Samba up to 4.4.15/4.5.12/4.6.7 Signing 7pk security

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in Samba up to 4.4.15/4.5.12/4.6.7 (File Transfer Software). This vulnerability affects some unknown functionality of the component Signing Handler. Upgrading to version 4.4.16, 4.5.14 or 4.6.8 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1081996201/14/2021VulD...cve_cnaRed Hat, Inc.nvd.nist.gov01/14/2021accepted70
1081996101/14/2021VulD...cvss2_nvd_basescore5.8nist.gov01/14/2021accepted90
1081996001/14/2021VulD...price_0day$0-$5ksee documentation01/14/2021accepted90
1081995901/14/2021VulD...cve_nvd_summaryIt was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.cve.mitre.org01/14/2021accepted70
713556311/19/2019VulD...securityfocus_classDesign Errorsecurityfocus.com11/19/2019accepted100
713556211/19/2019VulD...securityfocus_date1505865600 (09/20/2017)securityfocus.com11/19/2019accepted100
713555811/19/2019VulD...cve_assigned1501545600mitre.org11/19/2019accepted100
713555511/19/2019VulD...date1505952000 (09/21/2017)11/19/2019accepted100
713555111/19/2019VulD...confirm_urlhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12150bugzilla.redhat.com11/19/2019accepted100
713550811/19/2019VulD...discoverydate150595200011/19/2019accepted100
713558809/25/2017VulD...cvss3_nvd_basescore7.4nist.gov09/25/2017accepted90
713558709/25/2017VulD...cvss3_vuldb_rcC09/25/2017accepted90
713558609/25/2017VulD...cvss3_vuldb_rlO09/25/2017accepted90
713558509/25/2017VulD...cvss3_vuldb_eX09/25/2017accepted90
713558409/25/2017VulD...cvss2_vuldb_rcC09/25/2017accepted90
713558309/25/2017VulD...cvss2_vuldb_rlOF09/25/2017accepted90
713558209/25/2017VulD...cvss2_vuldb_eND09/25/2017accepted90
713558109/25/2017VulD...seealso107075 10707609/25/2017accepted100
713558009/25/2017VulD...qualys_titleOracle Enterprise Linux Security Update for samba (ELSA-2017-2789)qualys.com09/25/2017accepted100
713557909/25/2017VulD...qualys_id157562qualys.com09/25/2017accepted100

Might our Artificial Intelligence support you?

Check our Alexa App!