{"id": "A63B15F9-97FF-11DC-9E48-0016179B2DD5", "bulletinFamily": "unix", "title": "samba -- multiple vulnerabilities", "description": "\nThe Samba Team reports:\n\nSecunia Research reported a vulnerability that allows for\n\t the execution of arbitrary code in nmbd. This defect may\n\t only be exploited when the \"wins support\" parameter has\n\t been enabled in smb.conf.\n\n\nSamba developers have discovered what is believed to be\n\t a non-exploitable buffer over in nmbd during the processing\n\t of GETDC logon server requests. This code is only used\n\t when the Samba server is configured as a Primary or Backup\n\t Domain Controller.\n\n", "published": "2007-11-15T00:00:00", "modified": "2008-09-26T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vuxml.freebsd.org/freebsd/a63b15f9-97ff-11dc-9e48-0016179b2dd5.html", "reporter": "FreeBSD", "references": ["http://secunia.com/advisories/27450/", "http://us1.samba.org/samba/security/CVE-2007-4572.html", "http://us1.samba.org/samba/security/CVE-2007-5398.html"], "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "type": "freebsd", "lastseen": "2018-08-31T01:15:37", "history": [{"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "ja-samba", "packageVersion": "3.0.26a"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "samba3", "packageVersion": "3.0.26a"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "samba", "packageVersion": "3.0.26a"}], "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "\nThe Samba Team reports:\n\nSecunia Research reported a vulnerability that allows for\n\t the execution of arbitrary code in nmbd. This defect may\n\t only be exploited when the \"wins support\" parameter has\n\t been enabled in smb.conf.\n\n\nSamba developers have discovered what is believed to be\n\t a non-exploitable buffer over in nmbd during the processing\n\t of GETDC logon server requests. This code is only used\n\t when the Samba server is configured as a Primary or Backup\n\t Domain Controller.\n\n", "edition": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "7b24240e9e589a1ac758dad4ba036656cdfd391d611fdcf00712e823783cf485", "hashmap": [{"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "1525d9b2dcc8d2b0222d9ed6ac385616", "key": "description"}, {"hash": "746303c29881508f8dffc98ba222e78e", "key": "href"}, {"hash": "57f7244e66e427226d7c7efe9d80bdf3", "key": "title"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "e66b3ea7c65bab4159c5db4e6f6a77b8", "key": "references"}, {"hash": "fc3408f5e85e4b20631c1a227d5b8d96", "key": "published"}, {"hash": "d9b256f87a14d51b94b33cb6d7dd9f97", "key": "affectedPackage"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "0bd9445b9ea06d089b30ba6386e38131", "key": "cvelist"}, {"hash": "db15acddffb33bea34f299b640358799", "key": "modified"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/a63b15f9-97ff-11dc-9e48-0016179b2dd5.html", "id": "A63B15F9-97FF-11DC-9E48-0016179B2DD5", "lastseen": "2016-09-26T17:24:59", "modified": "2008-09-26T00:00:00", "objectVersion": "1.2", "published": "2007-11-15T00:00:00", "references": ["http://secunia.com/advisories/27450/", "http://us1.samba.org/samba/security/CVE-2007-4572.html", "http://us1.samba.org/samba/security/CVE-2007-5398.html"], "reporter": "FreeBSD", "title": "samba -- multiple vulnerabilities", "type": "freebsd", "viewCount": 1}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2016-09-26T17:24:59"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "ja-samba", "packageVersion": "3.0.26a"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "samba3", "packageVersion": "3.0.26a"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "samba", "packageVersion": "3.0.26a"}], "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "\nThe Samba Team reports:\n\nSecunia Research reported a vulnerability that allows for\n\t the execution of arbitrary code in nmbd. This defect may\n\t only be exploited when the \"wins support\" parameter has\n\t been enabled in smb.conf.\n\n\nSamba developers have discovered what is believed to be\n\t a non-exploitable buffer over in nmbd during the processing\n\t of GETDC logon server requests. This code is only used\n\t when the Samba server is configured as a Primary or Backup\n\t Domain Controller.\n\n", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "f90e0dddab404c1050519ccdd27a97e27853a262f23ec45dba2efcb24077625e", "hashmap": [{"hash": "1525d9b2dcc8d2b0222d9ed6ac385616", "key": "description"}, {"hash": "746303c29881508f8dffc98ba222e78e", "key": "href"}, {"hash": "57f7244e66e427226d7c7efe9d80bdf3", "key": "title"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "e66b3ea7c65bab4159c5db4e6f6a77b8", "key": "references"}, {"hash": "fc3408f5e85e4b20631c1a227d5b8d96", "key": "published"}, {"hash": "d9b256f87a14d51b94b33cb6d7dd9f97", "key": "affectedPackage"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "0bd9445b9ea06d089b30ba6386e38131", "key": "cvelist"}, {"hash": "db15acddffb33bea34f299b640358799", "key": "modified"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/a63b15f9-97ff-11dc-9e48-0016179b2dd5.html", "id": "A63B15F9-97FF-11DC-9E48-0016179B2DD5", "lastseen": "2018-08-30T19:15:49", "modified": "2008-09-26T00:00:00", "objectVersion": "1.3", "published": "2007-11-15T00:00:00", "references": ["http://secunia.com/advisories/27450/", "http://us1.samba.org/samba/security/CVE-2007-4572.html", "http://us1.samba.org/samba/security/CVE-2007-5398.html"], "reporter": "FreeBSD", "title": "samba -- multiple vulnerabilities", "type": "freebsd", "viewCount": 1}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T19:15:49"}], "edition": 3, "hashmap": [{"key": "affectedPackage", "hash": "d9b256f87a14d51b94b33cb6d7dd9f97"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "0bd9445b9ea06d089b30ba6386e38131"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "1525d9b2dcc8d2b0222d9ed6ac385616"}, {"key": "href", "hash": "746303c29881508f8dffc98ba222e78e"}, {"key": "modified", "hash": "db15acddffb33bea34f299b640358799"}, {"key": "published", "hash": "fc3408f5e85e4b20631c1a227d5b8d96"}, {"key": "references", "hash": "e66b3ea7c65bab4159c5db4e6f6a77b8"}, {"key": "reporter", "hash": "a3dc630729e463135f4e608954fa6e19"}, {"key": "title", "hash": "57f7244e66e427226d7c7efe9d80bdf3"}, {"key": "type", "hash": "1527e888767cdce15d200b870b39cfd0"}], "hash": "7b24240e9e589a1ac758dad4ba036656cdfd391d611fdcf00712e823783cf485", "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "ja-samba", "packageVersion": "3.0.26a"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "samba3", "packageVersion": "3.0.26a"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "samba", "packageVersion": "3.0.26a"}]}

{"cve": [{"lastseen": "2017-09-29T14:25:33", "references": ["https://issues.rpath.com/browse/RPL-1894", "http://www.vupen.com/english/advisories/2008/1712/references", "http://www.vupen.com/english/advisories/2007/3869", "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html", "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml", "http://securitytracker.com/id?1018953", "http://www.us-cert.gov/cas/techalerts/TA07-352A.html", "http://www.vupen.com/english/advisories/2008/1908", "http://www.vmware.com/security/advisories/VMSA-2008-0001.html", "http://www.redhat.com/support/errata/RHSA-2007-1017.html", "http://www.securityfocus.com/archive/1/archive/1/485936/100/0/threaded", "http://docs.info.apple.com/article.html?artnum=307179", "https://exchange.xforce.ibmcloud.com/vulnerabilities/38502", "http://www.vupen.com/english/advisories/2008/0064", "http://www.vupen.com/english/advisories/2008/0859/references", "http://marc.info/?l=bugtraq&m=120524782005154&w=2", "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657", "http://www.ubuntulinux.org/support/documentation/usn/usn-544-1", "http://www.redhat.com/support/errata/RHSA-2007-1016.html", "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224", "http://securityreason.com/securityalert/3372", "http://www.vupen.com/english/advisories/2007/4238", "http://www.debian.org/security/2007/dsa-1409", "http://www.redhat.com/support/errata/RHSA-2007-1013.html", "http://www.securityfocus.com/archive/1/archive/1/483744/100/0/threaded", "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739", "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html", "http://lists.vmware.com/pipermail/security-announce/2008/000002.html", "http://www.securityfocus.com/bid/26455", "http://www.novell.com/linux/security/advisories/2007_65_samba.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1", "http://www.securityfocus.com/archive/1/archive/1/486859/100/0/threaded", "http://us1.samba.org/samba/security/CVE-2007-5398.html"], "description": "Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.", "edition": 3, "reporter": "NVD", "published": "2007-11-16T13:46:00", "title": "CVE-2007-5398", "type": "cve", "enchantments": {"score": {"modified": "2017-09-29T14:25:33", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10230", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10230"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2007-5398"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10230", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10230"}], "modified": "2017-09-28T21:29:36", "cpe": ["cpe:/a:samba:samba:3.0.6", "cpe:/a:samba:samba:3.0.16", "cpe:/a:samba:samba:3.0.23", "cpe:/a:samba:samba:3.0.21c", "cpe:/a:samba:samba:3.0.11", "cpe:/a:samba:samba:3.0.21b", "cpe:/a:samba:samba:3.0", "cpe:/a:samba:samba:3.0.26a", "cpe:/a:samba:samba:3.0.23d", "cpe:/a:samba:samba:3.0.21", "cpe:/a:samba:samba:3.0.9", "cpe:/a:samba:samba:3.0.20b", "cpe:/a:samba:samba:3.0.25:rc3", "cpe:/a:samba:samba:3.0.10", "cpe:/a:samba:samba:3.0.15", "cpe:/a:samba:samba:3.0.24", "cpe:/a:samba:samba:3.0.4:rc1", "cpe:/a:samba:samba:3.0.25c", "cpe:/a:samba:samba:3.0.3", "cpe:/a:samba:samba:3.0.7", "cpe:/a:samba:samba:3.0.25:rc2", "cpe:/a:samba:samba:3.0.0", "cpe:/a:samba:samba:3.0.20", "cpe:/a:samba:samba:3.0.25a", "cpe:/a:samba:samba:3.0.1", "cpe:/a:samba:samba:3.0.25:rc1", "cpe:/a:samba:samba:3.0.22", "cpe:/a:samba:samba:3.0.23b", "cpe:/a:samba:samba:3.0.23a", "cpe:/a:samba:samba:3.0.4", "cpe:/a:samba:samba:3.0.5", "cpe:/a:samba:samba:3.0.26", "cpe:/a:samba:samba:3.0.14a", "cpe:/a:samba:samba:3.0.25:pre1", "cpe:/a:samba:samba:3.0.8", "cpe:/a:samba:samba:3.0.25:pre2", "cpe:/a:samba:samba:3.0.21a", "cpe:/a:samba:samba:3.0.2", "cpe:/a:samba:samba:3.0.14", "cpe:/a:samba:samba:3.0.19", "cpe:/a:samba:samba:3.0.2a", "cpe:/a:samba:samba:3.0.12", "cpe:/a:samba:samba:3.0.23c", "cpe:/a:samba:samba:3.0.25", "cpe:/a:samba:samba:3.0.18", "cpe:/a:samba:samba:3.0.13", "cpe:/a:samba:samba:3.0.20a", "cpe:/a:samba:samba:3.0.17", "cpe:/a:samba:samba:3.0.25b"], "id": "CVE-2007-5398", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5398", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-29T14:25:29", "references": ["http://www.ubuntu.com/usn/usn-617-1", "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501", "https://issues.rpath.com/browse/RPL-1894", "http://www.ubuntu.com/usn/usn-544-2", "http://www.vupen.com/english/advisories/2008/1712/references", "http://www.vupen.com/english/advisories/2007/3869", "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html", "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml", "http://www.securityfocus.com/bid/26454", "http://www.us-cert.gov/cas/techalerts/TA07-352A.html", "http://www.vupen.com/english/advisories/2008/1908", "http://www.vmware.com/security/advisories/VMSA-2008-0001.html", "http://www.redhat.com/support/errata/RHSA-2007-1017.html", "http://www.securityfocus.com/archive/1/archive/1/485936/100/0/threaded", "http://docs.info.apple.com/article.html?artnum=307179", "http://www.vupen.com/english/advisories/2008/0064", "http://www.vupen.com/english/advisories/2008/0859/references", "http://marc.info/?l=bugtraq&m=120524782005154&w=2", "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657", "http://www.ubuntulinux.org/support/documentation/usn/usn-544-1", "http://www.redhat.com/support/errata/RHSA-2007-1016.html", "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224", "http://securitytracker.com/id?1018954", "http://www.vupen.com/english/advisories/2007/4238", "http://www.debian.org/security/2007/dsa-1409", "http://us1.samba.org/samba/security/CVE-2007-4572.html", "http://www.redhat.com/support/errata/RHSA-2007-1013.html", "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739", "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html", "http://lists.vmware.com/pipermail/security-announce/2008/000002.html", "http://www.novell.com/linux/security/advisories/2007_65_samba.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1", "http://www.securityfocus.com/archive/1/archive/1/486859/100/0/threaded"], "description": "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.", "edition": 3, "reporter": "NVD", "published": "2007-11-16T13:46:00", "title": "CVE-2007-4572", "type": "cve", "enchantments": {"score": {"modified": "2017-09-29T14:25:29", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11132", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2007-4572"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:5643", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:5643"}], "modified": "2017-09-28T21:29:18", "cpe": ["cpe:/a:samba:samba:3.0.6", "cpe:/a:samba:samba:3.0.16", "cpe:/a:samba:samba:3.0.23", "cpe:/a:samba:samba:3.0.21c", "cpe:/a:samba:samba:3.0.11", "cpe:/a:samba:samba:3.0.21b", "cpe:/a:samba:samba:3.0", "cpe:/a:samba:samba:3.0.26a", "cpe:/a:samba:samba:3.0.23d", "cpe:/a:samba:samba:3.0.21", "cpe:/a:samba:samba:3.0.9", "cpe:/a:samba:samba:3.0.20b", "cpe:/a:samba:samba:3.0.25:rc3", "cpe:/a:samba:samba:3.0.10", "cpe:/a:samba:samba:3.0.15", "cpe:/a:samba:samba:3.0.24", "cpe:/a:samba:samba:3.0.4:rc1", "cpe:/a:samba:samba:3.0.25c", "cpe:/a:samba:samba:3.0.3", "cpe:/a:samba:samba:3.0.7", "cpe:/a:samba:samba:3.0.25:rc2", "cpe:/a:samba:samba:3.0.0", "cpe:/a:samba:samba:3.0.20", "cpe:/a:samba:samba:3.0.25a", "cpe:/a:samba:samba:3.0.1", "cpe:/a:samba:samba:3.0.25:rc1", "cpe:/a:samba:samba:3.0.22", "cpe:/a:samba:samba:3.0.23b", "cpe:/a:samba:samba:3.0.23a", "cpe:/a:samba:samba:3.0.4", "cpe:/a:samba:samba:3.0.5", "cpe:/a:samba:samba:3.0.26", "cpe:/a:samba:samba:3.0.14a", "cpe:/a:samba:samba:3.0.25:pre1", "cpe:/a:samba:samba:3.0.8", "cpe:/a:samba:samba:3.0.25:pre2", "cpe:/a:samba:samba:3.0.21a", "cpe:/a:samba:samba:3.0.2", "cpe:/a:samba:samba:3.0.14", "cpe:/a:samba:samba:3.0.19", "cpe:/a:samba:samba:3.0.2a", "cpe:/a:samba:samba:3.0.12", "cpe:/a:samba:samba:3.0.23c", "cpe:/a:samba:samba:3.0.25", "cpe:/a:samba:samba:3.0.18", "cpe:/a:samba:samba:3.0.13", "cpe:/a:samba:samba:3.0.20a", "cpe:/a:samba:samba:3.0.17", "cpe:/a:samba:samba:3.0.25b"], "id": "CVE-2007-4572", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4572", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:24", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n==========================================================\r\n==\r\n== Subject: Remote code execution in Samba&#39;s WINS\r\n== server daemon &#40;nmbd&#41; when processing name\r\n== registration followed name query requests.\r\n==\r\n== CVE ID#: CVE-2007-5398\r\n==\r\n== Versions: Samba 3.0.0 - 3.0.26a &#40;inclusive&#41;\r\n==\r\n== Summary: When nmbd has been configured as a WINS\r\n== server, a client can send a series of name\r\n== registration request followed by a specific\r\n== name query request packet and execute\r\n== arbitrary code.\r\n==\r\n==========================================================\r\n\r\n===========\r\nDescription\r\n===========\r\n\r\nSecunia Research reported a vulnerability that allows for\r\nthe execution of arbitrary code in nmbd. This defect may\r\nonly be exploited when the &quot;wins support&quot; parameter has\r\nbeen enabled in smb.conf.\r\n\r\n\r\n==================\r\nPatch Availability\r\n==================\r\n\r\nA patch addressing this defect has been posted to\r\n\r\n http://www.samba.org/samba/security/\r\n\r\nAdditionally, Samba 3.0.27 has been issued as a security\r\nrelease to correct the defect.\r\n\r\n\r\n==========\r\nWorkaround\r\n==========\r\n\r\nSamba administrators may avoid this security issue by\r\ndisabling the &quot;wins support&quot; feature in the hosts smb.conf\r\nfile.\r\n\r\n\r\n=======\r\nCredits\r\n=======\r\n\r\nThis vulnerability was reported to Samba developers by\r\nAlin Rad Pop, Secunia Research.\r\n\r\nThe time line is as follows:\r\n\r\n* Oct 30, 2007: Initial report to security@samba.org.\r\n* Oct 30, 2007: First response from Samba developers confirming\r\n the bug along with a proposed patch.\r\n* Nov 15, 2007: Public security advisory to be made available.\r\n\r\n\r\n==========================================================\r\n== Our Code, Our Bugs, Our Responsibility.\r\n== The Samba Team\r\n==========================================================\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 &#40;GNU/Linux&#41;\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niD8DBQFHPEe6IR7qMdg1EfYRAqoAAJsHFk1kScYHweqRny4PP4ngQaFo7QCdElle\r\nCv+e7K/AE69rXcmeU67jHzQ=\r\n=9Wap\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2007-11-16T00:00:00", "title": "[SAMBA] CVE-2007-5398 - Remote Code Execution in Samba&#39;s nmbd", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:24", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-5398"], "modified": "2007-11-16T00:00:00", "id": "SECURITYVULNS:DOC:18426", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18426", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:24", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n==========================================================\r\n==\r\n== Subject: Stack buffer overflow in nmbd&#39;s logon\r\n== request processing.