Описание
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 2:4.6.7+dfsg-1ubuntu3 |
| devel | released | 2:4.6.7+dfsg-1ubuntu3 |
| esm-infra-legacy/trusty | not-affected | 2:4.3.11+dfsg-0ubuntu0.14.04.12 |
| esm-infra/xenial | not-affected | 2:4.3.11+dfsg-0ubuntu0.16.04.11 |
| precise/esm | not-affected | 2:3.6.25-0ubuntu0.12.04.13 |
| trusty | released | 2:4.3.11+dfsg-0ubuntu0.14.04.12 |
| trusty/esm | not-affected | 2:4.3.11+dfsg-0ubuntu0.14.04.12 |
| upstream | released | 4.6.8,4.5.14,4.4.16 |
| vivid/ubuntu-core | DNE | |
| xenial | released | 2:4.3.11+dfsg-0ubuntu0.16.04.11 |
Показывать по
EPSS
5.8 Medium
CVSS2
7.4 High
CVSS3
Связанные уязвимости
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x ...
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
EPSS
5.8 Medium
CVSS2
7.4 High
CVSS3