Lucene search
Copyright (C) 2021 Greenbone AGOPENVAS:13614125623114202026731HistoryApr 19, 2021 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2020:2673-1)
2021-04-1900:00:00
Copyright (C) 2021 Greenbone AG
plugins.openvas.org
2
suse-su-2020:2673-1; samba; cve-2019-10197; cve-2019-10218; cve-2019-14833; cve-2019-14847; cve-2019-14861; cve-2019-14870; cve-2019-14902; cve-2019-14907; cve-2019-19344; cve-2020-10700; cve-2020-10704; cve-2020-10730; cve-2020-10745; cve-2020-10760; cve-2020-14303
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.1
Confidence
High
EPSS
0.028
Percentile
90.8%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2020.2673.1");
script_cve_id("CVE-2019-10197", "CVE-2019-10218", "CVE-2019-14833", "CVE-2019-14847", "CVE-2019-14861", "CVE-2019-14870", "CVE-2019-14902", "CVE-2019-14907", "CVE-2019-19344", "CVE-2020-10700", "CVE-2020-10704", "CVE-2020-10730", "CVE-2020-10745", "CVE-2020-10760", "CVE-2020-14303");
script_tag(name:"creation_date", value:"2021-04-19 00:00:00 +0000 (Mon, 19 Apr 2021)");
script_version("2024-02-02T14:37:50+0000");
script_tag(name:"last_modification", value:"2024-02-02 14:37:50 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-07-15 17:46:01 +0000 (Wed, 15 Jul 2020)");
script_name("SUSE: Security Advisory (SUSE-SU-2020:2673-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES12\.0SP5)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2020:2673-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2020/suse-su-20202673-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'samba' package(s) announced via the SUSE-SU-2020:2673-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for samba to version 4.10.17 fixes the following issues:
Fixed net command unable to negotiate SMB2, (bsc#1174120),
Update to 4.10.17
- CVE-2020-10745: Invalid DNS or NBT queries containing dots use several
seconds of CPU each, (bso#14378), (bsc#1173160).
- CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and
VLV combined, (bso#14364), (bsc#1173159).
- CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP server
with paged_result or VLV, (bso#14402), (1173161).
- CVE-2020-14303: Fix endless loop from empty UDP packet sent to AD DC
nbt_server, (bso#14417), (bsc#1173359).
- CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and
VLV combined, ldb: Bump version to 1.5.8, (bso#14364), (bsc#1173159).
Update to 4.10.16 s3: lib: Paranoia around use of snprintf copying into
a fixed-size buffer from a getenv() pointer. lib:util: Fix smbclient -l
basename dir, (bso#14345). Malicious SMB1 server can crash libsmbclient,
(bso#14366). s3:libads: Fix ads_get_upn(), (bso#14336). docs-xml: Fix
usernames in pam_winbind manpages, (bso#14358). Client tools are not
able to read gencache anymore since 4.10, (bso#14370).
Update to 4.10.15
- CVE-2020-10700: Fix use-after-free in AD DC LDAP server when ASQ and
paged_results combined, (bso#14331), (bsc#1169850).
- CVE-2020-10704: Fix LDAP Denial of Service (stack overflow) in Samba
AD DC, (bso#20454), (bsc#1169851).
Update to 4.10.14 s3: lib: nmblib. Clean up and harden nmb packet
processing, (bso#14239). s3: VFS: full_audit. Use system session_info if
called from a temporary share definition, (bso#14283). nmblib: Avoid
undefined behaviour in handle_name_ptrs(), (bso#20193). dsdb: Correctly
handle memory in objectclass_attrs, (bso#14258). auth: Fix CID 1458418
Null pointer dereferences (REVERSE_INULL), auth: Fix CID 1458420 Null
pointer dereferences (REVERSE_INULL), (bso#14247). winbind member
(source3) fails local SAM auth with empty domain name, (bso#14247).
winbindd: Handling missing idmap in getgrgid(), (bso#14265). lib:util:
Log mkdir error on correct debug levels, (bso#14253). wafsamba: Do not
use 'rU' as the 'U' is deprecated in Python 3.9, (bso#14266). ctdb-tcp:
Make error handling for outbound connection consistent, (bso#14274).
Starting ctdb node that was powered off hard before results in recovery
loop, (bso#14295).
