CVE-2017-12163 samba: server memory information leak over SMB1

CVE ID

CVE-2017-12163

DESCRIPTION

An information leak flaw was found in the way SMB1 protocol was implemented by
Samba. A malicious client could use this flaw to dump server memory contents
to a file on the samba share or to a shared printer, though the exact area of
server memory cannot be controlled by the attacker.

CVSS3 Base Score    4.1

Related CVEs:  CVE-2017-12150 CVE-2017-2619

 

RESOLUTION

Fixed in latest Unitrends security update with
   samba-3.6.23-45.el6_9

LINK TO ADVISORIES

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section