[3.4] samba: Orpheus' Lyre mutual authentication validation bypass (CVE-2017-11103)
A MITM attacker may impersonate a trusted server and thus gain elevated
access to the domain by
returning malicious replication or authorization data.
Affected versions:
All versions between Samba 4.0.0 and 4.6.6/4.5.12/4.4.15
References:
https://www.samba.org/samba/security/CVE-2017-11103.html
https://www.samba.org/samba/history/security.html
(from redmine: issue id 7535, created on 2017-07-17, closed on 2017-08-09)
- Relations:
- parent #7532 (closed)
- Changesets:
- Revision da33a65c by Francesco Colista on 2017-08-09T13:13:47Z:
main/samba: fix for CVE-2017-11103. Fixes #7535