CVE-2017-12151
First published: Mon Sep 04 2017(Updated: )
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/samba | 2:4.9.5+dfsg-5+deb10u3 2:4.9.5+dfsg-5+deb10u4 2:4.13.13+dfsg-1~deb11u5 2:4.17.11+dfsg-0+deb12u1 2:4.17.12+dfsg-0+deb12u1 2:4.19.1+dfsg-4 2:4.19.2+dfsg-1 | |
| redhat/samba | <4.4.16 | 4.4.16 |
| redhat/samba | <4.5.14 | 4.5.14 |
| redhat/samba | <4.6.8 | 4.6.8 |
| Samba | <4.4.16 | |
| Samba | >=4.5.0<4.5.14 | |
| Samba | >=4.6.0<4.6.8 | |
| Debian GNU/Linux | =8.0 | |
| Debian GNU/Linux | =9.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| redhat enterprise Linux desktop | =7.0 | |
| redhat enterprise Linux server aus | =7.4 | |
| redhat enterprise Linux server eus | =7.4 | |
| redhat enterprise Linux server eus | =7.5 | |
| redhat enterprise Linux workstation | =7.0 | |
| HP CIFS/9000 Server | =b.04.05.11.00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/100917
- http://www.securitytracker.com/id/1039401
- https://access.redhat.com/errata/RHSA-2017:2790
- https://access.redhat.com/errata/RHSA-2017:2858
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12151
- https://security.netapp.com/advisory/ntap-20170921-0001/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us
- https://www.debian.org/security/2017/dsa-3983
- https://www.samba.org/samba/security/CVE-2017-12151.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1493441
- https://bugzilla.redhat.com/show_bug.cgi?id=1488197
- https://security-tracker.debian.org/tracker/CVE-2017-12151
Frequently Asked Questions
What is the severity of CVE-2017-12151?
CVE-2017-12151 has a medium severity rating due to its potential to allow attackers to read or alter connection data.
How do I fix CVE-2017-12151?
To fix CVE-2017-12151, update Samba to version 4.4.16, 4.5.14, 4.6.8 or later.
What versions of Samba are affected by CVE-2017-12151?
Samba versions before 4.4.16, 4.5.14, and 4.6.8 are affected by CVE-2017-12151.
What platforms are vulnerable to CVE-2017-12151?
Debian and Red Hat Enterprise Linux versions running affected Samba iterations are vulnerable to CVE-2017-12151.
Is CVE-2017-12151 exploitable remotely?
Yes, CVE-2017-12151 can be exploited remotely, allowing attackers to manipulate the connection.
- collector/security-tracker-debian
- agent/weakness
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/severity
- agent/author
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2017-12151
- agent/software-canonical-lookup
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- package-manager/redhat
- vendor/samba
- canonical/samba
- version/samba/4.5.0
- version/samba/4.6.0
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/8.0
- version/debian gnu/linux/9.0
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/7.0
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/7.4
- canonical/redhat enterprise linux server eus
- version/redhat enterprise linux server eus/7.4
- version/redhat enterprise linux server eus/7.5
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/7.0
- vendor/hp
- canonical/hp cifs/9000 server
- version/hp cifs/9000 server/b.04.05.11.00