TTCSIRT-044.092117: TT-CSIRT Advisory – Samba Security Updates
The Samba Team has released security updates to address several vulnerabilities in Samba –
a) A man in the middle attack may hijack client connections.
b) A man in the middle attack can read and may alter confidential documents transferred via a client connection, which are reached via DFS redirect when the original connection used SMB3.
c) Client with write access to a share can cause server memory contents to be written into a file or printer.
Further information on these vulnerabilities and how they can be fixed can be found on the SAMBA Website via the following URLS: