Oracle Solaris 11: CVE-2017-12151: Vulnerability in Samba
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:M/Au:N/C:P/I:P/A:P) | November 30, 2017 | November 30, 2017 | January 17, 2018 |
Description
A flaw was found in the way samba client used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
Solution
oracle-solaris-11-3-upgrade-library-samba-libsmbclient-4-4-16-0-175-3-25-0-3-0Related Vulnerabilities
- Alpine Linux: CVE-2017-12151: samba Multiple vulnerabilities
- Samba CVE-2017-12151: Numerous CVEs. Please see the announcements for details.
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
- Huawei EulerOS: CVE-2017-12151: samba security update
- Huawei EulerOS: CVE-2017-12151: samba security update
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 6