Lucene search
This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2020-3083-1.NASLHistoryDec 09, 2020 - 12:00 a.m.
SUSE SLES12 Security Update : samba (SUSE-SU-2020:3083-1)
2020-12-0900:00:00
This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
suse sles12
security update
samba
cve-2020-14323
cve-2020-14318
permissions check
unprivileged user
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
40.5%
This update for samba fixes the following issues :
CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994).
CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902).
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2020:3083-1.
# The text itself is copyright (C) SUSE.
#
include("compat.inc");
if (description)
{
script_id(143766);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/13");
script_cve_id("CVE-2020-14318", "CVE-2020-14323");
script_name(english:"SUSE SLES12 Security Update : samba (SUSE-SU-2020:3083-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"This update for samba fixes the following issues :
CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994).
CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify
(bsc#1173902).
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1173902"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1173994"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2020-14318/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2020-14323/"
);
# https://www.suse.com/support/update/announcement/2020/suse-su-20203083-1
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?25a2497b"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE OpenStack Cloud 7 :
zypper in -t patch SUSE-OpenStack-Cloud-7-2020-3083=1
SUSE Linux Enterprise Server for SAP 12-SP2 :
zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-3083=1
SUSE Linux Enterprise Server 12-SP2-LTSS :
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-3083=1
SUSE Linux Enterprise Server 12-SP2-BCL :
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-3083=1
SUSE Linux Enterprise High Availability 12-SP2 :
zypper in -t patch SUSE-SLE-HA-12-SP2-2020-3083=1"
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14318");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdcerpc-binding0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdcerpc0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-krb5pac0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-nbt0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-standard0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libnetapi0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-credentials0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-errors0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-passdb0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-util0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamdb0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbclient0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbconf0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbldap0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libtevent-util0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwbclient0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-client-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-winbind");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/10/29");
script_set_attribute(attribute:"patch_publication_date", value:"2020/10/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/12/09");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"2", reference:"libdcerpc-binding0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libdcerpc-binding0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libdcerpc-binding0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libdcerpc-binding0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libdcerpc0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libdcerpc0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libdcerpc0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libdcerpc0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-krb5pac0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-krb5pac0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-krb5pac0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-krb5pac0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-nbt0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-nbt0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-nbt0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-nbt0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-standard0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-standard0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-standard0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr-standard0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libndr0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libnetapi0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libnetapi0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libnetapi0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libnetapi0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-credentials0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-credentials0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-credentials0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-credentials0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-errors0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-errors0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-errors0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-errors0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-hostconfig0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-hostconfig0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-hostconfig0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-hostconfig0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-passdb0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-passdb0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-passdb0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-passdb0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-util0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-util0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