vulnerability

Debian: CVE-2017-12150: samba -- security update

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

Sep 21, 2017

Added

Sep 25, 2017

Modified

Mar 30, 2026

Description

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.

Solution

debian-upgrade-samba

References

CVE-2017-12150
https://attackerkb.com/topics/CVE-2017-12150
CWE-300
DEBIAN-DSA-3983
EUVD-EUVD-2017-3734
https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-3734

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report