CVE-2018-1139

Priority
Description
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of
weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A
man-in-the-middle attacker could use this flaw to read the credential and
other details passed between the samba server and client.
Assigned-to
mdeslaur
Notes
mdeslaur4.7.0 to 4.8.3 only
Package
Source: samba (LP Ubuntu Debian)
Upstream:released (4.7.9,4.8.4)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (2:4.3.11+dfsg-0ubuntu0.14.04.14)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (2:4.3.11+dfsg-0ubuntu0.16.04.13)
Ubuntu 18.04 LTS (Bionic Beaver):released (2:4.7.6+dfsg~ubuntu-0ubuntu2.2)
More Information

Updated: 2020-01-29 20:01:36 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)