\r\n==\r\n== CVE ID#: CVE-2007-4572\r\n==\r\n== Versions: Samba 3.0.0 - 3.0.26a &#40;inclusive&#41;\r\n==\r\n== Summary: Processing of specially crafted GETDC\r\n== mailslot requests can result in a buffer\r\n== overrun in nmbd. It is not believed that\r\n== that this issues can be exploited to\r\n== result in remote code execution.\r\n==\r\n==========================================================\r\n\r\n===========\r\nDescription\r\n===========\r\n\r\nSamba developers have discovered what is believed to be\r\na non-exploitable buffer over in nmbd during the processing\r\nof GETDC logon server requests. This code is only used\r\nwhen the Samba server is configured as a Primary or Backup\r\nDomain Controller.\r\n\r\n\r\n==================\r\nPatch Availability\r\n==================\r\n\r\nA patch addressing this defect has been posted to\r\n\r\n http://www.samba.org/samba/security/\r\n\r\nAdditionally, Samba 3.0.27 has been issued as a security\r\nrelease to correct the defect.\r\n\r\n\r\n==========\r\nWorkaround\r\n==========\r\n\r\nSamba administrators may avoid this security issue by disabling\r\nboth the &quot;domain logons&quot; and the &quot;domain master&quot; options in in\r\nthe server&#39;s smb.conf file. Note that this will disable all\r\ndomain controller features as well.\r\n\r\n\r\n=======\r\nCredits\r\n=======\r\n\r\nThis vulnerability was discovered by Samba developers during\r\nan internal code audit.\r\n\r\nThe time line is as follows:\r\n\r\n* Sep 13, 2007: Initial report to security@samba.org including\r\n proposed patch.\r\n* Sep 14, 2007: Patch review by members of the Josh Bressers\r\n &#40;RedHat Security Team&#41; and Simo Sorce &#40;Samba/RedHat developer&#41;\r\n* Nov 15, 2007: Public security advisory made available.\r\n\r\n\r\n\r\n==========================================================\r\n== Our Code, Our Bugs, Our Responsibility.\r\n== The Samba Team\r\n==========================================================\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 &#40;GNU/Linux&#41;\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niD8DBQFHPEeNIR7qMdg1EfYRAmKMAKCDcXmqRSNbCHZFS4GzGo7oVUl08gCfS/sY\r\nd6F8+jrnT59SZgCXfftImEA=\r\n=oC2/\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2007-11-16T00:00:00", "title": "[SAMBA] CVE-2007-4572 - GETDC mailslot processing buffer overrun in nmbd", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:24", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-4572"], "modified": "2007-11-16T00:00:00", "id": "SECURITYVULNS:DOC:18425", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18425", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:27", "references": ["https://vulners.com/securityvulns/securityvulns:doc:18426", "https://vulners.com/securityvulns/securityvulns:doc:18427", "https://vulners.com/securityvulns/securityvulns:doc:18425"], "description": "Buffer overflow in GETDC mailslot request processing, buffer overflow in WINS server. Client IP may be spoofed.", "edition": 1, "reporter": "BUGTRAQ", "published": "2007-11-16T00:00:00", "title": "Samba multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:27", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Samba", "version": "3.0", "operator": "eq"}], "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-11-16T00:00:00", "id": "SECURITYVULNS:VULN:8349", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8349", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:24", "references": [], "description": "====================================================================== \r\n\r\n Secunia Research 15/11/2007\r\n\r\n - Samba &quot;reply_netbios_packet&#40;&#41;&quot; Buffer Overflow Vulnerability -\r\n\r\n====================================================================== \r\nTable of Contents\r\n\r\nAffected Software....................................................1\r\nSeverity.............................................................2\r\nVendor&#39;s Description of Software.....................................3\r\nDescription of Vulnerability.........................................4\r\nSolution.............................................................5\r\nTime Table...........................................................6\r\nCredits..............................................................7\r\nReferences...........................................................8\r\nAbout Secunia........................................................9\r\nVerification........................................................10\r\n\r\n====================================================================== \r\n1&#41; Affected Software \r\n\r\n* Samba 3.0.26a\r\n\r\nNOTE: Other versions may also be affected.\r\n\r\n====================================================================== \r\n2&#41; Severity \r\n\r\nRating: Moderately critical\r\nImpact: System access\r\nWhere: Local network\r\n\r\n====================================================================== \r\n3&#41; Vendor&#39;s Description of Software \r\n\r\n&quot;Samba is an Open Source/Free Software suite that has, since 1992,\r\nprovided file and print services to all manner of SMB/CIFS clients,\r\nincluding the numerous versions of Microsoft Windows operating systems.\r\nSamba is freely available under the GNU General Public License.&quot;\r\n\r\nProduct Link:\r\nhttp://www.samba.org/\r\n\r\n====================================================================== \r\n4&#41; Description of Vulnerability\r\n\r\nSecunia Research has discovered a vulnerability in Samba, which can be\r\nexploited by malicious people to compromise a vulnerable system.\r\n\r\nThe vulnerability is caused due to a boundary error within the \r\n&quot;reply_netbios_packet&#40;&#41;&quot; function in nmbd/nmbd_packets.c when sending\r\nNetBIOS replies. This can be exploited to cause a stack-based buffer\r\noverflow by sending multiple specially crafted WINS &quot;Name Registration&quot;\r\nrequests followed by a WINS &quot;Name Query&quot; request.\r\n\r\nSuccessful exploitation allows execution of arbitrary code, but\r\nrequires that Samba is configured to run as a WINS server &#40;the &quot;wins\r\nsupport&quot; option is enabled&#41;.\r\n\r\n====================================================================== \r\n5&#41; Solution \r\n\r\nApply patch or update to version 3.0.27.\r\n\r\n====================================================================== \r\n6&#41; Time Table \r\n\r\n30/10/2007 - Vendor notified.\r\n30/10/2007 - vendor-sec notified.\r\n30/10/2007 - Vendor response.\r\n15/11/2007 - Public disclosure.\r\n\r\n====================================================================== \r\n7&#41; Credits \r\n\r\nDiscovered by Alin Rad Pop, Secunia Research.\r\n\r\n====================================================================== \r\n8&#41; References\r\n\r\nSamba:\r\nhttp://us1.samba.org/samba/security/CVE-2007-4572.html\r\n\r\nThe Common Vulnerabilities and Exposures &#40;CVE&#41; project has assigned \r\nCVE-2007-5398 for the vulnerability.\r\n\r\n====================================================================== \r\n9&#41; About Secunia\r\n\r\nSecunia offers vulnerability management solutions to corporate\r\ncustomers with verified and reliable vulnerability intelligence\r\nrelevant to their specific system configuration:\r\n\r\nhttp://corporate.secunia.com/\r\n\r\nSecunia also provides a publicly accessible and comprehensive advisory\r\ndatabase as a service to the security community and private \r\nindividuals, who are interested in or concerned about IT-security.\r\n\r\nhttp://secunia.com/\r\n\r\nSecunia believes that it is important to support the community and to\r\ndo active vulnerability research in order to aid improving the \r\nsecurity and reliability of software in general:\r\n\r\nhttp://corporate.secunia.com/secunia_research/33/\r\n\r\nSecunia regularly hires new skilled team members. Check the URL below\r\nto see currently vacant positions:\r\n\r\nhttp://secunia.com/secunia_vacancies/\r\n\r\nSecunia offers a FREE mailing list called Secunia Security Advisories:\r\n\r\nhttp://secunia.com/secunia_security_advisories/ \r\n\r\n====================================================================== \r\n10&#41; Verification \r\n\r\nPlease verify this advisory by visiting the Secunia website:\r\nhttp://secunia.com/secunia_research/2007-90/\r\n\r\nComplete list of vulnerability reports published by Secunia Research:\r\nhttp://secunia.com/secunia_research/\r\n\r\n======================================================================", "edition": 1, "reporter": "Securityvulns", "published": "2007-11-16T00:00:00", "title": "Secunia Research: Samba &quot;reply_netbios_packet&#40;&#41;&quot; Buffer Overflow Vulnerability", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:24", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-11-16T00:00:00", "id": "SECURITYVULNS:DOC:18427", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18427", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:24", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA256\r\n\r\n\r\n- -------------------------------------------------------------------\r\n VMware Security Advisory\r\n\r\nAdvisory ID: VMSA-2008-0001\r\nSynopsis: Moderate OpenPegasus PAM Authentication Buffer\r\n Overflow and updated service console packages\r\nIssue date: 2008-01-07\r\nUpdated on: 2008-01-07\r\nCVE numbers: CVE-2007-5360 CVE-2007-5398 CVE-2007-4572\r\n CVE-2007-5191 CVE-2007-5116 CVE-2007-3108\r\n CVE-2007-5135\r\n- -------------------------------------------------------------------\r\n\r\n1. Summary:\r\n\r\nUpdated service console patches\r\n\r\n2. Relevant releases:\r\n\r\nESX Server 3.0.2 without patches ESX-1002969, ESX-1002970, ESX-1002971,\r\nESX-1002975, ESX-1002976\r\nESX Server 3.0.1 without patches ESX-1002962, ESX-1002963, ESX-1002964,\r\nESX-1002968, ESX-1002972, ESX-1003176\r\n\r\n3. Problem description:\r\n\r\n I OpenPegasus PAM Authentication Buffer Overflow\r\n\r\n Alexander Sotirov from VMware Security Research discovered a\r\n buffer overflow vulnerability in the OpenPegasus Management server.\r\n This flaw could be exploited by a malicious remote user on the\r\n service console network to gain root access to the service console.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the name CVE-2007-5360 to this issue.\r\n\r\n RPM Updated: pegasus-2.5-552927\r\n VM Shutdown: No\r\n Host Reboot: No\r\n\r\n Note: ESX Server 3.5 and ESX Server 3i are not affected by this\r\n issue.\r\n\r\n ESX Server 3.0.2\r\n http://download3.vmware.com/software/vi/ESX-1002970.tgz\r\n md5sum: d19115e965d486e72100ce489efea707\r\n http://kb.vmware.com/kb/1002970\r\n\r\n ESX Server 3.0.1\r\n http://download3.vmware.com/software/vi/ESX-1003176.tgz\r\n md5sum: 5674ca0dcfac90726014cc316444996e\r\n http://kb.vmware.com/kb/1003176\r\n\r\n ESX Server 2.5.x\r\n\r\n Users should remove the OpenPegasus CIM Management rpm. This\r\n component is disabled by default, and VMware recommends that you\r\n do not use this component of ESX Server 2.x. If you want to\r\n use the CIM functionality, upgrade to ESX Server 3.0.1 or a later\r\n release.\r\n\r\n Note: This vulnerability can be exploited remotely only if the\r\n attacker has access to the service console network.\r\n\r\n Security best practices provided by VMware recommend that the\r\n service console be isolated from the VM network. Please see\r\n http://www.vmware.com/resources/techresources/726 for more\r\n information on VMware security best practices.\r\n\r\n\r\n II Service Console package security updates\r\n\r\n a. Updated Samba package\r\n\r\n An issue where attackers on the service console management\r\n network can cause a stack-based buffer overflow in the\r\n reply_netbios_packet function of nmbd in Samba. On systems\r\n where Samba is being used as a WINS server, exploiting this\r\n vulnerability can allow remote attackers to execute arbitrary\r\n code via crafted WINS Name Registration requests followed by a\r\n WINS Name Query request.\r\n\r\n An issue where attackers on the service console management\r\n network can exploit a vulnerability that occurs when Samba is\r\n configured as a Primary or Backup Domain controller. The\r\n vulnerability allows remote attackers to have an unknown impact\r\n via crafted GETDC mailslot requests, related to handling of\r\n GETDC logon server requests.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the names CVE-2007-5398 and CVE-2007-4572 to these\r\n issues.\r\n\r\n Note: By default Samba is not configured as a WINS server or a domain\r\n controller and ESX is not vulnerable unless the administrator\r\n has changed the default configuration.\r\n\r\n This vulnerability can be exploited remotely only if the\r\n attacker has access to the service console network.\r\n\r\n Security best practices provided by VMware recommend that the\r\n service console be isolated from the VM network. Please see\r\n http://www.vmware.com/resources/techresources/726 for more\r\n information on VMware security best practices.\r\n\r\n RPM Updated:\r\n samba-3.0.9-1.3E.14.1vmw\r\n samba-client-3.0.9-1.3E.14.1vmw\r\n samba-common-3.0.9-1.3E.14.1vmw\r\n\r\n VM Shutdown: Yes\r\n Host Reboot: Yes\r\n\r\n ESX Server 3.5.0 is not affected by this issue\r\n\r\n ESX Server 3.0.2\r\n http://download3.vmware.com/software/vi/ESX-1002975.tgz\r\n md5sum: 797a7494c2c4eb49629d3f94818df5dd\r\n http://kb.vmware.com/kb/1002975\r\n\r\n ESX Server 3.0.1\r\n http://download3.vmware.com/software/vi/ESX-1002968.tgz\r\n md5sum: 5106d90afaf77c3a0d8433487f937d06\r\n http://kb.vmware.com/kb/1002968\r\n\r\n ESX Server 2.5.5 download Upgrade Patch 3\r\n ESX Server 2.5.4 download Upgrade Patch 14\r\n\r\n b. Updated util-linux package\r\n\r\n The patch addresses an issue where the mount and umount\r\n utilities in util-linux call the setuid and setgid functions in\r\n the wrong order and do not check the return values, which could\r\n allow attackers to gain elevated privileges via helper\r\n application such as mount.nfs.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the name CVE-2007-5191 to this issue.\r\n\r\n RPM Updated:\r\n util-linux-2.11y-31.24vmw\r\n losetup-2.11y-31.24vmw\r\n mount -2.11y-31.24vmw\r\n\r\n VM Shutdown: Yes\r\n Host Reboot: Yes\r\n\r\n ESX Server 3.0.2\r\n http://download3.vmware.com/software/vi/ESX-1002976.tgz\r\n md5sum: 0fe833c50c0ecb0ff9340d6674be2e43\r\n http://kb.vmware.com/kb/1002976\r\n\r\n ESX Server 3.0.1\r\n http://download3.vmware.com/software/vi/ESX-1002972.tgz\r\n md5sum: 59ca4a43f330c5f0b7a55693aa952cdc\r\n http://kb.vmware.com/kb/1002972\r\n\r\n\r\n c. Updated Perl package\r\n\r\n The update addresses an issue where the regular expression\r\n engine in Perl can be used to issue a specially crafted regular\r\n expression that allows the attacker to run arbitrary code with\r\n the permissions level of the current Perl user.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the name CVE-2007-5116 to this issue.\r\n\r\n RPM Updated:\r\n perl-5.8.0-97.EL3\r\n\r\n VM Shutdown: Yes\r\n Host Reboot: Yes\r\n\r\n ESX Server 3.0.2\r\n http://download3.vmware.com/software/vi/ESX-1002971.tgz\r\n md5sum: 337b09d9ae4b1694a045e216b69765e1\r\n http://kb.vmware.com/kb/1002971\r\n\r\n ESX Server 3.0.1\r\n http://download3.vmware.com/software/vi/ESX-1002964.tgz\r\n md5sum: d47e26104bfd5e4018ae645638c94487\r\n http://kb.vmware.com/kb/1002964\r\n\r\n\r\n d. Updated OpenSSL package\r\n\r\n A flaw in the SSL_get_shared_ciphers&#40;&#41; function can allow an\r\n attacker to cause a buffer overflow problem by sending ciphers\r\n\r\n to applications that use the function.\r\n\r\n A possible vulnerability that would allow a local attacker to\r\n obtain private RSA keys being used on a system using the OpenSSL\r\n package.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the names CVE-2007-3108, and CVE-2007-5135 to these\r\n issues.\r\n\r\n RPM Updated:\r\n openssl-0.9.7a-33.24\r\n\r\n VM Shutdown: Yes\r\n Host Reboot: Yes\r\n\r\n ESX Server 3.0.2\r\n http://download3.vmware.com/software/vi/ESX-1002969.tgz\r\n md5sum: 72fd28a9f9380158db149259fbdcaa3b\r\n http://kb.vmware.com/kb/1002969\r\n\r\n ESX Server 3.0.1\r\n http://download3.vmware.com/software/vi/ESX-1002962.tgz\r\n md5sum: a0727bdc2e1a6f00d5fe77430a6ee9d6\r\n http://kb.vmware.com/kb/1002962\r\n\r\n ESX Server 2.5.5 download Upgrade Patch 3\r\n ESX Server 2.5.4 download Upgrade Patch 14\r\n\r\n4. Solution:\r\n\r\nPlease review the Patch notes for your product and version and verify\r\nthe md5sum of your downloaded file.