search for: id57608

...est samba version available for RHEL8 is samba 4.17.5 Since samba is updated to 4.17.5 from 4.16.4 the "server signing = mandatory" config option seems to be broken. Nessus scans reports a vulnerability on server signing not required: SMB Signing not required VULNERABILITY MEDIUM PLUGIN ID57608 Description Signing is not required on the remote SMB server. An unauthenticated, remote attacker can exploit this to conduct man-in-the-middle attacks against the SMB server. Our smb.conf looks like this: # See smb.conf.example for a more detailed config file or # read the smb.conf manpage. # R...