Korean
<< Back
VID 23306
Severity 30
Port 139
Protocol TCP
Class Samba
Detailed Description The version of Samba running on the remote host is 4.10.x prior to 4.10.10. It is, therefore, affected by a password complexity check bypass vulnerability. An authenticated attacker could use this flaw to change their password to a weak password that fails the configured password complexity check.

* References:
https://www.samba.org/samba/security/CVE-2019-14833.html

* Platforms Affected:
Samba Project, Samba versions 4.10.x before 4.10.10
Linux Any version
Unix Any version
Recommendation Upgrade to the latest version of Samba 4.10.10 or later, available from the Samba Web site at https://www.samba.org/samba/download/
Related URL CVE-2019-14833 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)