Test ID:	1.3.6.1.4.1.25623.1.0.843315
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3426-1)
Summary:	The remote host is missing an update for the 'samba' package(s) announced via the USN-3426-1 advisory.
Description:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the USN-3426-1 advisory. Vulnerability Insight: Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a machine-in-the-middle attack. (CVE-2017-12150) Stefan Metzmacher discovered that Samba incorrectly handled encryption across DFS redirects. A remote attacker could use this issue to perform a machine-in-the-middle attack. (CVE-2017-12151) Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when SMB1 is being used. A remote attacker could possibly use this issue to obtain server memory contents. (CVE-2017-12163) Affected Software/OS: 'samba' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 17.04. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-12150 BugTraq ID: 100918 http://www.securityfocus.com/bid/100918 Debian Security Information: DSA-3983 (Google Search) https://www.debian.org/security/2017/dsa-3983 RedHat Security Advisories: RHSA-2017:2789 https://access.redhat.com/errata/RHSA-2017:2789 RedHat Security Advisories: RHSA-2017:2790 https://access.redhat.com/errata/RHSA-2017:2790 RedHat Security Advisories: RHSA-2017:2791 https://access.redhat.com/errata/RHSA-2017:2791 RedHat Security Advisories: RHSA-2017:2858 https://access.redhat.com/errata/RHSA-2017:2858 http://www.securitytracker.com/id/1039401 Common Vulnerability Exposure (CVE) ID: CVE-2017-12151 BugTraq ID: 100917 http://www.securityfocus.com/bid/100917 Common Vulnerability Exposure (CVE) ID: CVE-2017-12163 100925 http://www.securityfocus.com/bid/100925 1039401 DSA-3983 RHSA-2017:2789 RHSA-2017:2790 RHSA-2017:2791 RHSA-2017:2858 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12163 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03775en_us https://security.netapp.com/advisory/ntap-20170921-0001/ https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us https://www.samba.org/samba/security/CVE-2017-12163.html https://www.synology.com/support/security/Synology_SA_17_57_Samba
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.