Displaying 1 result from an estimated 1 matches for "id57608".
Did you mean:
d57688
2023 Jul 07
0
server signing = mandatory/required broken in 4.17.5 ?
...est samba version available for
RHEL8 is samba 4.17.5
Since samba is updated to 4.17.5 from 4.16.4 the "server signing =
mandatory" config option seems to be broken.
Nessus scans reports a vulnerability on server signing not required:
SMB Signing not required
VULNERABILITY MEDIUM
PLUGIN ID57608
Description
Signing is not required on the remote SMB server. An unauthenticated,
remote attacker can exploit this to conduct man-in-the-middle attacks
against the SMB server.
Our smb.conf looks like this:
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# R...