\r\n\r\n ESX Server 3.x Patches:\r\n http://www.vmware.com/download/vi/vi3_patches.html\r\n\r\n ESX Server 2.x Patches:\r\n http://www.vmware.com/download/esx/esx2_patches.html\r\n\r\n ESX Server 2.5.5 Upgrade Patch 3\r\n http://download3.vmware.com/software/esx/esx-2.5.5-65742-upgrade.tar.gz\r\n md5sum: 9068250fdd604e8787ef40995a4638f9\r\n http://www.vmware.com/support/esx25/doc/esx-255-200712-patch.html\r\n\r\n ESX Server 2.5.4 Upgrade Patch 14\r\n http://download3.vmware.com/software/esx/esx-2.5.4-65752-upgrade.tar.gz\r\n md5sum: 24990b9207f882ccc91545b6fc90273d\r\n http://www.vmware.com/support/esx25/doc/esx-254-200712-patch.html\r\n\r\n5. References:\r\n\r\n CVE numbers\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5360\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5191\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135\r\n\r\n- -------------------------------------------------------------------\r\n6. Contact:\r\n\r\nE-mail list for product security notifications and announcements:\r\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\r\n\r\nThis Security Advisory is posted to the following lists:\r\n\r\n * security-announce@lists.vmware.com\r\n * bugtraq@securityfocus.com\r\n * full-disclosure@lists.grok.org.uk\r\n\r\nE-mail: security@vmware.com\r\n\r\nSecurity web site\r\nhttp://www.vmware.com/security\r\n\r\nVMware security response policy\r\nhttp://www.vmware.com/support/policies/security_response.html\r\n\r\nGeneral support life cycle policy\r\nhttp://www.vmware.com/support/policies/eos.html\r\n\r\nVMware Infrastructure support life cycle policy\r\nhttp://www.vmware.com/support/policies/eos_vi.html\r\n\r\nCopyright 2008 VMware Inc. All rights reserved.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.7 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFHgtXJS2KysvBH1xkRCPnYAJoDMpdOmgs4e+JQ610SCjnKF99wpgCfcVO3\r\nUCcAvs574f1LCZv+8lPQvrk=\r\n=Hzno\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2008-01-08T00:00:00", "title": "VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:24", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-3108", "CVE-2007-5191", "CVE-2007-5360", "CVE-2007-4572", "CVE-2007-5135", "CVE-2007-5116", "CVE-2007-5398"], "modified": "2008-01-08T00:00:00", "id": "SECURITYVULNS:DOC:18820", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18820", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-25T10:56:19", "references": ["https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00504.html", "2007-3403"], "pluginID": "861418", "description": "Check for the Version of samba", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-02-27T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for samba FEDORA-2007-3403", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861418", "id": "OPENVAS:861418", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for samba FEDORA-2007-3403\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"samba on Fedora 8\";\ntag_insight = \"Samba is the suite of programs by which a lot of PC-related machines\n share files, printers, and other information (such as lists of\n available files and printers). The Windows NT, OS/2, and Linux\n operating systems support this natively, and add-on packages can\n enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,\n and more. This package provides an SMB/CIFS server that can be used to\n provide network services to SMB/CIFS clients.\n Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT\n need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00504.html\");\n script_id(861418);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:23:18 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-3403\");\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_name( \"Fedora Update for samba FEDORA-2007-3403\");\n\n script_summary(\"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.27~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:05", "references": ["http://lists.mandriva.com/security-announce/2007-11/msg00057.php", "2007:224-3"], "pluginID": "830257", "description": "Check for the Version of samba", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Mandriva Update for samba MDKSA-2007:224-3 (samba)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830257", "id": "OPENVAS:830257", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for samba MDKSA-2007:224-3 (samba)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The samba developers discovered that nmbd could be made to overrun a\n buffer during the processing of GETDC logon server requests. If samba\n is configured as a Primary or Backup Domain Controller, this could\n be used by a remote attacker to send malicious logon requests and\n possibly cause a denial of service (CVE-2007-4572).\n\n As well, Alin Rad Pop of Secunia Research found that nmbd did not\n properly check the length of netbios packets. If samba is configured\n as a WINS server, this could be used by a remote attacker able to\n send multiple crafted requests to nmbd, resulting in the execution\n of arbitrary code with root privileges (CVE-2007-5398).\n \n Update:\n \n This update corrects all known regressions with previous Samba updates\n due to the security fixes to correct CVE-2007-4572.\";\n\ntag_affected = \"samba on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-11/msg00057.php\");\n script_id(830257);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:00:25 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:224-3\");\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_name( \"Mandriva Update for samba MDKSA-2007:224-3 (samba)\");\n\n script_summary(\"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-smbldap-tools\", rpm:\"samba-smbldap-tools~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-clamav\", rpm:\"samba-vscan-clamav~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-icap\", rpm:\"samba-vscan-icap~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.0.24~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-smbldap-tools\", rpm:\"samba-smbldap-tools~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-clamav\", rpm:\"samba-vscan-clamav~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-icap\", rpm:\"samba-vscan-icap~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.0.23d~2.6mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-smbldap-tools\", rpm:\"samba-smbldap-tools~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-clamav\", rpm:\"samba-vscan-clamav~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-icap\", rpm:\"samba-vscan-icap~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.0.25b~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:51", "references": [], "pluginID": "65565", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n samba-winbind\n samba-pdb\n libsmbclient\n samba\n libsmbclient-devel\n samba-doc\n samba-vscan\n samba-client\n samba-python\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5014067 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SLES9: Security update for Samba", "type": "openvas", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65565", "id": "OPENVAS:65565", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5014067.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Samba\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n samba-winbind\n samba-pdb\n libsmbclient\n samba\n libsmbclient-devel\n samba-doc\n samba-vscan\n samba-client\n samba-python\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5014067 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65565);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Samba\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.20b~3.24\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:14", "references": ["http://www.ubuntu.com/usn/usn-544-2/", "544-2"], "pluginID": "840097", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-544-2", "edition": 3, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-03-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Ubuntu Update for samba regression USN-544-2", "type": "openvas", "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2017-12-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=840097", "id": "OPENVAS:840097", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_544_2.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for samba regression USN-544-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-544-1 fixed two vulnerabilities in Samba. Fixes for CVE-2007-5398\n are unchanged, but the upstream changes for CVE-2007-4572 introduced a\n regression in all releases which caused Linux smbfs mounts to fail.\n Additionally, Dapper and Edgy included an incomplete patch which caused\n configurations using NetBIOS to fail. A proper fix for these regressions\n does not exist at this time, and so the patch addressing CVE-2007-4572\n has been removed. This vulnerability is believed to be an unexploitable\n denial of service, but a future update will address this issue. We\n apologize for the inconvenience.\n\n Original advisory details:\n \n Samba developers discovered that nmbd could be made to overrun\n a buffer during the processing of GETDC logon server requests.\n When samba is configured as a Primary or Backup Domain Controller,\n a remote attacker could send malicious logon requests and possibly\n cause a denial of service. (CVE-2007-4572)\n \n Alin Rad Pop of Secunia Research discovered that nmbd did not properly\n check the length of netbios packets. When samba is configured as a WINS\n server, a remote attacker could send multiple crafted requests resulting\n in the execution of arbitrary code with root privileges. (CVE-2007-5398)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-544-2\";\ntag_affected = \"samba regression on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-544-2/\");\n script_id(840097);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"544-2\");\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_name( \"Ubuntu Update for samba regression USN-544-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python-samba\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.0.24-2ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.4-samba\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.0.22-1ubuntu3.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.4-samba\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.0.22-1ubuntu4.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.0.26a-1ubuntu2.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:20:07", "references": ["2007-065"], "pluginID": "850091", "description": "Check for the Version of samba", "edition": 3, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-01-28T00:00:00", "title": "SuSE Update for samba SUSE-SA:2007:065", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2017-12-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850091", "id": "OPENVAS:850091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2007_065.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for samba SUSE-SA:2007:065\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The samba-suite is an open-source implementation of the SMB protocol.\n\n CVE-2007-5398:\n Secunia Research has reported a bug in function reply_netbios_packet()\n that allowed remote attackers to execute arbitrary code\n by sending specially crafted WINS &quot;Name Registration&quot; requests followed\n by a WINS &quot;Name Query&quot; request packet.\n The exploitable code in samba can only be reached if the option &quot;wins\n support&quot; was enabled.\n\n CVE-2007-4572:\n Another bug reported by Secunia Research affected the processing of GETDC\n mailslot request in nmbd. This error can also be exploited remotely to\n execute arbitrary code, but only if samba was configured as Primary or\n Backup Domain Controller.\";\n\ntag_impact = \"remote code execution\";\ntag_affected = \"samba on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SuSE Linux Enterprise Server 8, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850091);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-28 13:40:10 +0100 (Wed, 28 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2007-065\");\n script_cve_id(\"CVE-2007-5398\", \"CVE-2007-4572\");\n script_name( \"SuSE Update for samba SUSE-SA:2007:065\");\n\n script_summary(\"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"cifs-mount\", rpm:\"cifs-mount~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ldapsmb\", rpm:\"ldapsmb~1.34b~110.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmsrpc\", rpm:\"libmsrpc~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmsrpc-devel\", rpm:\"libmsrpc-devel~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbsharemodes\", rpm:\"libsmbsharemodes~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbsharemodes-devel\", rpm:\"libsmbsharemodes-devel~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-devel\", rpm:\"samba-devel~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-krb-printing\", rpm:\"samba-krb-printing~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.6b~181.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-32bit\", rpm:\"libsmbclient-32bit~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-32bit\", rpm:\"samba-32bit~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~3.0.26a~3.3\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"cifs-mount\", rpm:\"cifs-mount~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ldapsmb\", rpm:\"ldapsmb~1.34b~27.8\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmsrpc\", rpm:\"libmsrpc~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmsrpc-devel\", rpm:\"libmsrpc-devel~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-krb-printing\", rpm:\"samba-krb-printing~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-pdb\", rpm:\"samba-pdb~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.6b~98.8\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-32bit\", rpm:\"libsmbclient-32bit~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-32bit\", rpm:\"samba-32bit~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~3.0.23d~19.10\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESSr8\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~2.2.8a~249\", rls:\"SLESSr8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~2.2.8a~249\", rls:\"SLESSr8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.2a~301\", rls:\"SLESSr8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDK10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmsrpc\", rpm:\"libmsrpc~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmsrpc-devel\", rpm:\"libmsrpc-devel~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cifs-mount\", rpm:\"cifs-mount~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-32bit\", rpm:\"libsmbclient-32bit~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-32bit\", rpm:\"samba-32bit~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-krb-printing\", rpm:\"samba-krb-printing~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-pdb\", rpm:\"samba-pdb~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.6b~42.62\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~3.0.24~2.33\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"OES\")\n{\n\n if ((res = isrpmvuln(pkg:\"ldapsmb\", rpm:\"ldapsmb~1.33~6.27\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.20b~3.24\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.20b~3.24\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.20b~3.24\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.20b~3.24\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.20b~3.24\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-pdb\", rpm:\"samba-pdb~3.0.20b~3.24\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~3.0.20b~3.24\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.6b~0.26.3\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.20b~3.24\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLES9\")\n{\n\n if ((res = isrpmvuln(pkg:\"ldapsmb\", rpm:\"ldapsmb~1.33~6.27\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.20b~3.24\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.20b~3.24\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.20b~3.24\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.20b~3.24\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.20b~3.24\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-pdb\", rpm:\"samba-pdb~3.0.20b~3.24\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~3.0.20b~3.24\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.6b~0.26.3\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.20b~3.24\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmsrpc\", rpm:\"libmsrpc~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmsrpc-devel\", rpm:\"libmsrpc-devel~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cifs-mount\", rpm:\"cifs-mount~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-32bit\", rpm:\"libsmbclient-32bit~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-32bit\", rpm:\"samba-32bit~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-krb-printing\", rpm:\"samba-krb-printing~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-pdb\", rpm:\"samba-pdb~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.6b~42.62\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~3.0.24~2.33\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9\")\n{\n\n if ((res = isrpmvuln(pkg:\"ldapsmb\", rpm:\"ldapsmb~1.33~6.27\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.20b~3.24\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.20b~3.24\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.20b~3.24\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.20b~3.24\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.20b~3.24\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-pdb\", rpm:\"samba-pdb~3.0.20b~3.24\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~3.0.20b~3.24\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.6b~0.26.3\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.20b~3.24\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDk10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmsrpc\", rpm:\"libmsrpc~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmsrpc-devel\", rpm:\"libmsrpc-devel~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cifs-mount\", rpm:\"cifs-mount~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-32bit\", rpm:\"libsmbclient-32bit~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-32bit\", rpm:\"samba-32bit~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-krb-printing\", rpm:\"samba-krb-printing~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-pdb\", rpm:\"samba-pdb~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.6b~42.62\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~3.0.24~2.33\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"cifs-mount\", rpm:\"cifs-mount~3.0.22~13.36\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ldapsmb\", rpm:\"ldapsmb~1.34a~18.32\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmsrpc\", rpm:\"libmsrpc~3.0.22~13.36\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmsrpc-devel\", rpm:\"libmsrpc-devel~3.0.22~13.36\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.22~13.36\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.22~13.36\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.22~13.36\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.22~13.36\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-pdb\", rpm:\"samba-pdb~3.0.22~13.36\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~3.0.22~13.36\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.6b~42.63\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.22~13.36\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLPOS9\")\n{\n\n if ((res = isrpmvuln(pkg:\"ldapsmb\", rpm:\"ldapsmb~1.33~6.27\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.20b~3.24\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.20b~3.24\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.20b~3.24\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.20b~3.24\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.20b~3.24\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-pdb\", rpm:\"samba-pdb~3.0.20b~3.24\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~3.0.20b~3.24\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan\", rpm:\"samba-vscan~0.3.6b~0.26.3\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.20b~3.24\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:30:12", "references": ["http://www.ubuntu.com/usn/usn-544-1/", "544-1"], "pluginID": "840103", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-544-1", "edition": 3, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-03-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Ubuntu Update for samba vulnerabilities USN-544-1", "type": "openvas", "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2017-12-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=840103", "id": "OPENVAS:840103", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_544_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for samba vulnerabilities USN-544-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Samba developers discovered that nmbd could be made to overrun a buffer\n during the processing of GETDC logon server requests. When samba is\n configured as a Primary or Backup Domain Controller, a remote attacker\n could send malicious logon requests and possibly cause a denial of\n service. (CVE-2007-4572)\n\n Alin Rad Pop of Secunia Research discovered that nmbd did not properly\n check the length of netbios packets. When samba is configured as a WINS\n server, a remote attacker could send multiple crafted requests resulting\n in the execution of arbitrary code with root privileges. (CVE-2007-5398)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-544-1\";\ntag_affected = \"samba vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-544-1/\");\n script_id(840103);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"544-1\");\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_name( \"Ubuntu Update for samba vulnerabilities USN-544-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python-samba\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.0.24-2ubuntu1.3\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.4-samba\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.0.22-1ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.4-samba\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.0.22-1ubuntu4.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.0.26a-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:38", "references": ["2007:224", "http://lists.mandriva.com/security-announce/2007-11/msg00031.php"], "pluginID": "1361412562310830094", "description": "Check for the Version of samba", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for samba MDKSA-2007:224 (samba)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830094", "id": "OPENVAS:1361412562310830094", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for samba MDKSA-2007:224 (samba)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The samba developers discovered that nmbd could be made to overrun a\n buffer during the processing of GETDC logon server requests. If samba\n is configured as a Primary or Backup Domain Controller, this could\n be used by a remote attacker to send malicious logon requests and\n possibly cause a denial of service (CVE-2007-4572).\n\n As well, Alin Rad Pop of Secunia Research found that nmbd did not\n properly check the length of netbios packets. If samba is configured\n as a WINS server, this could be used by a remote attacker able to\n send multiple crafted requests to nmbd, resulting in the execution\n of arbitrary code with root privileges (CVE-2007-5398).\n \n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"samba on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-11/msg00031.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830094\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:00:25 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:224\");\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_name( \"Mandriva Update for samba MDKSA-2007:224 (samba)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-smbldap-tools\", rpm:\"samba-smbldap-tools~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-clamav\", rpm:\"samba-vscan-clamav~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-icap\", rpm:\"samba-vscan-icap~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.0.24~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-smbldap-tools\", rpm:\"samba-smbldap-tools~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-clamav\", rpm:\"samba-vscan-clamav~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-icap\", rpm:\"samba-vscan-icap~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.0.23d~2.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-smbldap-tools\", rpm:\"samba-smbldap-tools~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-clamav\", rpm:\"samba-vscan-clamav~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vscan-icap\", rpm:\"samba-vscan-icap~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.0.25b~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:02:19", "references": [], "pluginID": "136141256231059026", "description": "The remote host is missing an update as announced\nvia advisory SSA:2007-320-01.", "edition": 3, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2007-320-01 samba", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2018-02-03T00:00:00", "id": "OPENVAS:136141256231059026", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231059026", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2007_320_01.nasl 8649 2018-02-03 12:16:43Z teissa $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0,\nand -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2007-320-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2007-320-01\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.59026\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-03 13:16:43 +0100 (Sat, 03 Feb 2018) $\");\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 8649 $\");\n name = \"Slackware Advisory SSA:2007-320-01 samba \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.27-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.27-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.27-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.27-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.27-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:51", "references": [], "pluginID": "59236", "description": "The remote host is missing an update to samba\nannounced via advisory DSA 1409-1.", "edition": 2, "reporter": "Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "title": "Debian Security Advisory DSA 1409-1 (samba)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=59236", "id": "OPENVAS:59236", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1409_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1409-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several local/remote vulnerabilities have been discovered in samba,\na LanManager-like file and printer server for Unix. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2007-5398\n\nAlin Rad Pop of Secunia Research discovered that nmbd did not properly\ncheck the length of netbios packets. When samba is configured as a WINS\nserver, a remote attacker could send multiple crafted requests resulting\nin the execution of arbitrary code with root privileges.\n\nCVE-2007-4572\nSamba developers discovered that nmbd could be made to overrun a buffer\nduring the processing of GETDC logon server requests. When samba is\nconfigured as a Primary or Backup Domain Controller, a remote attacker\ncould send malicious logon requests and possibly cause a denial of\nservice.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 3.0.24-6etch5.\n\nFor the old stable distribution (sarge), these problems have been fixed in\nversion 3.0.14a-3sarge7.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.0.27-1.\n\nWe recommend that you upgrade your samba packages.\";\ntag_summary = \"The remote host is missing an update to samba\nannounced via advisory DSA 1409-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201409-1\";\n\nif(description)\n{\n script_id(59236);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:23:47 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1409-1 (samba)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.3-samba\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.0.14a-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"winbind\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"smbfs\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"swat\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-samba\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"3.0.24-6etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:43", "references": ["2007-751", "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00726.html"], "pluginID": "861518", "description": "Check for the Version of samba", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-02-27T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for samba FEDORA-2007-751", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861518", "id": "OPENVAS:861518", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for samba FEDORA-2007-751\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"samba on Fedora Core 6\";\ntag_insight = \"Samba is the suite of programs by which a lot of PC-related machines\n share files, printers, and other information (such as lists of\n available files and printers). The Windows NT, OS/2, and Linux\n operating systems support this natively, and add-on packages can\n enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,\n and more. This package provides an SMB server that can be used to\n provide network services to SMB (sometimes called &quot;Lan Manager&quot;)\n clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT\n need the NetBEUI (Microsoft Raw NetBIOS frame) protocol\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00726.html\");\n script_id(861518);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-751\");\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_name( \"Fedora Update for samba FEDORA-2007-751\");\n\n script_summary(\"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC6\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/samba-debuginfo\", rpm:\"x86_64/debug/samba-debuginfo~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/samba-client\", rpm:\"x86_64/samba-client~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/samba-swat\", rpm:\"x86_64/samba-swat~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/samba\", rpm:\"x86_64/samba~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/samba-common\", rpm:\"x86_64/samba-common~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/samba-common\", rpm:\"i386/samba-common~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/samba\", rpm:\"i386/samba~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/samba-debuginfo\", rpm:\"i386/debug/samba-debuginfo~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/samba-swat\", rpm:\"i386/samba-swat~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/samba-client\", rpm:\"i386/samba-client~3.0.24~8.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:43:14", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageFilename": "samba-common-3.0.9-1.3E.14.1.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageFilename": "samba-common-3.0.9-1.3E.14.1.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageFilename": "samba-common-3.0.9-1.3E.14.1.x86_64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.i386.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.x86_64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageFilename": "samba-client-3.0.9-1.3E.14.1.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageFilename": "samba-3.0.9-1.3E.14.1.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageFilename": "samba-3.0.9-1.3E.14.1.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageFilename": "samba-3.0.9-1.3E.14.1.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "src", "packageFilename": "samba-3.0.9-1.3E.14.1.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "src", "packageFilename": "samba-3.0.9-1.3E.14.1.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageFilename": "samba-client-3.0.9-1.3E.14.1.i386.rpm", "packageName": "samba-client", "operator": "lt"}], "description": " [3.0.9-1.3E.14]\n \n - Security fix for CVE-2007-4572 and CVE-2007-5398\n resolves: #350731\n resolves: #359101 ", "edition": 3, "reporter": "Oracle", "published": "2007-11-16T00:00:00", "title": "Critical: samba security update ", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-11-16T00:00:00", "id": "ELSA-2007-1013", "href": "http://linux.oracle.com/errata/ELSA-2007-1013.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:42:36", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "x86_64", "packageFilename": "samba-common-3.0.25b-1.el5_1.2.x86_64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "i386", "packageFilename": "samba-client-3.0.25b-1.el5_1.2.i386.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "i386", "packageFilename": "samba-3.0.25b-1.el5_1.2.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "src", "packageFilename": "samba-3.0.25b-1.el5_1.2.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "src", "packageFilename": "samba-3.0.25b-1.el5_1.2.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "x86_64", "packageFilename": "samba-swat-3.0.25b-1.el5_1.2.x86_64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "x86_64", "packageFilename": "samba-3.0.25b-1.el5_1.2.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el5_1.2.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el5_1.2.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "i386", "packageFilename": "samba-swat-3.0.25b-1.el5_1.2.i386.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "x86_64", "packageFilename": "samba-client-3.0.25b-1.el5_1.2.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}], "description": " [3.0.25b-0.el5_1.1]\n - Security fix for CVE-2007-4138\n - Security fix for CVE-2007-4572\n - Security fix for CVE-2007-5398\n - Multilib Fix\n - resolves: #351501\n - resolves: #350761\n - resolves: #359151\n - resolves: #356851\n \n -------------- next part --------------\n An HTML attachment was scrubbed...\n URL: http://oss.oracle.com/pipermail/el-errata/attachments/20071123/ec47524f/attachment.html ", "edition": 3, "reporter": "Oracle", "published": "2007-11-23T00:00:00", "title": "Critical: samba security update ", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-4138", "CVE-2007-5398"], "modified": "2007-11-23T00:00:00", "id": "ELSA-2007-1017", "href": "http://linux.oracle.com/errata/ELSA-2007-1017.