Lucene search
Copyright (C) 2021 Greenbone AGOPENVAS:13614125623114201632721HistoryApr 19, 2021 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2016:3272-1)
2021-04-1900:00:00
Copyright (C) 2021 Greenbone AG
plugins.openvas.org
9
suse linux enterprise
samba package
security advisory
denial of service
remote code execution
vulnerability
package update
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0.941
Percentile
99.2%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2016.3272.1");
script_cve_id("CVE-2016-2123", "CVE-2016-2125", "CVE-2016-2126");
script_tag(name:"creation_date", value:"2021-04-19 00:00:00 +0000 (Mon, 19 Apr 2021)");
script_version("2024-02-02T14:37:49+0000");
script_tag(name:"last_modification", value:"2024-02-02 14:37:49 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"6.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2019-01-29 15:11:42 +0000 (Tue, 29 Jan 2019)");
script_name("SUSE: Security Advisory (SUSE-SU-2016:3272-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES12\.0SP1|SLES12\.0SP2)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2016:3272-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2016/suse-su-20163272-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'samba' package(s) announced via the SUSE-SU-2016:3272-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for samba fixes the following issues:
Security issues fixed:
- CVE-2016-2125: Don't send delegated credentials to all servers.
(bsc#1014441).
- CVE-2016-2126: Denial of service due to a client triggered crash in the
winbindd parent process. (bsc#1014442).
- CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execution
Vulnerability. (bsc#1014437). The component affected is not built in our
packages.
Non security issues fixed:
- s3/client: obey 'disable netbios' smb.conf param, don't connect via NBT
port, (bsc#1009085)
- Add doc changes for net ads --no-dns-updates switch, (bsc#991564)
- Include vfstest in samba-test, (bsc#1001203).
- s3/winbindd: using default domain with [email protected] format fails
(bsc#997833).
- Fix illegal memory access after memory has been deleted (bsc#975299).
- Fix bug in tevent poll backend causing winbind to loop tightly
(bsc#994500).
- Various fixes for spnego/ntlm (bsc#986675).");
script_tag(name:"affected", value:"'samba' package(s) on SUSE Linux Enterprise Desktop 12-SP1, SUSE Linux Enterprise Desktop 12-SP2, SUSE Linux Enterprise High Availability 12-SP1, SUSE Linux Enterprise Server 12-SP1, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server for Raspberry Pi 12-SP2, SUSE Linux Enterprise Software Development Kit 12-SP1, SUSE Linux Enterprise Software Development Kit 12-SP2.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES12.0SP1") {
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0-32bit", rpm:"libdcerpc-binding0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0", rpm:"libdcerpc-binding0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0-debuginfo-32bit", rpm:"libdcerpc-binding0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0-debuginfo", rpm:"libdcerpc-binding0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0-32bit", rpm:"libdcerpc0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0", rpm:"libdcerpc0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0-debuginfo-32bit", rpm:"libdcerpc0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0-debuginfo", rpm:"libdcerpc0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libgensec0-32bit", rpm:"libgensec0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libgensec0", rpm:"libgensec0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libgensec0-debuginfo-32bit", rpm:"libgensec0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libgensec0-debuginfo", rpm:"libgensec0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0-32bit", rpm:"libndr-krb5pac0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0", rpm:"libndr-krb5pac0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0-debuginfo-32bit", rpm:"libndr-krb5pac0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0-debuginfo", rpm:"libndr-krb5pac0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0-32bit", rpm:"libndr-nbt0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0", rpm:"libndr-nbt0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0-debuginfo-32bit", rpm:"libndr-nbt0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0-debuginfo", rpm:"libndr-nbt0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0-32bit", rpm:"libndr-standard0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0", rpm:"libndr-standard0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0-debuginfo-32bit", rpm:"libndr-standard0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0-debuginfo", rpm:"libndr-standard0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0-32bit", rpm:"libndr0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0", rpm:"libndr0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0-debuginfo-32bit", rpm:"libndr0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0-debuginfo", rpm:"libndr0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0-32bit", rpm:"libnetapi0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0", rpm:"libnetapi0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0-debuginfo-32bit", rpm:"libnetapi0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0-debuginfo", rpm:"libnetapi0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libregistry0", rpm:"libregistry0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libregistry0-debuginfo", rpm:"libregistry0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0-32bit", rpm:"libsamba-credentials0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0", rpm:"libsamba-credentials0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0-debuginfo-32bit", rpm:"libsamba-credentials0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0-debuginfo", rpm:"libsamba-credentials0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0-32bit", rpm:"libsamba-hostconfig0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0", rpm:"libsamba-hostconfig0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0-debuginfo-32bit", rpm:"libsamba-hostconfig0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0-debuginfo", rpm:"libsamba-hostconfig0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0-32bit", rpm:"libsamba-passdb0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0", rpm:"libsamba-passdb0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0-debuginfo-32bit", rpm:"libsamba-passdb0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0-debuginfo", rpm:"libsamba-passdb0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0-32bit", rpm:"libsamba-util0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0", rpm:"libsamba-util0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0-debuginfo-32bit", rpm:"libsamba-util0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0-debuginfo", rpm:"libsamba-util0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0-32bit", rpm:"libsamdb0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0", rpm:"libsamdb0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0-debuginfo-32bit", rpm:"libsamdb0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0-debuginfo", rpm:"libsamdb0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient-raw0-32bit", rpm:"libsmbclient-raw0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient-raw0", rpm:"libsmbclient-raw0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient-raw0-debuginfo-32bit", rpm:"libsmbclient-raw0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient-raw0-debuginfo", rpm:"libsmbclient-raw0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0-32bit", rpm:"libsmbclient0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0", rpm:"libsmbclient0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0-debuginfo-32bit", rpm:"libsmbclient0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0-debuginfo", rpm:"libsmbclient0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0-32bit", rpm:"libsmbconf0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0", rpm:"libsmbconf0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0-debuginfo-32bit", rpm:"libsmbconf0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0-debuginfo", rpm:"libsmbconf0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap0-32bit", rpm:"libsmbldap0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap0", rpm:"libsmbldap0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap0-debuginfo-32bit", rpm:"libsmbldap0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap0-debuginfo", rpm:"libsmbldap0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0-32bit", rpm:"libtevent-util0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0", rpm:"libtevent-util0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0-debuginfo-32bit", rpm:"libtevent-util0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0-debuginfo", rpm:"libtevent-util0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0-32bit", rpm:"libwbclient0-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0", rpm:"libwbclient0~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0-debuginfo-32bit", rpm:"libwbclient0-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0-debuginfo", rpm:"libwbclient0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-32bit", rpm:"samba-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba", rpm:"samba~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-32bit", rpm:"samba-client-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client", rpm:"samba-client~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-debuginfo-32bit