1
Candidate: CVE-2016-9463
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9463
5
https://github.com/nextcloud/apps/commit/b85ace6840b8a6704641086bc3b8eb8e81cb2274
6
https://github.com/nextcloud/apps/commit/decb91fd31f4ffab191cbf09ce4e5c55c67a4087
7
https://github.com/owncloud/apps/commit/16cbccfc946c8711721fa684d78135ca1fb64791
8
https://github.com/owncloud/apps/commit/5d47e7b52646cf79edadd78ce10c754290cbb732
9
https://github.com/owncloud/apps/commit/a0e07b7ddd5a5fd850a6e07f8457d05b76a300b3
10
https://hackerone.com/reports/148151
11
https://nextcloud.com/security/advisory/?id=nc-sa-2016-006
12
https://owncloud.org/security/advisory/?id=oc-sa-2016-017
13
https://rhinosecuritylabs.com/2016/10/operation-ownedcloud-exploitation-post-exploitation-persistence/
15
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2,
16
9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass.
17
Nextcloud/ownCloud include an optional and not by default enabled SMB
18
authentication component that allows authenticating users against an SMB
19
server. This backend is implemented in a way that tries to connect to a SMB
20
server and if that succeeded consider the user logged-in. The backend did
21
not properly take into account SMB servers that have any kind of anonymous
22
auth configured. This is the default on SMB servers nowadays and allows an
23
unauthenticated attacker to gain access to an account without valid
24
credentials. Note: The SMB backend is disabled by default and requires
25
manual configuration in the Nextcloud/ownCloud config file. If you have not
26
configured the SMB backend then you're not affected by this vulnerability.
30
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835086
32
Discovered-by: Dwight Hohnstein
36
upstream_nextcloud: needs-triage
37
precise_nextcloud: DNE
38
precise/esm_nextcloud: DNE
40
vivid/stable-phone-overlay_nextcloud: DNE
41
vivid/ubuntu-core_nextcloud: DNE
43
yakkety_nextcloud: DNE
50
upstream_owncloud: needs-triage
51
precise_owncloud: ignored (reached end-of-life)
52
precise/esm_owncloud: DNE (precise was needs-triage)
53
trusty_owncloud: needs-triage
54
vivid/stable-phone-overlay_owncloud: DNE
55
vivid/ubuntu-core_owncloud: DNE