[3.5] samba: Orpheus' Lyre mutual authentication validation bypass (CVE-2017-11103)
A MITM attacker may impersonate a trusted server and thus gain elevated
access to the domain by
returning malicious replication or authorization data.
Affected versions:
All versions between Samba 4.0.0 and 4.6.6/4.5.12/4.4.15
References:
https://www.samba.org/samba/security/CVE-2017-11103.html
https://www.samba.org/samba/history/security.html
(from redmine: issue id 7534, created on 2017-07-17, closed on 2017-08-09)
- Relations:
- parent #7532 (closed)
- Changesets:
- Revision 243f10d0 by Francesco Colista on 2017-08-09T13:19:12Z:
main/samba: fix for CVE-2017-11103. Fixes #7534