================================================================== == Subject: Man in the middle attacks possible with NTLMSSP == == CVE ID#: CVE-2016-2110 == == Versions: Samba 3.0.0 to 4.4.0 == == Summary: The feature negotiation of NTLMSSP is not == downgrade protected. A man in the middle is == able to clear even required flags, especially == NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL. == Which has implications on encrypted LDAP traffic. == ================================================================= =========== Description =========== There are several man in the middle attacks possible with NTLMSSP authentication. E.g. NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL can be cleared by a man in the middle. This was by protocol design in earlier Windows versions. Windows Server 2003 RTM and Vista RTM introduced a way to protect against the trivial downgrade. See MsvAvFlags and flag 0x00000002 in https://msdn.microsoft.com/en-us/library/cc236646.aspx This new feature also implies support for a mechlistMIC when used within SPNEGO, which may prevent downgrades from other SPNEGO mechs, e.g. Kerberos, if sign or seal is finally negotiated. The Samba implementation doesn't enforce the existence of required flags, which were requested by the application layer, e.g. LDAP or SMB1 encryption (via the unix extensions). As a result a man in the middle can take over the connection. It is also possible to misguide client and/or server to send unencrypted traffic even if encryption was explicitly requested. LDAP (with NTLMSSP authentication) is used as a client by various admin tools of the Samba project, e.g. "net", "samba-tool", "ldbsearch", "ldbedit", ... As an active directory member server LDAP is also used by the winbindd service when connecting to domain controllers. Samba also offers an LDAP server when running as active directory domain controller. The NTLMSSP authentication used by the SMB1 encryption is protected by smb signing, see CVE-2015-5296. The following vulnerabilities are related: CVE-2016-2112 and CVE-2016-2113 ================== Patch Availability ================== A patch addressing this defect has been posted to https://www.samba.org/samba/security/ Additionally, Samba 4.4.2, 4.3.8 and 4.2.11 have been issued as security releases to correct the defect. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible. Note that Samba 4.4.1, 4.3.7 and 4.2.10 were privately released to vendors, but had a regression, which is fixed in 4.4.2, 4.3.8 and 4.2.11. ========== Workaround ========== None. ======= Credits ======= This vulnerability was discovered and researched by Stefan Metzmacher of SerNet (https://samba.plus) and the Samba Team (https://www.samba.org). He provides the fixes in collaboration with the Samba Team.