CVE-2017-12151

Related Files

Red Hat Security Advisory 2017-2858-01

Posted Oct 4, 2017

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2858-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.

tags | advisory, remote, protocol

systems | linux, redhat

advisories | CVE-2017-12150, CVE-2017-12151, CVE-2017-12163

SHA-256 | e1751858f2654a30e58a89f135fc7f0a4a103cd6fbfb2d44571d6962a18d585f

Download | Favorite | View

Debian Security Advisory 3983-1

Posted Sep 22, 2017

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3983-1 - Multiple security issues have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory

systems | linux, unix, debian

advisories | CVE-2017-12150, CVE-2017-12151, CVE-2017-12163

SHA-256 | d20e3978bfa76603621405671436ff72e2de88512d266516e792372b832b4216

Download | Favorite | View

Red Hat Security Advisory 2017-2790-01

Posted Sep 21, 2017

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2790-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.

tags | advisory, remote, protocol

systems | linux, redhat

advisories | CVE-2017-12150, CVE-2017-12151, CVE-2017-12163

SHA-256 | 6fdc918f44a544b6b95ca2d43f660a74ab6f5bafc9df5d9b96e58d4d2091ea74

Download | Favorite | View

Ubuntu Security Notice USN-3426-1

Posted Sep 21, 2017

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3426-1 - Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. Stefan Metzmacher discovered that Samba incorrectly handled encryption across DFS redirects. A remote attacker could use this issue to perform a man in the middle attack. Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when SMB1 is being used. A remote attacker could possibly use this issue to obtain server memory contents. Various other issues were also addressed.

tags | advisory, remote

systems | linux, ubuntu

advisories | CVE-2017-12150, CVE-2017-12151, CVE-2017-12163

SHA-256 | fa491e751279b5ea9e1da0bb1115ba5f62388c95fddad08cf232e729f712f242

Download | Favorite | View