-util0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamba-util0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamdb0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamdb0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamdb0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsamdb0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbclient0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbclient0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbclient0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbclient0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbconf0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbconf0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbconf0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbconf0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbldap0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbldap0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbldap0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libsmbldap0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libtevent-util0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libtevent-util0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libtevent-util0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libtevent-util0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwbclient0-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwbclient0-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwbclient0-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwbclient0-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-client-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-client-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-client-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-client-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-debugsource-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-libs-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-libs-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-libs-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-libs-debuginfo-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-winbind-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-winbind-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-winbind-debuginfo-32bit-4.4.2-38.39.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"samba-winbind-debuginfo-4.4.2-38.39.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "samba");
}
References
Related
nessus
nessus
SUSE SLES11 Security Update : samba (SUSE-SU-2020:14525-1)
2021-06-10 00:00:00
EulerOS 2.0 SP9 : samba (EulerOS-SA-2020-2491)
2020-12-01 00:00:00
EulerOS 2.0 SP5 : samba (EulerOS-SA-2021-1229)
2021-02-04 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2021-1229)
2021-02-05 00:00:00
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-2491)
2020-12-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3083-1)
2021-04-19 00:00:00
ibm
ibm
freebsd
freebsd
samba -- Multiple Vulnerabilities
2020-10-29 00:00:00
f5
f5
K93951507 : Multiple Samba vulnerabilities
2021-04-06 00:00:00
almalinux
almalinux
Moderate: samba security, bug fix, and enhancement update
2021-05-18 05:44:25
fedora
fedora
[SECURITY] Fedora 32 Update: samba-4.12.10-0.fc32
2020-11-10 01:29:57
[SECURITY] Fedora 33 Update: samba-4.13.1-0.fc33
2020-11-03 01:01:17
centos
centos
ctdb, libsmbclient, libwbclient, samba security update
2020-12-18 00:19:11
rocky
rocky
samba security, bug fix, and enhancement update
2021-05-18 05:44:25
oraclelinux
oraclelinux
samba security and bug fix update
2020-12-16 00:00:00
samba security, bug fix, and enhancement update
2021-05-25 00:00:00
mageia
mageia
Updated samba packages fix security vulnerabilities
2020-11-10 18:20:00
osv
osv
samba vulnerabilities
2020-11-02 13:56:36
Moderate: samba security, bug fix, and enhancement update
2021-05-18 05:44:25
Moderate: samba security, bug fix, and enhancement update
2021-05-18 05:44:25
redhat
redhat
(RHSA-2020:5439) Moderate: samba security and bug fix update
2020-12-15 09:01:31
(RHSA-2021:1647) Moderate: samba security, bug fix, and enhancement update
2021-05-18 05:44:25
(RHSA-2021:3723) Moderate: samba security, bug fix and enhancement update
2021-10-05 04:55:51
amazon
amazon
Critical: samba
2021-01-05 23:34:00
Critical: samba
2021-01-12 22:51:00
Critical: samba
2021-06-16 20:36:00
ubuntu
ubuntu
Samba vulnerabilities
2020-11-02 00:00:00
Samba vulnerabilities
2021-05-03 00:00:00
suse
suse
Security update for samba (important)
2020-11-02 00:00:00
Security update for samba (important)
2020-11-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.12.9-alt1
2020-10-29 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2020-12-24 00:00:00
alpinelinux
alpinelinux
CVE-2020-14323
2020-10-29 20:15:17
CVE-2020-14318
2020-12-03 16:15:12
ubuntucve
ubuntucve
CVE-2020-14323
2020-10-29 00:00:00
CVE-2020-14318
2020-10-29 00:00:00
samba
samba
Unprivileged user can crash winbind
2020-10-29 00:00:00
Missing handle permissions check in SMB1/2/3
2020-10-29 00:00:00
nvd
nvd
CVE-2020-14323
2020-10-29 20:15:17
CVE-2020-14318
2020-12-03 16:15:12
redhatcve
redhatcve
CVE-2020-14318
2020-10-29 11:29:24
CVE-2020-14323
2020-10-29 11:29:25
vulnrichment
vulnrichment
CVE-2020-14318
2020-12-03 00:00:00
CVE-2020-14323
2020-10-29 00:00:00
veracode
veracode
Information Disclosure
2020-11-09 05:13:20
Denial Of Service (DoS)
2020-11-09 05:13:27
cbl_mariner
cbl_mariner
CVE-2020-14323 affecting package samba 4.12.5-6
2024-09-30 03:52:42
CVE-2020-14318 affecting package samba 4.12.5-6
2024-09-30 03:52:42
debiancve
debiancve
CVE-2020-14323
2020-10-29 20:15:17
CVE-2020-14318
2020-12-03 16:15:12
cve
cve
CVE-2020-14323
2020-10-29 20:15:17
CVE-2020-14318
2020-12-03 16:15:12
prion
prion
Null pointer dereference
2020-10-29 20:15:00
Design/Logic Flaw
2020-12-03 16:15:00
cvelist
cvelist
CVE-2020-14323
2020-10-29 00:00:00
CVE-2020-14318
2020-12-03 00:00:00
debian
debian
[SECURITY] [DLA 3792-1] samba security update
2024-04-22 15:05:00
[SECURITY] [DLA 2463-1] samba security update
2020-11-23 03:18:54
rosalinux
rosalinux
Advisory ROSA-SA-2021-1967
2021-07-02 18:07:38
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
40.5%
Related for SUSE_SU-2020-3083-1.NASL