Multiple security issues have been discoverd in Samba, a SMB/CIFS file, print, and login server for Unix: CVE-2017-12150 Stefan Metzmacher discovered multiple code paths where SMB signing was not enforced. CVE-2017-12151 Stefan Metzmacher discovered that tools using libsmbclient did not enforce encryption when following DFS redirects, which could allow a man-in-the-middle attacker to read or modify connections which were meant to be encrypted. CVE-2017-12163 Yihan Lian and Zhibin Hu discovered that insufficient range checks in the processing of SMB1 write requests could result in disclosure of server memory. For the oldstable distribution (jessie), these problems have been fixed in version 2:4.2.14+dfsg-0+deb8u8. For the stable distribution (stretch), these problems have been fixed in version 2:4.5.8+dfsg-2+deb9u2. We recommend that you upgrade your samba packages.
Multiple security issues have been discoverd in Samba, a SMB/CIFS file, print, and login server for Unix:
Stefan Metzmacher discovered multiple code paths where SMB signing was not enforced.
Stefan Metzmacher discovered that tools using libsmbclient did not enforce encryption when following DFS redirects, which could allow a man-in-the-middle attacker to read or modify connections which were meant to be encrypted.
Yihan Lian and Zhibin Hu discovered that insufficient range checks in the processing of SMB1 write requests could result in disclosure of server memory.
For the oldstable distribution (jessie), these problems have been fixed in version 2:4.2.14+dfsg-0+deb8u8.
For the stable distribution (stretch), these problems have been fixed in version 2:4.5.8+dfsg-2+deb9u2.
We recommend that you upgrade your samba packages.
Vulmon