 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2017-12151 |
| Description: | A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.811906 1.3.6.1.4.1.25623.1.0.703983 1.3.6.1.4.1.25623.1.0.811793 1.3.6.1.4.1.25623.1.0.882774 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-12151 BugTraq ID: 100917 http://www.securityfocus.com/bid/100917 Debian Security Information: DSA-3983 (Google Search) https://www.debian.org/security/2017/dsa-3983 RedHat Security Advisories: RHSA-2017:2790 https://access.redhat.com/errata/RHSA-2017:2790 RedHat Security Advisories: RHSA-2017:2858 https://access.redhat.com/errata/RHSA-2017:2858 http://www.securitytracker.com/id/1039401 |