Update to 4.10.13 s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't
return an inode number, (bso#14161). s3: utils: smbtree. Ensure we don't
call cli_RNetShareEnum()
on an SMB1 connection, (bso#14174). s3: libsmb: Ensure return from
net_share_enum_rpc() sets cli->raw_status on error, (bso#14176). s3:
smbd: SMB2 - Ensure we use the correct session_id if encrypting an
interim response, (bso#14189). s3: smbd: Only set
xconn->smb1.negprot.done = true after
supported_protocols[protocol].proto_reply_fn() succeeds, (bso#14205).
pygpo: Use ... [Please see the references for more information on the vulnerabilities]");
script_tag(name:"affected", value:"'samba' package(s) on SUSE Linux Enterprise High Availability 12-SP5, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP5.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES12.0SP5") {
if(!isnull(res = isrpmvuln(pkg:"ldb-debugsource", rpm:"ldb-debugsource~1.5.8~3.5.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ldb-tools", rpm:"ldb-tools~1.5.8~3.5.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ldb-tools-debuginfo", rpm:"ldb-tools-debuginfo~1.5.8~3.5.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0-32bit", rpm:"libdcerpc-binding0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0", rpm:"libdcerpc-binding0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0-debuginfo-32bit", rpm:"libdcerpc-binding0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0-debuginfo", rpm:"libdcerpc-binding0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0-32bit", rpm:"libdcerpc0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0", rpm:"libdcerpc0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0-debuginfo-32bit", rpm:"libdcerpc0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0-debuginfo", rpm:"libdcerpc0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libldb1", rpm:"libldb1~1.5.8~3.5.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libldb1-32bit", rpm:"libldb1-32bit~1.5.8~3.5.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libldb1-debuginfo", rpm:"libldb1-debuginfo~1.5.8~3.5.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libldb1-debuginfo-32bit", rpm:"libldb1-debuginfo-32bit~1.5.8~3.5.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0-32bit", rpm:"libndr-krb5pac0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0", rpm:"libndr-krb5pac0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0-debuginfo-32bit", rpm:"libndr-krb5pac0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0-debuginfo", rpm:"libndr-krb5pac0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0-32bit", rpm:"libndr-nbt0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0", rpm:"libndr-nbt0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0-debuginfo-32bit", rpm:"libndr-nbt0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0-debuginfo", rpm:"libndr-nbt0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0-32bit", rpm:"libndr-standard0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0", rpm:"libndr-standard0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0-debuginfo-32bit", rpm:"libndr-standard0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0-debuginfo", rpm:"libndr-standard0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0-32bit", rpm:"libndr0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0", rpm:"libndr0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0-debuginfo-32bit", rpm:"libndr0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0-debuginfo", rpm:"libndr0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0-32bit", rpm:"libnetapi0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0", rpm:"libnetapi0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0-debuginfo-32bit", rpm:"libnetapi0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0-debuginfo", rpm:"libnetapi0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0-32bit", rpm:"libsamba-credentials0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0", rpm:"libsamba-credentials0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0-debuginfo-32bit", rpm:"libsamba-credentials0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0-debuginfo", rpm:"libsamba-credentials0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-errors0-32bit", rpm:"libsamba-errors0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-errors0", rpm:"libsamba-errors0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-errors0-debuginfo-32bit", rpm:"libsamba-errors0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-errors0-debuginfo", rpm:"libsamba-errors0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0-32bit", rpm:"libsamba-hostconfig0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0", rpm:"libsamba-hostconfig0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0-debuginfo-32bit", rpm:"libsamba-hostconfig0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0-debuginfo", rpm:"libsamba-hostconfig0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0-32bit", rpm:"libsamba-passdb0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0", rpm:"libsamba-passdb0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0-debuginfo-32bit", rpm:"libsamba-passdb0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0-debuginfo", rpm:"libsamba-passdb0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0-32bit", rpm:"libsamba-util0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0", rpm:"libsamba-util0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0-debuginfo-32bit", rpm:"libsamba-util0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0-debuginfo", rpm:"libsamba-util0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0-32bit", rpm:"libsamdb0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0", rpm:"libsamdb0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0-debuginfo-32bit", rpm:"libsamdb0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0-debuginfo", rpm:"libsamdb0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0-32bit", rpm:"libsmbclient0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0", rpm:"libsmbclient0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0-debuginfo-32bit", rpm:"libsmbclient0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0-debuginfo", rpm:"libsmbclient0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0-32bit", rpm:"libsmbconf0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0", rpm:"libsmbconf0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0-debuginfo-32bit", rpm:"libsmbconf0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0-debuginfo", rpm:"libsmbconf0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap2-32bit", rpm:"libsmbldap2-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap2", rpm:"libsmbldap2~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap2-debuginfo-32bit", rpm:"libsmbldap2-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap2-debuginfo", rpm:"libsmbldap2-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0-32bit", rpm:"libtevent-util0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0", rpm:"libtevent-util0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0-debuginfo-32bit", rpm:"libtevent-util0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0-debuginfo", rpm:"libtevent-util0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0-32bit", rpm:"libwbclient0-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0", rpm:"libwbclient0~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0-debuginfo-32bit", rpm:"libwbclient0-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0-debuginfo", rpm:"libwbclient0-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba", rpm:"samba~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-32bit", rpm:"samba-client-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client", rpm:"samba-client~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-debuginfo-32bit", rpm:"samba-client-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-debuginfo", rpm:"samba-client-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-debuginfo", rpm:"samba-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-debugsource", rpm:"samba-debugsource~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-doc", rpm:"samba-doc~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-32bit", rpm:"samba-libs-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs", rpm:"samba-libs~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-debuginfo-32bit", rpm:"samba-libs-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-debuginfo", rpm:"samba-libs-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3-32bit", rpm:"samba-libs-python3-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3", rpm:"samba-libs-python3~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3-debuginfo-32bit", rpm:"samba-libs-python3-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3-debuginfo", rpm:"samba-libs-python3-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-32bit", rpm:"samba-winbind-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind", rpm:"samba-winbind~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-debuginfo-32bit", rpm:"samba-winbind-debuginfo-32bit~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-debuginfo", rpm:"samba-winbind-debuginfo~4.10.17+git.203.862547088ca~3.14.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
fedora
fedora
[SECURITY] Fedora 31 Update: samba-4.11.6-0.fc31
2020-02-02 01:37:17
[SECURITY] Fedora 30 Update: samba-4.10.13-0.fc30
2020-02-08 01:39:00
[SECURITY] Fedora 31 Update: samba-4.11.3-0.fc31
2019-12-12 01:55:33
openvas
openvas
Fedora: Security Advisory for samba (FEDORA-2020-6bd386c7eb)
2020-02-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1948-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for ldb, (openSUSE-SU-2020:1313-1)
2020-09-02 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2020-07-26 00:00:00
suse
suse
Security update for ldb, samba (important)
2020-07-21 00:00:00
Security update for ldb, samba (important)
2020-09-01 00:00:00
Security update for samba (important)
2020-07-18 00:00:00
nessus
nessus
GLSA-202007-15 : Samba: Multiple vulnerabilities
2020-07-27 00:00:00
SUSE SLED15 / SLES15 Security Update : ldb, samba (SUSE-SU-2020:1948-1)
2020-07-20 00:00:00
openSUSE Security Update : ldb / samba (openSUSE-2020-1313)
2020-09-02 00:00:00
debian
debian
[SECURITY] [DLA 2668-1] samba security update
2021-05-29 11:11:27
[SECURITY] [DLA 3563-1] samba security update
2023-09-14 14:43:24
[SECURITY] [DLA 2463-1] samba security update
2020-11-23 03:18:54
osv
osv
samba - security update
2021-05-29 00:00:00
samba - security update
2023-09-12 00:00:00
samba - security update
2020-11-22 00:00:00
mageia
mageia
Updated samba packages fix security vulnerabilities
2019-12-19 16:44:26
Updated samba packages fix security vulnerability
2020-07-10 11:01:08
Updated samba packages fix security vulnerabilities
2020-01-28 10:52:40
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.11.11-alt1
2020-07-07 00:00:00
Security fix for the ALT Linux 10 package samba version 4.10.13-alt1
2020-01-24 00:00:00
Security fix for the ALT Linux 8 package samba-DC version 4.9.18-alt1
2020-02-12 00:00:00
freebsd
freebsd
samba -- Multiple Vulnerabilities
2020-07-02 00:00:00
samba -- multiple vulnerabilities
2020-01-14 00:00:00
samba -- multiple vulnerabilities
2019-09-29 00:00:00
cisa
cisa
Samba Releases Security Updates
2020-07-03 00:00:00
Samba Releases Security Updates
2020-01-21 00:00:00
Samba Releases Security Updates
2019-10-29 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2020-01-21 00:00:00
Samba vulnerabilities
2019-10-29 00:00:00
Samba vulnerabilities
2020-07-02 00:00:00
ibm
ibm
Security Bulletin: IBM WebSphere Message Broker Hypervisor Edition V8.0 require customer action for security vulnerabilities in Red Hat Linux
2019-12-23 02:52:00
oraclelinux
oraclelinux
samba security, bug fix, and enhancement update
2020-05-05 00:00:00
archlinux
archlinux
[ASA-201911-6] samba: multiple issues
2019-11-03 00:00:00
redhat
redhat
(RHSA-2020:1878) Moderate: samba security, bug fix, and enhancement update
2020-04-28 09:26:30
rosalinux
rosalinux
Advisory ROSA-SA-2024-2386
2024-04-02 07:01:49
samba
samba
NULL pointer de-reference and use-after-free
2020-07-02 00:00:00
centos
centos
ctdb, libsmbclient, libwbclient, samba security update
2020-04-08 19:18:01
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.1
Confidence
High
EPSS
0.028
Percentile
90.8%
Related for OPENVAS:13614125623114202026731