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:42:05", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "x86_64", "packageFilename": "samba-swat-3.0.25b-1.el4_6.2.x86_64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "i386", "packageFilename": "samba-3.0.25b-1.el4_6.2.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "src", "packageFilename": "samba-3.0.25b-1.el4_6.2.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "src", "packageFilename": "samba-3.0.25b-1.el4_6.2.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "x86_64", "packageFilename": "samba-3.0.25b-1.el4_6.2.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "i386", "packageFilename": "samba-swat-3.0.25b-1.el4_6.2.i386.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el4_6.2.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el4_6.2.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "x86_64", "packageFilename": "samba-client-3.0.25b-1.el4_6.2.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "x86_64", "packageFilename": "samba-common-3.0.25b-1.el4_6.2.x86_64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "i386", "packageFilename": "samba-client-3.0.25b-1.el4_6.2.i386.rpm", "packageName": "samba-client", "operator": "lt"}], "description": " [3.0.25b-1]\n - samba incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin\n - samba buffer overflow\n - Samba \"reply_netbios_packet()\" Buffer Overflow Vulnerability ", "edition": 3, "reporter": "Oracle", "published": "2007-12-04T00:00:00", "title": "Critical: samba security update ", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-4138", "CVE-2007-5398"], "modified": "2007-12-04T00:00:00", "id": "ELSA-2007-1016", "href": "http://linux.oracle.com/errata/ELSA-2007-1016.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:47:56", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ia64", "packageFilename": "samba-client-3.0.25b-1.el4_6.4.ia64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.x86_64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ia64", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.ia64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageFilename": "samba-3.0.25b-1.el5_1.4.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageFilename": "samba-common-3.0.9-1.3E.14.3.x86_64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageFilename": "samba-swat-3.0.25b-1.el5_1.4.i386.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageFilename": "samba-common-3.0.9-1.3E.14.3.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageFilename": "samba-common-3.0.9-1.3E.14.3.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageFilename": "samba-3.0.9-1.3E.14.3.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageFilename": "samba-3.0.9-1.3E.14.3.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageFilename": "samba-client-3.0.9-1.3E.14.3.i386.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "i386", "packageFilename": "samba-client-3.0.25b-1.el4_6.4.i386.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.x86_64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "i386", "packageFilename": "samba-swat-3.0.25b-1.el4_6.4.i386.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "x86_64", "packageFilename": "samba-3.0.25b-1.el4_6.4.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "x86_64", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.x86_64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ia64", "packageFilename": "samba-3.0.25b-1.el4_6.4.ia64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageFilename": "samba-client-3.0.9-1.3E.14.3.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "x86_64", "packageFilename": "samba-client-3.0.25b-1.el4_6.4.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageFilename": "samba-client-3.0.25b-1.el5_1.4.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "src", "packageFilename": "samba-3.0.25b-1.el4_6.4.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "src", "packageFilename": "samba-3.0.25b-1.el4_6.4.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "src", "packageFilename": "samba-3.0.25b-1.el4_6.4.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "src", "packageFilename": "samba-3.0.9-1.3E.14.3.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "src", "packageFilename": "samba-3.0.9-1.3E.14.3.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ia64", "packageFilename": "samba-swat-3.0.25b-1.el4_6.4.ia64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "src", "packageFilename": "samba-3.0.25b-1.el5_1.4.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "src", "packageFilename": "samba-3.0.25b-1.el5_1.4.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageFilename": "samba-swat-3.0.25b-1.el5_1.4.x86_64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageFilename": "samba-client-3.0.25b-1.el5_1.4.i386.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "i386", "packageFilename": "samba-3.0.25b-1.el4_6.4.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageFilename": "samba-3.0.25b-1.el5_1.4.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "x86_64", "packageFilename": "samba-swat-3.0.25b-1.el4_6.4.x86_64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageFilename": "samba-3.0.9-1.3E.14.3.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.i386.rpm", "packageName": "samba-swat", "operator": "lt"}], "description": " [3.0.9-1.3E.14.3]\n \n - Security fix for CVE-2007-6015\n - Fix for regression introduced with CVE-2007-4572\n - resolves: #407321\n - resolves: #389021 ", "edition": 3, "reporter": "Oracle", "published": "2007-12-10T00:00:00", "title": "Critical: samba security and bug fix update ", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-6015"], "modified": "2007-12-10T00:00:00", "id": "ELSA-2007-1114", "href": "http://linux.oracle.com/errata/ELSA-2007-1114.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-05-11T21:13:33", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ppc", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.1", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-2.2.12-1.21as.8.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ia64", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390x", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ppc", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ppc64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.1", "arch": "ia64", "packageName": "samba", "packageFilename": "samba-2.2.12-1.21as.8.1.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.1", "arch": "i386", "packageName": "samba-swat", "packageFilename": "samba-swat-2.2.12-1.21as.8.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.1", "arch": "ia64", "packageName": "samba-common", "packageFilename": "samba-common-2.2.12-1.21as.8.1.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.1", "arch": "i386", "packageName": "samba", "packageFilename": "samba-2.2.12-1.21as.8.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390x", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.1", "arch": "ia64", "packageName": "samba-client", "packageFilename": "samba-client-2.2.12-1.21as.8.1.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ppc", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.1", "arch": "i386", "packageName": "samba-client", "packageFilename": "samba-client-2.2.12-1.21as.8.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ia64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ppc", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390x", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.1", "arch": "ia64", "packageName": "samba-swat", "packageFilename": "samba-swat-2.2.12-1.21as.8.1.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ia64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ppc64", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ia64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390x", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.s390.rpm", "operator": "lt"}], "description": "Samba is a suite of programs used by machines to share files, printers, and\r\nother information.\r\n\r\nA buffer overflow flaw was found in the way Samba creates NetBIOS replies.\r\nIf a Samba server is configured to run as a WINS server, a remote\r\nunauthenticated user could cause the Samba server to crash or execute\r\narbitrary code. (CVE-2007-5398)\r\n\r\nA heap-based buffer overflow flaw was found in the way Samba authenticates\r\nusers. A remote unauthenticated user could trigger this flaw to cause the\r\nSamba server to crash. Careful analysis of this flaw has determined that\r\narbitrary code execution is not possible, and under most circumstances will\r\nnot result in a crash of the Samba server. (CVE-2007-4572)\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research, and the Samba\r\ndevelopers for responsibly disclosing these issues.\r\n\r\nUsers of Samba are advised to ugprade to these updated packages, which\r\ncontain backported patches to resolve these issues.", "reporter": "RedHat", "published": "2007-11-15T05:00:00", "type": "redhat", "title": "(RHSA-2007:1013) Critical: samba security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-05-11T23:27:00", "id": "RHSA-2007:1013", "href": "https://access.redhat.com/errata/RHSA-2007:1013", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:20:28", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el5_1.2.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "i386", "packageFilename": "samba-3.0.25b-1.el5_1.2.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "i386", "packageFilename": "samba-client-3.0.25b-1.el5_1.2.i386.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "i386", "packageFilename": "samba-swat-3.0.25b-1.el5_1.2.i386.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "src", "packageFilename": "samba-3.0.25b-1.el5_1.2.src.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "x86_64", "packageFilename": "samba-common-3.0.25b-1.el5_1.2.x86_64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "x86_64", "packageFilename": "samba-swat-3.0.25b-1.el5_1.2.x86_64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "x86_64", "packageFilename": "samba-client-3.0.25b-1.el5_1.2.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "x86_64", "packageFilename": "samba-3.0.25b-1.el5_1.2.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "ppc", "packageFilename": "samba-swat-3.0.25b-1.el5_1.2.ppc.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "ppc", "packageFilename": "samba-client-3.0.25b-1.el5_1.2.ppc.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "ppc", "packageFilename": "samba-3.0.25b-1.el5_1.2.ppc.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "ppc", "packageFilename": "samba-common-3.0.25b-1.el5_1.2.ppc.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "ppc64", "packageFilename": "samba-common-3.0.25b-1.el5_1.2.ppc64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "s390x", "packageFilename": "samba-client-3.0.25b-1.el5_1.2.s390x.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "s390x", "packageFilename": "samba-3.0.25b-1.el5_1.2.s390x.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "s390", "packageFilename": "samba-common-3.0.25b-1.el5_1.2.s390.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "s390x", "packageFilename": "samba-common-3.0.25b-1.el5_1.2.s390x.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "s390x", "packageFilename": "samba-swat-3.0.25b-1.el5_1.2.s390x.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "ia64", "packageFilename": "samba-client-3.0.25b-1.el5_1.2.ia64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "ia64", "packageFilename": "samba-3.0.25b-1.el5_1.2.ia64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "ia64", "packageFilename": "samba-swat-3.0.25b-1.el5_1.2.ia64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.2", "arch": "ia64", "packageFilename": "samba-common-3.0.25b-1.el5_1.2.ia64.rpm", "packageName": "samba-common", "operator": "lt"}], "description": "Samba is a suite of programs used by machines to share files, printers, and\r\nother information.\r\n\r\nA buffer overflow flaw was found in the way Samba creates NetBIOS replies.\r\nIf a Samba server is configured to run as a WINS server, a remote\r\nunauthenticated user could cause the Samba server to crash or execute\r\narbitrary code. (CVE-2007-5398)\r\n\r\nA heap based buffer overflow flaw was found in the way Samba authenticates\r\nusers. A remote unauthenticated user could trigger this flaw to cause the\r\nSamba server to crash. Careful analysis of this flaw has determined that\r\narbitrary code execution is not possible, and under most circumstances will\r\nnot result in a crash of the Samba server. (CVE-2007-4572)\r\n\r\nA flaw was found in the way Samba assigned group IDs under certain\r\nconditions. If the \"winbind nss info\" parameter in smb.conf is set to\r\neither \"sfu\" or \"rfc2307\", Samba users are incorrectly assigned the group\r\nID of 0. (CVE-2007-4138)\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research, Rick King,\r\nand the Samba developers for responsibly disclosing these issues.\r\n\r\nAll Samba users are advised to upgrade to these updated packages, which\r\ncontain a backported patch to correct these issues.", "reporter": "RedHat", "published": "2007-11-15T05:00:00", "type": "redhat", "title": "(RHSA-2007:1017) Critical: samba security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4138", "CVE-2007-4572", "CVE-2007-5398"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:13:50", "id": "RHSA-2007:1017", "href": "https://access.redhat.com/errata/RHSA-2007:1017", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:19:43", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "i386", "packageFilename": "samba-common-3.0.25b-1.el4_6.2.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "s390x", "packageFilename": "samba-client-3.0.25b-1.el4_6.2.s390x.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "ia64", "packageFilename": "samba-3.0.25b-1.el4_6.2.ia64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "i386", "packageFilename": "samba-3.0.25b-1.el4_6.2.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "x86_64", "packageFilename": "samba-client-3.0.25b-1.el4_6.2.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "ppc", "packageFilename": "samba-common-3.0.25b-1.el4_6.2.ppc.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "x86_64", "packageFilename": "samba-common-3.0.25b-1.el4_6.2.x86_64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "s390x", "packageFilename": "samba-common-3.0.25b-1.el4_6.2.s390x.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "i386", "packageFilename": "samba-client-3.0.25b-1.el4_6.2.i386.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "ia64", "packageFilename": "samba-common-3.0.25b-1.el4_6.2.ia64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "ppc", "packageFilename": "samba-swat-3.0.25b-1.el4_6.2.ppc.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "ppc64", "packageFilename": "samba-common-3.0.25b-1.el4_6.2.ppc64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "ppc", "packageFilename": "samba-client-3.0.25b-1.el4_6.2.ppc.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "x86_64", "packageFilename": "samba-3.0.25b-1.el4_6.2.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "ia64", "packageFilename": "samba-client-3.0.25b-1.el4_6.2.ia64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "s390", "packageFilename": "samba-client-3.0.25b-1.el4_6.2.s390.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "x86_64", "packageFilename": "samba-swat-3.0.25b-1.el4_6.2.x86_64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "i386", "packageFilename": "samba-swat-3.0.25b-1.el4_6.2.i386.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "s390", "packageFilename": "samba-swat-3.0.25b-1.el4_6.2.s390.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "s390", "packageFilename": "samba-common-3.0.25b-1.el4_6.2.s390.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "ia64", "packageFilename": "samba-swat-3.0.25b-1.el4_6.2.ia64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "ppc", "packageFilename": "samba-3.0.25b-1.el4_6.2.ppc.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "s390x", "packageFilename": "samba-swat-3.0.25b-1.el4_6.2.s390x.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "s390", "packageFilename": "samba-3.0.25b-1.el4_6.2.s390.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "s390x", "packageFilename": "samba-3.0.25b-1.el4_6.2.s390x.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.2", "arch": "src", "packageFilename": "samba-3.0.25b-1.el4_6.2.src.rpm", "packageName": "samba", "operator": "lt"}], "description": "Samba is a suite of programs used by machines to share files, printers, and\r\nother information.\r\n\r\nA buffer overflow flaw was found in the way Samba creates NetBIOS replies.