Oracle Linux: How to Mitigate "SMB Signing Not Required" Vulnerability
(Doc ID 2898828.1)
Last updated on FEBRUARY 26, 2024
Applies to:
Linux OS - Version Oracle Linux 7.0 and laterLinux x86-64
Symptoms
Nessus or a third party tool reports a vulnerability which goes by the name "SMB Signing not required" with medium severity on Oracle Linux servers running Samba service. This is reported to affect port 445/tcp where an unauthenticated remote attacker can exploit this to conduct man-in-the-middle attacks against the SMB server.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |