| VID |
23268 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
The version of Samba running on the remote host is 4.4.x prior to 4.4.16. It is, therefore, affected by the following vulnerabilities:
- Signing requirements are not properly enforced for SMB v1, v2, and v3. This could allow a man-in-the-middle attacker to interfere with client connections. (CVE-2017-12150)
- A flaw exists with the DFS redirect that causes encryption requirements to not be maintained. A man-in-the-middle attacker could read or alter the client connection. (CVE-2017-12151)
- A flaw exists with SMB v1 due to improper range check for client write requests. An authenticated attacker could potentially access sensitive server information. (CVE-2017-12163)
* References:
https://www.samba.org/samba/security/CVE-2017-12150.html
https://www.samba.org/samba/security/CVE-2017-12151.html
https://www.samba.org/samba/security/CVE-2017-12163.html
https://www.samba.org/samba/history/samba-4.4.16.html
* Platforms Affected:
Samba Project, Samba versions 4.4.x before 4.4.16
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba 4.4.16 or later, available from the Samba Web site at https://www.samba.org/samba/download/ |
| Related URL |
CVE-2017-12150,CVE-2017-12151,CVE-2017-12163 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