", rpm:"samba-client-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-debuginfo", rpm:"samba-client-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-debuginfo-32bit", rpm:"samba-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-debuginfo", rpm:"samba-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-debugsource", rpm:"samba-debugsource~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-doc", rpm:"samba-doc~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-32bit", rpm:"samba-libs-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs", rpm:"samba-libs~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-debuginfo-32bit", rpm:"samba-libs-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-debuginfo", rpm:"samba-libs-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-32bit", rpm:"samba-winbind-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind", rpm:"samba-winbind~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-debuginfo-32bit", rpm:"samba-winbind-debuginfo-32bit~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-debuginfo", rpm:"samba-winbind-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES12.0SP2") {
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-atsvc0", rpm:"libdcerpc-atsvc0~4.2.4~28.3.1", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-atsvc0-debuginfo", rpm:"libdcerpc-atsvc0-debuginfo~4.2.4~28.3.1", rls:"SLES12.0SP2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
freebsd
freebsd
samba -- multiple vulnerabilities
2016-12-19 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2016-12-19 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package samba version 4.5.3-alt1.M70P.1
2016-12-19 00:00:00
Security fix for the ALT Linux 8 package samba version 4.5.3-alt1
2016-12-19 00:00:00
Security fix for the ALT Linux 7 package samba-DC version 4.5.3-alt1.M70P.1
2016-12-19 00:00:00
nessus
nessus
SUSE SLES12 Security Update : samba (SUSE-SU-2016:3299-1)
2017-01-03 00:00:00
openSUSE Security Update : samba (openSUSE-2017-11)
2017-01-05 00:00:00
SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:3272-1)
2016-12-27 00:00:00
archlinux
archlinux
[ASA-201612-19] samba: multiple issues
2016-12-22 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:3271-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:3299-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-3158-1)
2016-12-20 00:00:00
slackware
slackware
[slackware-security] samba
2016-12-28 21:10:14
debian
debian
[SECURITY] [DSA 3740-1] samba security update
2016-12-19 10:16:48
[SECURITY] [DSA 3740-1] samba security update
2016-12-19 10:16:48
[SECURITY] [DLA 776-1] samba security update
2017-01-02 18:57:35
osv
osv
samba - security update
2016-12-19 00:00:00
CVE-2016-2123
2018-11-01 13:29:00
samba - security update
2017-01-02 00:00:00
oraclelinux
oraclelinux
samba4 security and bug fix update
2017-03-27 00:00:00
samba security and bug fix update
2017-03-27 00:00:00
samba security and bug fix update
2017-05-22 00:00:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 24 Update: samba-4.4.9-0.fc24
2017-01-09 01:25:50
[SECURITY] Fedora 25 Update: samba-4.5.3-0.fc25
2016-12-22 16:51:05
centos
centos
samba4 security update
2017-03-24 15:43:22
libsmbclient, samba security update
2017-03-24 15:43:17
ctdb, libsmbclient, libwbclient, samba security update
2017-05-22 16:26:22
redhat
redhat
(RHSA-2017:0494) Moderate: Red Hat Gluster Storage 3.2.0 samba security, bug fixes and enhancement update
2017-03-23 04:59:13
(RHSA-2017:0744) Moderate: samba4 security and bug fix update
2017-03-21 06:17:49
(RHSA-2017:0662) Moderate: samba security and bug fix update
2017-03-21 06:17:45
prion
prion
Integer overflow
2018-11-01 13:29:00
Authentication flaw
2018-10-31 20:29:00
Privilege escalation
2017-05-11 14:29:00
redhatcve
redhatcve
CVE-2016-2123
2016-12-19 12:47:23
CVE-2016-2126
2019-10-11 15:33:40
amazon
amazon
Important: samba
2017-05-30 23:54:00
debiancve
debiancve
ubuntucve
ubuntucve
nvd
nvd
checkpoint_advisories
checkpoint_advisories
Samba NDR Parsing ndr_pull_dnsp_name Integer Overflow (CVE-2016-2123)
2017-01-25 00:00:00
cve
cve
samba
samba
Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
2016-12-19 00:00:00
Unconditional privilege delegation to Kerberos servers in trusted realms
2016-12-19 00:00:00
Flaws in Kerberos PAC validation can trigger privilege elevation.
2016-12-19 00:00:00
cvelist
cvelist
zdi
zdi
alpinelinux
alpinelinux
mageia
mageia
Updated samba packages fix security vulnerability
2016-12-30 18:00:01
Updated samba packages fix security vulnerability
2017-05-25 17:37:42
veracode
veracode
Spoofing And Impersonation
2019-01-15 09:16:14
Privilege Escalation
2019-05-02 05:51:55
f5
f5
K03644631 : Samba vulnerability CVE-2016-2126
2017-04-11 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0.941
Percentile
99.2%
Related for OPENVAS:13614125623114201632721