\r\nIf a Samba server is configured to run as a WINS server, a remote\r\nunauthenticated user could cause the Samba server to crash or execute\r\narbitrary code. (CVE-2007-5398)\r\n\r\nA heap-based buffer overflow flaw was found in the way Samba authenticates\r\nusers. A remote unauthenticated user could trigger this flaw to cause the\r\nSamba server to crash. Careful analysis of this flaw has determined that\r\narbitrary code execution is not possible, and under most circumstances will\r\nnot result in a crash of the Samba server. (CVE-2007-4572)\r\n\r\nA flaw was found in the way Samba assigned group IDs under certain\r\nconditions. If the \"winbind nss info\" parameter in smb.conf is set to\r\neither \"sfu\" or \"rfc2307\", Samba users are incorrectly assigned the group\r\nID of 0. (CVE-2007-4138)\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research, Rick King,\r\nand the Samba developers for responsibly disclosing these issues.\r\n\r\nAll Samba users are advised to upgrade to these updated packages, which\r\ncontain a backported patch to correct these issues.", "reporter": "RedHat", "published": "2007-11-15T05:00:00", "type": "redhat", "title": "(RHSA-2007:1016) Critical: samba security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4138", "CVE-2007-4572", "CVE-2007-5398"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:53:32", "id": "RHSA-2007:1016", "href": "https://access.redhat.com/errata/RHSA-2007:1016", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:19:17", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "ia64", "packageFilename": "samba-swat-3.0.10-2.el4_5.1.ia64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "ia64", "packageFilename": "samba-3.0.10-2.el4_5.1.ia64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "i386", "packageFilename": "samba-3.0.10-2.el4_5.1.i386.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "x86_64", "packageFilename": "samba-swat-3.0.10-2.el4_5.1.x86_64.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "ia64", "packageFilename": "samba-common-3.0.10-2.el4_5.1.ia64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "i386", "packageFilename": "samba-common-3.0.10-2.el4_5.1.i386.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "s390", "packageFilename": "samba-3.0.10-2.el4_5.1.s390.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "x86_64", "packageFilename": "samba-3.0.10-2.el4_5.1.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "s390", "packageFilename": "samba-client-3.0.10-2.el4_5.1.s390.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "s390", "packageFilename": "samba-swat-3.0.10-2.el4_5.1.s390.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "x86_64", "packageFilename": "samba-client-3.0.10-2.el4_5.1.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "x86_64", "packageFilename": "samba-common-3.0.10-2.el4_5.1.x86_64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "i386", "packageFilename": "samba-swat-3.0.10-2.el4_5.1.i386.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "ia64", "packageFilename": "samba-client-3.0.10-2.el4_5.1.ia64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "ppc", "packageFilename": "samba-common-3.0.10-2.el4_5.1.ppc.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "s390x", "packageFilename": "samba-common-3.0.10-2.el4_5.1.s390x.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "s390x", "packageFilename": "samba-3.0.10-2.el4_5.1.s390x.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "ppc64", "packageFilename": "samba-common-3.0.10-2.el4_5.1.ppc64.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "i386", "packageFilename": "samba-client-3.0.10-2.el4_5.1.i386.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "s390", "packageFilename": "samba-common-3.0.10-2.el4_5.1.s390.rpm", "packageName": "samba-common", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "s390x", "packageFilename": "samba-swat-3.0.10-2.el4_5.1.s390x.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "s390x", "packageFilename": "samba-client-3.0.10-2.el4_5.1.s390x.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "ppc", "packageFilename": "samba-client-3.0.10-2.el4_5.1.ppc.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "ppc", "packageFilename": "samba-swat-3.0.10-2.el4_5.1.ppc.rpm", "packageName": "samba-swat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "ppc", "packageFilename": "samba-3.0.10-2.el4_5.1.ppc.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.10-2.el4_5.1", "arch": "src", "packageFilename": "samba-3.0.10-2.el4_5.1.src.rpm", "packageName": "samba", "operator": "lt"}], "description": "Samba is a suite of programs used by machines to share files, printers, and\r\nother information.\r\n\r\nA buffer overflow flaw was found in the way Samba creates NetBIOS replies.\r\nIf a Samba server is configured to run as a WINS server, a remote\r\nunauthenticated user could cause the Samba server to crash, or execute\r\narbitrary code. (CVE-2007-5398)\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\r\nresponsibly disclosing this issue.\r\n\r\nUsers of Samba should upgrade to these updated packages, which contain a\r\nbackported patch to correct this issue.", "reporter": "RedHat", "published": "2007-11-15T05:00:00", "type": "redhat", "title": "(RHSA-2007:1034) Critical: samba security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-5398"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:06:18", "id": "RHSA-2007:1034", "href": "https://access.redhat.com/errata/RHSA-2007:1034", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-05-11T21:13:46", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ppc", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.2", "arch": "i386", "packageName": "samba", "packageFilename": "samba-2.2.12-1.21as.8.2.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "s390", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el4_6.4.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "i386", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el4_6.4.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ppc", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "ia64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el5_1.4.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "s390x", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el4_6.4.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "x86_64", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el4_6.4.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ia64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ia64", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el4_6.4.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el5_1.4.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ppc64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "s390", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el5_1.4.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390x", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "s390x", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el4_6.4.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390x", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "ppc64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ia64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "x86_64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ppc", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el4_6.4.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "s390x", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el4_6.4.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ia64", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "i386", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el4_6.4.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el5_1.4.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.2", "arch": "ia64", "packageName": "samba", "packageFilename": "samba-2.2.12-1.21as.8.2.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "s390x", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el5_1.4.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el5_1.4.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390x", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.2", "arch": "ia64", "packageName": "samba-common", "packageFilename": "samba-common-2.2.12-1.21as.8.2.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "s390x", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el5_1.4.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ia64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el4_6.4.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "x86_64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el4_6.4.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "ppc", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el5_1.4.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.2", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-2.2.12-1.21as.8.2.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "s390x", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.2", "arch": "i386", "packageName": "samba-swat", "packageFilename": "samba-swat-2.2.12-1.21as.8.2.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "s390", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "ia64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ia64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390x", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ppc", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el4_6.4.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "ppc", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el5_1.4.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "ia64", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el5_1.4.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ppc", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el4_6.4.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "s390x", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el5_1.4.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "x86_64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el4_6.4.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ppc64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "ia64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el5_1.4.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "s390", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el4_6.4.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ia64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ppc", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "i386", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el4_6.4.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "s390", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el4_6.4.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.2", "arch": "ia64", "packageName": "samba-swat", "packageFilename": "samba-swat-2.2.12-1.21as.8.2.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ia64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el4_6.4.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.2", "arch": "i386", "packageName": "samba-client", "packageFilename": "samba-client-2.2.12-1.21as.8.2.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ppc", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "ppc", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.2.12-1.21as.8.2", "arch": "ia64", "packageName": "samba-client", "packageFilename": "samba-client-2.2.12-1.21as.8.2.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.25b-1.el4_6.4", "arch": "s390x", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el4_6.4.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "ppc", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el5_1.4.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el5_1.4.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el5_1.4.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ppc64", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "ppc", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.ppc.rpm", "operator": "lt"}], "description": "Samba is a suite of programs used by machines to share files, printers, and\r\nother information.\r\n\r\nA stack buffer overflow flaw was found in the way Samba authenticates\r\nremote users. A remote unauthenticated user could trigger this flaw to\r\ncause the Samba server to crash, or execute arbitrary code with the\r\npermissions of the Samba server. (CVE-2007-6015)\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\r\nresponsibly disclosing this issue.\r\n\r\nThis update also fixes a regression caused by the fix for CVE-2007-4572,\r\nwhich prevented some clients from being able to properly access shares.\r\n\r\nUsers of Samba are advised to upgrade to these updated packages, which\r\ncontain a backported patch to resolve these issues.", "reporter": "RedHat", "published": "2007-12-10T05:00:00", "type": "redhat", "title": "(RHSA-2007:1114) Critical: samba security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-6015"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-05-11T23:26:45", "id": "RHSA-2007:1114", "href": "https://access.redhat.com/errata/RHSA-2007:1114", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:38:34", "references": ["http://www.nessus.org/u?e6b8d83e", "http://www.nessus.org/u?6d2ea3d0", "http://www.nessus.org/u?2fab4bd4"], "pluginID": "37627", "description": "Updated samba packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSamba is a suite of programs used by machines to share files, printers, and other information.\n\nA buffer overflow flaw was found in the way Samba creates NetBIOS replies. If a Samba server is configured to run as a WINS server, a remote unauthenticated user could cause the Samba server to crash or execute arbitrary code. (CVE-2007-5398)\n\nA heap-based buffer overflow flaw was found in the way Samba authenticates users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash. Careful analysis of this flaw has determined that arbitrary code execution is not possible, and under most circumstances will not result in a crash of the Samba server. (CVE-2007-4572)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research, and the Samba developers for responsibly disclosing these issues.\n\nUsers of Samba are advised to ugprade to these updated packages, which contain backported patches to resolve these issues.", "edition": 5, "reporter": "Tenable", "published": "2009-04-23T00:00:00", "title": "CentOS 3 : samba (CESA-2007:1013)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2018-06-27T00:00:00", "cpe": ["p-cpe:/a:centos:centos:samba-swat", "p-cpe:/a:centos:centos:samba-common", "p-cpe:/a:centos:centos:samba-client", "p-cpe:/a:centos:centos:samba", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2007-1013.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=37627", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1013 and \n# CentOS Errata and Security Advisory 2007:1013 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37627);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/06/27 18:42:25\");\n\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_bugtraq_id(26454, 26455);\n script_xref(name:\"RHSA\", value:\"2007:1013\");\n\n script_name(english:\"CentOS 3 : samba (CESA-2007:1013)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA buffer overflow flaw was found in the way Samba creates NetBIOS\nreplies. If a Samba server is configured to run as a WINS server, a\nremote unauthenticated user could cause the Samba server to crash or\nexecute arbitrary code. (CVE-2007-5398)\n\nA heap-based buffer overflow flaw was found in the way Samba\nauthenticates users. A remote unauthenticated user could trigger this\nflaw to cause the Samba server to crash. Careful analysis of this flaw\nhas determined that arbitrary code execution is not possible, and\nunder most circumstances will not result in a crash of the Samba\nserver. (CVE-2007-4572)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research, and the\nSamba developers for responsibly disclosing these issues.\n\nUsers of Samba are advised to ugprade to these updated packages, which\ncontain backported patches to resolve these issues.\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2007-November/014437.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2fab4bd4\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2007-November/014438.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6d2ea3d0\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2007-November/014444.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e6b8d83e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"samba-3.0.9-1.3E.14.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"samba-client-3.0.9-1.3E.14.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"samba-common-3.0.9-1.3E.14.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"samba-swat-3.0.9-1.3E.14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:39:39", "references": ["http://www.nessus.org/u?af2e5f9c"], "pluginID": "28277", "description": "New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues.", "edition": 5, "reporter": "Tenable", "published": "2007-11-20T00:00:00", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / current : samba (SSA:2007-320-01)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2018-06-27T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "p-cpe:/a:slackware:slackware_linux:samba"], "id": "SLACKWARE_SSA_2007-320-01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=28277", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2007-320-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28277);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_bugtraq_id(26454, 26455);\n script_xref(name:\"SSA\", value:\"2007-320-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / current : samba (SSA:2007-320-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New samba packages are available for Slackware 10.0, 10.1, 10.2,\n11.0, 12.