发布时间: 2021年12月10日
修改时间: 2024年10月31日
A flaw was discovered in the way samba implements SMB1 authentication. Even if Kerberos authentication is required, an attacker can use this flaw to retrieve the clear text password sent over the wire.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | High | High |
| Attack Vector | Network | Network |
| CVSS评分 | 5.9 | 6.8 |
| Attack Complexity | High | High |
| Privileges Required | None | Low |
| Scope | Unchanged | Unchanged |
| Integrity | None | High |
| User Interaction | None | None |
| Availability | None | None |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2021-1460 | samba security update | 2021年12月10日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | samba | Fixed |
