CVE-2017-12163 (retired)

Priority
Description
An information leak flaw was found in the way SMB1 protocol was implemented
by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A
malicious client could use this flaw to dump server memory contents to a
file on the samba share or to a shared printer, though the exact area of
server memory cannot be controlled by the attacker.
Assigned-to
mdeslaur
Package
Source: samba (LP Ubuntu Debian)
Upstream:released (4.6.8,4.5.14,4.4.16)
Ubuntu 12.04 ESM (Precise Pangolin):released (2:3.6.25-0ubuntu0.12.04.13)
Ubuntu 14.04 LTS (Trusty Tahr):released (2:4.3.11+dfsg-0ubuntu0.14.04.12)
Ubuntu 16.04 LTS (Xenial Xerus):released (2:4.3.11+dfsg-0ubuntu0.16.04.11)
Ubuntu 18.04 LTS (Bionic Beaver):released (2:4.6.7+dfsg-1ubuntu3)
Patches:
Upstream:https://git.samba.org/?p=samba.git;a=commit;h=bf85c3d4ed7a4f1a0be4e16faf5d9b562940d33d (4.4)
Upstream:https://git.samba.org/?p=samba.git;a=commit;h=a43b36f5514de38b8a072bfbeb172316045c2ad0 (4.5)
Upstream:https://git.samba.org/?p=samba.git;a=commit;h=c848b104aa2293f55c14722d99cf788dafc442cb (4.6)
More Information

Updated: 2019-03-26 12:24:36 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)