Samba and Windows Vulnerabilities


Severity

Medium

Vendor

Samba, Microsoft Windows

Versions Affected
Description

There are several MITM attacks that can be performed against a variety of protocols used by Samba. These would permit execution of arbitrary Samba network calls using the context of the intercepted user. Impact examples of intercepting administrator network traffic include viewing or modifying certain types of private data on Samba servers. Additionally, Samba services are vulnerable to a denial of service from an attacker with remote network connectivity to the Samba service. [1]

Affected Pivotal Products and Versions
  • The Cloud Foundry team has determined that the project is not exposed to this vulnerability and therefore does not require any upgrades.
  • The Pivotal CF team has determined that Pivotal CF products, such as Pivotal Operations Manager and Pivotal Elastic Runtime, are not exposed to this vulnerability and therefore do not require any upgrades.
Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry team has determined that the project is not exposed to this vulnerability and therefore does not require any upgrades.
  • The Pivotal CF team has determined that Pivotal CF products, such as Pivotal Operations Manager and Pivotal Elastic Runtime, are not exposed to this vulnerability and therefore do not require any upgrades.
Credit

Stefan Metzmacher

References