- Home
- CVEs with nessus.description==The version of Samba running on the remote host is 4.4.x prior to 4.4.16, 4.5.x prior to 4.5.14, or 4.6.x prior to 4.6.8. It is, therefore, affected by the following vulnerabilities:
- Signing requirements are not properly enforced for SMB v1, v2, and v3. This could allow a man-in-the-middle attacker to interfere with client connections. (CVE-2017-12150)
- A flaw exists with the DFS redirect that causes encryption requirements to not be maintained. A man-in-the-middle attacker could read or alter the client connection. (CVE-2017-12151)
- A flaw exists with SMB v1 due to improper range check for client write requests. An authenticated attacker could potentially access sensitive server information. (CVE-2017-12163)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top