CVE-2016-0917
First published: Wed Sep 21 2016(Updated: )
The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638), VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra (all supported versions) does not prevent duplicate NTLM challenge-response nonces, which makes it easier for remote attackers to execute arbitrary code, or read or write to files, via a series of authentication requests, a related issue to CVE-2010-0231.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Emc Vnx1 Oe Firmware | ||
| Emc Vnx2 Oe Firmware | ||
| Emc Vnxe Oe Firmware | ||
| Emc Vnx5200 | ||
| Emc Vnx5400 | ||
| Emc Vnx5600 | ||
| Emc Vnx5800 | ||
| Emc Vnxe1600 | ||
| Emc Vnxe3100 | ||
| Emc Vnxe3150 | ||
| Emc Vnxe3200 | ||
| Emc Vnxe3200 Hybrid | ||
| Emc Vnxe3300 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/emc
- canonical/emc vnx1 oe firmware
- canonical/emc vnx2 oe firmware
- canonical/emc vnxe oe firmware
- canonical/emc vnx5200
- canonical/emc vnx5400
- canonical/emc vnx5600
- canonical/emc vnx5800
- canonical/emc vnxe1600
- canonical/emc vnxe3100
- canonical/emc vnxe3150
- canonical/emc vnxe3200
- canonical/emc vnxe3200 hybrid
- canonical/emc vnxe3300