Korean
<< Back
VID 23298
Severity 40
Port 139
Protocol TCP
Class Samba
Detailed Description The version of Samba running on the remote host is 4.9.x prior to 4.9.8.
It is, therefore, affected by a man in the middle vulnerability in the Heimdal KDC due to an design error. An authenticated, remote attacker can exploit this, via replacing the user name on intercepted requests to the KDC, to bypass security restrictions.

* References:
https://www.samba.org/samba/security/CVE-2018-16860.html

* Platforms Affected:
Samba Project, Samba versions 4.9.x before 4.9.8
Linux Any version
Unix Any version
Recommendation Upgrade to the latest version of Samba 4.9.8 or later, available from the Samba Web site at https://www.samba.org/samba/download/
Related URL CVE-2018-16860 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)