CVE-2007-3843

NONECVSS 0.0

0.0

The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request.

🔗 References (36)

secalert@redhathttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=246595
secalert@redhathttp://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.23-rc1
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
secalert@redhathttp://secunia.com/advisories/26366
secalert@redhathttp://secunia.com/advisories/26647
secalert@redhathttp://secunia.com/advisories/26760
secalert@redhathttp://secunia.com/advisories/27436
secalert@redhathttp://secunia.com/advisories/27747
secalert@redhathttp://secunia.com/advisories/27912
secalert@redhathttp://secunia.com/advisories/28806
secalert@redhathttp://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
secalert@redhathttp://www.debian.org/security/2007/dsa-1363
secalert@redhathttp://www.redhat.com/support/errata/RHSA-2007-0705.html
secalert@redhathttp://www.redhat.com/support/errata/RHSA-2007-0939.html

Is Your Infrastructure Affected by CVE-2007-3843?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-3843

📅 Published

🔄 Last Modified

🔗 References (36)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-3843?