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af2e5f9c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected samba package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"10.0\", pkgname:\"samba\", pkgver:\"3.0.27\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"samba\", pkgver:\"3.0.27\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"samba\", pkgver:\"3.0.27\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"samba\", pkgver:\"3.0.27\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"samba\", pkgver:\"3.0.27\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"samba\", pkgver:\"3.0.27\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:56:29", "references": [], "pluginID": "28288", "description": "USN-544-1 fixed two vulnerabilities in Samba. Fixes for CVE-2007-5398 are unchanged, but the upstream changes for CVE-2007-4572 introduced a regression in all releases which caused Linux smbfs mounts to fail.\nAdditionally, Dapper and Edgy included an incomplete patch which caused configurations using NetBIOS to fail. A proper fix for these regressions does not exist at this time, and so the patch addressing CVE-2007-4572 has been removed. This vulnerability is believed to be an unexploitable denial of service, but a future update will address this issue. We apologize for the inconvenience.\n\nSamba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. (CVE-2007-4572)\n\nAlin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets. When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges. (CVE-2007-5398).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2007-11-20T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : samba regression (USN-544-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2018-08-06T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-samba", "p-cpe:/a:canonical:ubuntu_linux:samba-doc", "cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:smbclient", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:samba", "p-cpe:/a:canonical:ubuntu_linux:swat", "p-cpe:/a:canonical:ubuntu_linux:smbfs", "p-cpe:/a:canonical:ubuntu_linux:winbind", "p-cpe:/a:canonical:ubuntu_linux:libpam-smbpass", "p-cpe:/a:canonical:ubuntu_linux:libsmbclient-dev", "p-cpe:/a:canonical:ubuntu_linux:samba-common", "p-cpe:/a:canonical:ubuntu_linux:samba-doc-pdf", "p-cpe:/a:canonical:ubuntu_linux:samba-dbg", "p-cpe:/a:canonical:ubuntu_linux:python2.4-samba", "p-cpe:/a:canonical:ubuntu_linux:libsmbclient", "cpe:/o:canonical:ubuntu_linux:7.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-544-2.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=28288", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-544-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28288);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/08/06 14:03:15\");\n\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_bugtraq_id(26454);\n script_xref(name:\"USN\", value:\"544-2\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : samba regression (USN-544-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-544-1 fixed two vulnerabilities in Samba. Fixes for CVE-2007-5398\nare unchanged, but the upstream changes for CVE-2007-4572 introduced a\nregression in all releases which caused Linux smbfs mounts to fail.\nAdditionally, Dapper and Edgy included an incomplete patch which\ncaused configurations using NetBIOS to fail. A proper fix for these\nregressions does not exist at this time, and so the patch addressing\nCVE-2007-4572 has been removed. This vulnerability is believed to be\nan unexploitable denial of service, but a future update will address\nthis issue. We apologize for the inconvenience.\n\nSamba developers discovered that nmbd could be made to overrun a\nbuffer during the processing of GETDC logon server requests. When\nsamba is configured as a Primary or Backup Domain Controller, a remote\nattacker could send malicious logon requests and possibly cause a\ndenial of service. (CVE-2007-4572)\n\nAlin Rad Pop of Secunia Research discovered that nmbd did\nnot properly check the length of netbios packets. When samba\nis configured as a WINS server, a remote attacker could send\nmultiple crafted requests resulting in the execution of\narbitrary code with root privileges. (CVE-2007-5398).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpam-smbpass\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsmbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:smbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:smbfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2018 Canonical, Inc. / NASL script (C) 2007-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04|7\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04 / 7.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpam-smbpass\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libsmbclient\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libsmbclient-dev\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-samba\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-common\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-dbg\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-doc\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-doc-pdf\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"smbclient\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"smbfs\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"swat\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"winbind\", pkgver:\"3.0.22-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libpam-smbpass\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libsmbclient\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libsmbclient-dev\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"python2.4-samba\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"samba\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"samba-common\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"samba-dbg\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"samba-doc\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"samba-doc-pdf\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"smbclient\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"smbfs\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"swat\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"winbind\", pkgver:\"3.0.22-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libpam-smbpass\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libsmbclient\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libsmbclient-dev\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"python-samba\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"samba\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"samba-common\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"samba-dbg\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"samba-doc\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"samba-doc-pdf\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"smbclient\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"smbfs\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"swat\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"winbind\", pkgver:\"3.0.24-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libpam-smbpass\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libsmbclient\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libsmbclient-dev\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"samba\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"samba-common\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"samba-dbg\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"samba-doc\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"samba-doc-pdf\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"smbclient\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"smbfs\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"swat\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"winbind\", pkgver:\"3.0.26a-1ubuntu2.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpam-smbpass / libsmbclient / libsmbclient-dev / python-samba / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:33:13", "references": [], "pluginID": "28251", "description": "Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. (CVE-2007-4572)\n\nAlin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets. When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges.\n(CVE-2007-5398).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2007-11-16T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : samba vulnerabilities (USN-544-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2018-08-15T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-samba", "p-cpe:/a:canonical:ubuntu_linux:samba-doc", "cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:smbclient", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:samba", "p-cpe:/a:canonical:ubuntu_linux:swat", "p-cpe:/a:canonical:ubuntu_linux:smbfs", "p-cpe:/a:canonical:ubuntu_linux:winbind", "p-cpe:/a:canonical:ubuntu_linux:libpam-smbpass", "p-cpe:/a:canonical:ubuntu_linux:libsmbclient-dev", "p-cpe:/a:canonical:ubuntu_linux:samba-common", "p-cpe:/a:canonical:ubuntu_linux:samba-doc-pdf", "p-cpe:/a:canonical:ubuntu_linux:samba-dbg", "p-cpe:/a:canonical:ubuntu_linux:python2.4-samba", "p-cpe:/a:canonical:ubuntu_linux:libsmbclient", "cpe:/o:canonical:ubuntu_linux:7.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-544-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=28251", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-544-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28251);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/08/15 12:24:48\");\n\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_xref(name:\"USN\", value:\"544-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : samba vulnerabilities (USN-544-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Samba developers discovered that nmbd could be made to overrun a\nbuffer during the processing of GETDC logon server requests. When\nsamba is configured as a Primary or Backup Domain Controller, a remote\nattacker could send malicious logon requests and possibly cause a\ndenial of service. (CVE-2007-4572)\n\nAlin Rad Pop of Secunia Research discovered that nmbd did not properly\ncheck the length of netbios packets. When samba is configured as a\nWINS server, a remote attacker could send multiple crafted requests\nresulting in the execution of arbitrary code with root privileges.\n(CVE-2007-5398).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpam-smbpass\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsmbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:smbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:smbfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04|7\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04 / 7.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpam-smbpass\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libsmbclient\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libsmbclient-dev\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-samba\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-common\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-dbg\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-doc\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-doc-pdf\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"smbclient\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"smbfs\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"swat\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"winbind\", pkgver:\"3.0.22-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libpam-smbpass\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libsmbclient\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libsmbclient-dev\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"python2.4-samba\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"samba\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"samba-common\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"samba-dbg\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"samba-doc\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"samba-doc-pdf\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"smbclient\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"smbfs\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"swat\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"winbind\", pkgver:\"3.0.22-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libpam-smbpass\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libsmbclient\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libsmbclient-dev\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"python-samba\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"samba\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"samba-common\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"samba-dbg\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"samba-doc\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"samba-doc-pdf\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"smbclient\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"smbfs\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"swat\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"winbind\", pkgver:\"3.0.24-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libpam-smbpass\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libsmbclient\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libsmbclient-dev\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"samba\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"samba-common\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"samba-dbg\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"samba-doc\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"samba-doc-pdf\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"smbclient\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"smbfs\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"swat\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"winbind\", pkgver:\"3.0.26a-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpam-smbpass / libsmbclient / libsmbclient-dev / python-samba / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:51:26", "references": ["https://security-tracker.debian.org/tracker/CVE-2007-4572", "http://www.debian.org/security/2007/dsa-1409", "https://security-tracker.debian.org/tracker/CVE-2007-5398"], "pluginID": "28298", "description": "This update fixes all currently known regressions introduced with the previous two revisions of DSA-1409. The original text is reproduced below :\n\n Several local/remote vulnerabilities have been discovered in samba, a LanManager-like file and printer server for Unix. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2007-5398 Alin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets.\n When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges.\n\n - CVE-2007-4572 Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service.", "edition": 6, "reporter": "Tenable", "published": "2007-11-26T00:00:00", "title": "Debian DSA-1409-3 : samba - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2018-07-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:samba", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-1409.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=28298", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1409. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28298);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/07/23 12:46:37\");\n\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_xref(name:\"DSA\", value:\"1409\");\n\n script_name(english:\"Debian DSA-1409-3 : samba - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes all currently known regressions introduced with the\nprevious two revisions of DSA-1409. The original text is reproduced\nbelow :\n\n Several local/remote vulnerabilities have been discovered in samba,\n a LanManager-like file and printer server for Unix. The Common\n Vulnerabilities and Exposures project identifies the following\n problems :\n\n - CVE-2007-5398\n Alin Rad Pop of Secunia Research discovered that nmbd\n did not properly check the length of netbios packets.\n When samba is configured as a WINS server, a remote\n attacker could send multiple crafted requests\n resulting in the execution of arbitrary code with root\n privileges.\n\n - CVE-2007-4572\n Samba developers discovered that nmbd could be made to\n overrun a buffer during the processing of GETDC logon\n server requests. When samba is configured as a Primary\n or Backup Domain Controller, a remote attacker could\n send malicious logon requests and possibly cause a\n denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-5398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-4572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2007/dsa-1409\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the samba packages.\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 3.0.14a-3sarge10.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 3.0.24-6etch8.