CVE-2007-3843

Impact:
Low
Public Date:
2007-06-08
Bugzilla:
275901: CVE-2007-3843 CIFS signing sec= mount options don't work correctly

The MITRE CVE dictionary describes this issue as:

The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request.

Find out more about CVE-2007-3843 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1 or 3.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (kernel) RHSA-2007:0939 2007-11-01
Red Hat Enterprise Linux 5 (kernel) RHSA-2007:0705 2007-09-13
Last Modified

CVE description copyright © 2017, The MITRE Corporation