Samba Network Services Unintended Network Access Vulnerability

By GIXnews


A vulnerability in Samba could allow an authenticated, remote attacker to bypass security restrictions on a targeted system.

The vulnerability is due to improper checksum validation by the S4U2Self handler of the affected software. An attacker with user access could exploit this vulnerability to conduct a man-in-the-middle attack on the targeted system. A successful exploit could result in unintended network access, which the attacker could use to conduct further attacks.

Samba has confirmed the vulnerability and released software updates.

Security Impact Rating: High

CVE: CVE-2018-16860

Source:: Cisco Multivendor Vulnerability Alerts