CVE-2018-1139
Published: 14 August 2018
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.
Priority
CVSS 3 base score: 8.1
Notes
Author | Note |
---|---|
mdeslaur | 4.7.0 to 4.8.3 only |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1139
- https://www.samba.org/samba/security/CVE-2018-1139.html
- https://ubuntu.com/security/notices/USN-3738-1
- NVD
- Launchpad
- Debian