Samba:
A MITM attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data.