.redhat.com/errata/RHSA-2016:0618
reference_id	RHSA-2016:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0618

reference_url	https://access.redhat.com/errata/RHSA-2016:0619
reference_id	RHSA-2016:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0619

reference_url	https://access.redhat.com/errata/RHSA-2016:0620
reference_id	RHSA-2016:0620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0620

reference_url	https://access.redhat.com/errata/RHSA-2016:0624
reference_id	RHSA-2016:0624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0624

fixed_packages

aliases

CVE-2015-5370

risk_score

0.1

exploitability

0.5

weighted_severity

0.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-m364-w7f6-aug7

url VCID-vtne-we7s-tuet

vulnerability_id VCID-vtne-we7s-tuet

summary The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2110.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2110.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2110

reference_id

reference_type

scores

value	0.17748
scoring_system	epss
scoring_elements	0.95244
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1311893
reference_id	1311893
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1311893

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0611
reference_id	RHSA-2016:0611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0611

reference_url	https://access.redhat.com/errata/RHSA-2016:0612
reference_id	RHSA-2016:0612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0612

reference_url	https://access.redhat.com/errata/RHSA-2016:0613
reference_id	RHSA-2016:0613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0613

reference_url	https://access.redhat.com/errata/RHSA-2016:0614
reference_id	RHSA-2016:0614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0614

reference_url	https://access.redhat.com/errata/RHSA-2016:0618
reference_id	RHSA-2016:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0618

reference_url	https://access.redhat.com/errata/RHSA-2016:0619
reference_id	RHSA-2016:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0619

reference_url	https://access.redhat.com/errata/RHSA-2016:0620
reference_id	RHSA-2016:0620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0620

reference_url	https://access.redhat.com/errata/RHSA-2016:0621
reference_id	RHSA-2016:0621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0621

reference_url	https://access.redhat.com/errata/RHSA-2016:0623
reference_id	RHSA-2016:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0623

reference_url	https://access.redhat.com/errata/RHSA-2016:0624
reference_id	RHSA-2016:0624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0624

reference_url	https://access.redhat.com/errata/RHSA-2016:0625
reference_id	RHSA-2016:0625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0625

fixed_packages

aliases CVE-2016-2110

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtne-we7s-tuet

url VCID-yt92-mfwy-z7er

vulnerability_id VCID-yt92-mfwy-z7er

summary The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2112.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2112.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2112

reference_id

reference_type

scores

value	0.16609
scoring_system	epss
scoring_elements	0.95043
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1311903
reference_id	1311903
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1311903

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0611
reference_id	RHSA-2016:0611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0611

reference_url	https://access.redhat.com/errata/RHSA-2016:0612
reference_id	RHSA-2016:0612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0612

reference_url	https://access.redhat.com/errata/RHSA-2016:0613
reference_id	RHSA-2016:0613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0613

reference_url	https://access.redhat.com/errata/RHSA-2016:0614
reference_id	RHSA-2016:0614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0614

reference_url	https://access.redhat.com/errata/RHSA-2016:0618
reference_id	RHSA-2016:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0618

reference_url	https://access.redhat.com/errata/RHSA-2016:0619
reference_id	RHSA-2016:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0619

reference_url	https://access.redhat.com/errata/RHSA-2016:0620
reference_id	RHSA-2016:0620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0620

reference_url	https://access.redhat.com/errata/RHSA-2016:0624
reference_id	RHSA-2016:0624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0624

fixed_packages

aliases CVE-2016-2112

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yt92-mfwy-z7er

Fixing_vulnerabilities

Risk_score 0.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/samba@3.6.23-30%3Farch=el6_4

Package Instance