Oval Definition:	oval:org.cisecurity:def:1221
Revision Date: 2016-11-10 Version: 12 Title: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access Description: Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2016-2115 Platform(s): HP-UX 11 Product(s): Definition Synopsis HP-UX B.11.31 AND filesets test CIFS-Development.CIFS-PRG version is less than A.03.02.07 OR CIFS-Server.CIFS-ADMIN version is less than A.03.02.07 OR CIFS-Server.CIFS-DOC version is less than A.03.02.07 OR CIFS-Server.CIFS-LIB version is less than A.03.02.07 OR CIFS-Server.CIFS-RUN version is less than A.03.02.07 OR CIFS-Server.CIFS-UTIL version is less than A.03.02.07
BACK