Samba up to 4.4.15/4.5.12/4.6.7 information disclosure

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, was found in Samba up to 4.4.15/4.5.12/4.6.7 (File Transfer Software). Affected is an unknown code. Upgrading to version 4.4.16, 4.5.14 or 4.6.8 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1081997101/14/2021VulD...person_nameYihan Lian/Zhibin Husecurityfocus.com01/14/2021accepted70
1081997001/14/2021VulD...cve_cnaRed Hat, Inc.nvd.nist.gov01/14/2021accepted70
1081996901/14/2021VulD...cvss2_nvd_basescore4.8nist.gov01/14/2021accepted90
1081996801/14/2021VulD...price_0day$0-$5ksee documentation01/14/2021accepted90
1081996701/14/2021VulD...cve_nvd_summaryAn information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.cve.mitre.org01/14/2021accepted70
713573411/19/2019VulD...securityfocus_classDesign Errorsecurityfocus.com11/19/2019accepted100
713573311/19/2019VulD...securityfocus_date1505865600 (09/20/2017)securityfocus.com11/19/2019accepted100
713572911/19/2019VulD...cve_assigned1501545600mitre.org11/19/2019accepted100
713572611/19/2019VulD...date1505952000 (09/21/2017)11/19/2019accepted100
713572211/19/2019VulD...confirm_urlhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12163bugzilla.redhat.com11/19/2019accepted100
713572111/19/2019VulD...company_nameQihoo 360 GearTeam11/19/2019accepted100
713567911/19/2019VulD...discoverydate150595200011/19/2019accepted100
713575909/25/2017VulD...cvss3_nvd_basescore7.1nist.gov09/25/2017accepted90
713575809/25/2017VulD...cvss3_vuldb_rcC09/25/2017accepted90
713575709/25/2017VulD...cvss3_vuldb_rlO09/25/2017accepted90
713575609/25/2017VulD...cvss3_vuldb_eX09/25/2017accepted90
713575509/25/2017VulD...cvss2_vuldb_rcC09/25/2017accepted90
713575409/25/2017VulD...cvss2_vuldb_rlOF09/25/2017accepted90
713575309/25/2017VulD...cvss2_vuldb_eND09/25/2017accepted90
713575209/25/2017VulD...seealso107074 10707509/25/2017accepted100

Do you know our Splunk app?

Download it now for free!