CVE-2017-12151
First published: Mon Sep 04 2017(Updated: )
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/samba | 2:4.9.5+dfsg-5+deb10u3 2:4.9.5+dfsg-5+deb10u4 2:4.13.13+dfsg-1~deb11u5 2:4.17.11+dfsg-0+deb12u1 2:4.17.12+dfsg-0+deb12u1 2:4.19.1+dfsg-4 2:4.19.2+dfsg-1 | |
| Samba Samba | <4.4.16 | |
| Samba Samba | >=4.5.0<4.5.14 | |
| Samba Samba | >=4.6.0<4.6.8 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Server Aus | =7.4 | |
| Redhat Enterprise Linux Server Eus | =7.4 | |
| Redhat Enterprise Linux Server Eus | =7.5 | |
| Redhat Enterprise Linux Workstation | =7.0 | |
| Hp Cifs Server | =b.04.05.11.00 | |
| redhat/samba | <4.4.16 | 4.4.16 |
| redhat/samba | <4.5.14 | 4.5.14 |
| redhat/samba | <4.6.8 | 4.6.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/100917
- http://www.securitytracker.com/id/1039401
- https://access.redhat.com/errata/RHSA-2017:2790
- https://access.redhat.com/errata/RHSA-2017:2858
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12151
- https://security.netapp.com/advisory/ntap-20170921-0001/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us
- https://www.debian.org/security/2017/dsa-3983
- https://www.samba.org/samba/security/CVE-2017-12151.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1493441
- https://bugzilla.redhat.com/show_bug.cgi?id=1488197
- https://security-tracker.debian.org/tracker/CVE-2017-12151
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2017-12151
- agent/software-canonical-lookup
- collector/security-tracker-debian
- vendor/samba
- canonical/samba samba
- version/samba samba/4.5.0
- version/samba samba/4.6.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/7.0
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/7.4
- canonical/redhat enterprise linux server eus
- version/redhat enterprise linux server eus/7.4
- version/redhat enterprise linux server eus/7.5
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/7.0
- vendor/hp
- canonical/hp cifs server
- version/hp cifs server/b.04.05.11.00
- package-manager/redhat
- package-manager/debian