CVE-2018-1139

CVE-2018-1139

Name

CVE-2018-1139

Description

A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.

NVD Severity

high

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Third Party Advisory	https://www.samba.org/samba/security/CVE-2018-1139.html
Issue Tracking	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1139
Third Party Advisory	https://usn.ubuntu.com/3738-1/
Third Party Advisory	https://security.netapp.com/advisory/ntap-20180814-0001/
Third Party Advisory	http://www.securityfocus.com/bid/105084
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:2613
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:2612
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:3056
GENTOO	https://security.gentoo.org/glsa/202003-52

Type

URI

Third Party Advisory

https://www.samba.org/samba/security/CVE-2018-1139.html

Issue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1139

Third Party Advisory

https://usn.ubuntu.com/3738-1/

Third Party Advisory

https://security.netapp.com/advisory/ntap-20180814-0001/

Third Party Advisory

http://www.securityfocus.com/bid/105084