SMB2 packet signing not enforced

Description

SMB2 packet signing is not enforced if an admin configured
“server signing = required” or for SMB2 connections to Domain
Controllers where SMB2 packet signing is mandatory.

SMB2 packet signing is a mechanism that ensures the integrity
and authenticity of data exchanged between a client and a
server using the SMB2 protocol.

It provides protection against certain types of attacks, such
as man-in-the-middle attacks, where an attacker intercepts
network traffic and modifies the SMB2 messages.

Both client and server of an SMB2 connection can require that
signing is being used. The server-side setting in Samba to
configure signing to be required is “server signing =
required”. Note that on an Samba AD DCs this is also the
default for all SMB2 connections.

Unless the client requires signing which would result in
signing being used on the SMB2 connection, sensitive data
might have been modified by an attacker.

Clients connecting to IPC$ on an AD DC will require signed
connections being used, so the integrity of these connections
was not affected.

Patch Availability

Patches addressing both these issues have been posted to:

https://www.samba.org/samba/security/

Additionally, Samba 4.18.5, 4.17.10 and 4.16.11 have been issued
as security releases to correct the defect. Samba administrators are
advised to upgrade to these releases or apply the patch as soon
as possible.

CVSSv3 calculation

CVSS 3.1: AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N (6.8)

Workaround

Credits

Originally reported by Andreas Schneider of the Samba team.

Patches provided by Ralph Boehme of the Samba team.

== Our Code, Our Bugs, Our Responsibility.
== The Samba Team