Samba NTLMv1 Authentication Protocol Security Bypass Vulnerability [CVE-2018-1139]
CVE Number – CVE-2018-1139
A vulnerability in Samba could allow an unauthenticated, remote attacker to bypass security restrictions on a targeted system.
The vulnerability is due to a code restructuring in the NT Lan Manager (NTLM) authentication implantation of the affected software. An attacker could exploit this vulnerability to bypass access restrictions on a targeted system. A successful exploit could allow the attacker to authenticate via NTLMv1 even if disabled on a targeted system.
Samba.org has confirmed the vulnerability and released software updates.
-
A successful exploit of this vulnerability could allow the attacker to gain unauthorized access to the targeted system, which the attacker could use to conduct further attacks.
-
Administrators are advised to apply the appropriate updates.
Administrators are advised to allow only trusted users to have network access.
Administrators are advised to monitor affected systems.
-
Samba.org has released a security announcement at the following link: CVE-2018-1139
-
Samba.org has released software updates at the following link: Samba Security Releases
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.