Vulnerability identifier: #VU14336

Vulnerability risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-1139

CWE-ID: CWE-327

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Samba
Server applications / Directory software, identity management

Vendor: Samba

Description

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to an error that allows usage of NTLMv1 encryption protocol over SMB1 transport, even when NTLMv1 is explicitly disabled.

Mitigation
Update to version 4.7.9 or 4.8.4.

Vulnerable software versions

Samba: 4.8.0 - 4.8.3, 4.7.0 - 4.7.8

---

External links
http://www.samba.org/samba/security/CVE-2018-1139.html

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.