Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-12163

Опубликовано: 26 июл. 2018
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 4.8
CVSS3: 4.1

Описание

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.

РелизСтатусПримечание
artful

released

2:4.6.7+dfsg-1ubuntu3
devel

released

2:4.6.7+dfsg-1ubuntu3
esm-infra-legacy/trusty

not-affected

2:4.3.11+dfsg-0ubuntu0.14.04.12
esm-infra/xenial

not-affected

2:4.3.11+dfsg-0ubuntu0.16.04.11
precise/esm

not-affected

2:3.6.25-0ubuntu0.12.04.13
trusty

released

2:4.3.11+dfsg-0ubuntu0.14.04.12
trusty/esm

not-affected

2:4.3.11+dfsg-0ubuntu0.14.04.12
upstream

released

4.6.8,4.5.14,4.4.16
vivid/ubuntu-core

DNE

xenial

released

2:4.3.11+dfsg-0ubuntu0.16.04.11

Показывать по

Ссылки на источники

EPSS

Процентиль: 95%
0.19272
Средний

4.8 Medium

CVSS2

4.1 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-12163

CVSS3: 4.1
redhat
почти 8 лет назад

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.

nvd логотип

CVE-2017-12163

CVSS3: 4.1
nvd
почти 7 лет назад

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.

debian логотип

CVE-2017-12163

CVSS3: 4.1
debian
почти 7 лет назад

An information leak flaw was found in the way SMB1 protocol was implem ...

github логотип

GHSA-hvhw-9wrg-hf3q

CVSS3: 7.1
github
около 3 лет назад

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.

fstec логотип

BDU:2021-01433

CVSS3: 7.1
fstec
почти 7 лет назад

Уязвимость реализации протокола SMB1 пакета программ сетевого взаимодействия Samba, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность

EPSS

Процентиль: 95%
0.19272
Средний

4.8 Medium

CVSS2

4.1 Medium

CVSS3