Vivek Das

Name of the Vulnerable Software and Affected Versions: Samba versions prior to 4.7.9 Samba versions prior to 4.8.4 Description: A flaw in Samba's NTLMv1 authentication allows a man-in-the-middle attacker to read credentials and other details passed between the Samba server and client, even when NTLMv1 is explicitly disabled. This issue is related to incomplete protection of user registration data, which could allow a remote attacker to gain unauthorized access to confidential data. Recommendations: For Samba versions prior to 4.7.9, update to version 4.7.9 or later to resolve the issue. For Samba versions prior to 4.8.4, update to version 4.8.4 or later to resolve the issue.