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"libpam-smbpass\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libsmbclient\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libsmbclient-dev\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"python2.3-samba\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"samba\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"samba-common\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"samba-dbg\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"samba-doc\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"smbclient\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"smbfs\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"swat\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"winbind\", reference:\"3.0.14a-3sarge10\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libpam-smbpass\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libsmbclient\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libsmbclient-dev\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"python-samba\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"samba\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"samba-common\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"samba-dbg\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"samba-doc\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"samba-doc-pdf\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"smbclient\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"smbfs\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"swat\", reference:\"3.0.24-6etch8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"winbind\", reference:\"3.0.24-6etch8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:48:22", "references": ["http://www.nessus.org/u?fd6537b5", "http://us1.samba.org/samba/security/CVE-2007-4572.html", "http://us1.samba.org/samba/security/CVE-2007-5398.html"], "pluginID": "28317", "description": "The Samba Team reports :\n\nSecunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect may only be exploited when the 'wins support' parameter has been enabled in smb.conf.\n\nSamba developers have discovered what is believed to be a non-exploitable buffer over in nmbd during the processing of GETDC logon server requests. This code is only used when the Samba server is configured as a Primary or Backup Domain Controller.", "edition": 4, "reporter": "Tenable", "published": "2007-11-26T00:00:00", "title": "FreeBSD : samba -- multiple vulnerabilities (a63b15f9-97ff-11dc-9e48-0016179b2dd5)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2016-05-05T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:ja-samba", "p-cpe:/a:freebsd:freebsd:samba", "p-cpe:/a:freebsd:freebsd:samba3"], "id": "FREEBSD_PKG_A63B15F997FF11DC9E480016179B2DD5.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=28317", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2016 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28317);\n script_version(\"$Revision: 1.17 $\");\n script_cvs_date(\"$Date: 2016/05/05 16:01:15 $\");\n\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_bugtraq_id(26454);\n script_xref(name:\"Secunia\", value:\"27450\");\n\n script_name(english:\"FreeBSD : samba -- multiple vulnerabilities (a63b15f9-97ff-11dc-9e48-0016179b2dd5)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Samba Team reports :\n\nSecunia Research reported a vulnerability that allows for the\nexecution of arbitrary code in nmbd. This defect may only be exploited\nwhen the 'wins support' parameter has been enabled in smb.conf.\n\nSamba developers have discovered what is believed to be a\nnon-exploitable buffer over in nmbd during the processing of GETDC\nlogon server requests. This code is only used when the Samba server is\nconfigured as a Primary or Backup Domain Controller.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://us1.samba.org/samba/security/CVE-2007-4572.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://us1.samba.org/samba/security/CVE-2007-5398.html\"\n );\n # http://www.freebsd.org/ports/portaudit/a63b15f9-97ff-11dc-9e48-0016179b2dd5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fd6537b5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ja-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"samba<3.0.26a\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba>*,1<3.0.26a_2,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba3<3.0.26a\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba3>*,1<3.0.26a_2,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ja-samba<3.0.26a\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ja-samba>*,1<3.0.26a_2,1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:54:13", "references": ["https://bugzilla.samba.org/show_bug.cgi?id=5087"], "pluginID": "28274", "description": "The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service (CVE-2007-4572).\n\nAs well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges (CVE-2007-5398).\n\nUpdate :\n\nThis update corrects all known regressions with previous Samba updates due to the security fixes to correct CVE-2007-4572.", "edition": 5, "reporter": "Tenable", "published": "2007-11-20T00:00:00", "title": "Mandrake Linux Security Advisory : samba (MDKSA-2007:224-3)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libsmbclient0-devel", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:samba-doc", "p-cpe:/a:mandriva:linux:nss_wins", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:libsmbclient0-static-devel", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:samba-common", "p-cpe:/a:mandriva:linux:samba-swat", "p-cpe:/a:mandriva:linux:lib64smbclient0-static-devel", "p-cpe:/a:mandriva:linux:samba-vscan-icap", "p-cpe:/a:mandriva:linux:samba-client", "p-cpe:/a:mandriva:linux:samba-server", "p-cpe:/a:mandriva:linux:mount-cifs", "p-cpe:/a:mandriva:linux:samba-smbldap-tools", "p-cpe:/a:mandriva:linux:lib64smbclient0-devel", "p-cpe:/a:mandriva:linux:lib64smbclient0", "p-cpe:/a:mandriva:linux:samba-vscan-clamav", "p-cpe:/a:mandriva:linux:samba-winbind", "p-cpe:/a:mandriva:linux:libsmbclient0"], "id": "MANDRAKE_MDKSA-2007-224.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=28274", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:224. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28274);\n script_version (\"1.14\");\n script_cvs_date(\"Date: 2018/07/19 20:59:14\");\n\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_bugtraq_id(26454, 26455);\n script_xref(name:\"MDKSA\", value:\"2007:224-3\");\n\n script_name(english:\"Mandrake Linux Security Advisory : samba (MDKSA-2007:224-3)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The samba developers discovered that nmbd could be made to overrun a\nbuffer during the processing of GETDC logon server requests. If samba\nis configured as a Primary or Backup Domain Controller, this could be\nused by a remote attacker to send malicious logon requests and\npossibly cause a denial of service (CVE-2007-4572).\n\nAs well, Alin Rad Pop of Secunia Research found that nmbd did not\nproperly check the length of netbios packets. If samba is configured\nas a WINS server, this could be used by a remote attacker able to send\nmultiple crafted requests to nmbd, resulting in the execution of\narbitrary code with root privileges (CVE-2007-5398).\n\nUpdate :\n\nThis update corrects all known regressions with previous Samba updates\ndue to the security fixes to correct CVE-2007-4572.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=5087\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbclient0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbclient0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mount-cifs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nss_wins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-smbldap-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-vscan-clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-vscan-icap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64smbclient0-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64smbclient0-devel-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64smbclient0-static-devel-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libsmbclient0-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libsmbclient0-devel-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libsmbclient0-static-devel-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mount-cifs-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"nss_wins-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"samba-client-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"samba-common-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"samba-doc-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"samba-server-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"samba-smbldap-tools-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"samba-swat-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"samba-vscan-clamav-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"samba-vscan-icap-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"samba-winbind-3.0.23d-2.6mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-devel-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-static-devel-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libsmbclient0-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libsmbclient0-devel-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libsmbclient0-static-devel-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mount-cifs-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"nss_wins-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"samba-client-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"samba-common-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"samba-doc-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"samba-server-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"samba-smbldap-tools-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"samba-swat-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"samba-vscan-clamav-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"samba-vscan-icap-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"samba-winbind-3.0.24-2.5mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64smbclient0-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64smbclient0-devel-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64smbclient0-static-devel-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libsmbclient0-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libsmbclient0-devel-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libsmbclient0-static-devel-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mount-cifs-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"nss_wins-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"samba-client-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"samba-common-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"samba-doc-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"samba-server-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"samba-smbldap-tools-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"samba-swat-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"samba-vscan-clamav-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"samba-vscan-icap-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"samba-winbind-3.0.25b-4.3mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:32:54", "references": ["http://support.novell.com/security/cve/CVE-2007-5398.html", "http://support.novell.com/security/cve/CVE-2007-4572.html"], "pluginID": "29391", "description": "This update fixes two buffer overflows in nmbd (CVE-2007-4572 / CVE-2007-5398). Remote attackers could potentially exploit them to execute arbitrary code.\n\nThe updated packages additionally contain fixes for numerous other defects. Please refer to the package changelog for details.", "edition": 4, "reporter": "Tenable", "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : Samba (ZYPP Patch Number 4719)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2012-05-17T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_CIFS-MOUNT-4719.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=29391", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29391);\n script_version (\"$Revision: 1.15 $\");\n script_cvs_date(\"$Date: 2012/05/17 10:53:20 $\");\n\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n\n script_name(english:\"SuSE 10 Security Update : Samba (ZYPP Patch Number 4719)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes two buffer overflows in nmbd (CVE-2007-4572 /\nCVE-2007-5398). Remote attackers could potentially exploit them to\nexecute arbitrary code.\n\nThe updated packages additionally contain fixes for numerous other\ndefects. Please refer to the package changelog for details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4572.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5398.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4719.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"cifs-mount-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"libsmbclient-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"libsmbclient-devel-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"samba-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"samba-client-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"samba-krb-printing-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"samba-pdb-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"samba-vscan-0.3.6b-42.62\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"samba-winbind-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"libsmbclient-32bit-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"samba-32bit-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"samba-client-32bit-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"cifs-mount-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"libmsrpc-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"libmsrpc-devel-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"libsmbclient-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"libsmbclient-devel-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"samba-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"samba-client-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"samba-krb-printing-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"samba-pdb-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"samba-python-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"samba-vscan-0.3.6b-42.62\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"samba-winbind-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"libsmbclient-32bit-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"samba-32bit-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"samba-client-32bit-3.0.24-2.33\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.0.24-2.33\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:35:17", "references": ["http://rhn.redhat.com/errata/RHSA-2007-1013.html", "https://www.redhat.com/security/data/cve/CVE-2007-4572.html", "https://www.redhat.com/security/data/cve/CVE-2007-5398.html"], "pluginID": "28244", "description": "Updated samba packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSamba is a suite of programs used by machines to share files, printers, and other information.\n\nA buffer overflow flaw was found in the way Samba creates NetBIOS replies. If a Samba server is configured to run as a WINS server, a remote unauthenticated user could cause the Samba server to crash or execute arbitrary code. (CVE-2007-5398)\n\nA heap-based buffer overflow flaw was found in the way Samba authenticates users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash. Careful analysis of this flaw has determined that arbitrary code execution is not possible, and under most circumstances will not result in a crash of the Samba server. (CVE-2007-4572)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research, and the Samba developers for responsibly disclosing these issues.\n\nUsers of Samba are advised to ugprade to these updated packages, which contain backported patches to resolve these issues.", "edition": 6, "reporter": "Tenable", "published": "2007-11-16T00:00:00", "title": "RHEL 2.1 / 3 : samba (RHSA-2007:1013)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-swat"], "id": "REDHAT-RHSA-2007-1013.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=28244", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1013. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28244);\n script_version (\"1.18\");\n script_cvs_date(\"Date: 2018/07/25 18:58:04\");\n\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_bugtraq_id(26454, 26455);\n script_xref(name:\"RHSA\", value:\"2007:1013\");\n\n script_name(english:\"RHEL 2.1 / 3 : samba (RHSA-2007:1013)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA buffer overflow flaw was found in the way Samba creates NetBIOS\nreplies. If a Samba server is configured to run as a WINS server, a\nremote unauthenticated user could cause the Samba server to crash or\nexecute arbitrary code. (CVE-2007-5398)\n\nA heap-based buffer overflow flaw was found in the way Samba\nauthenticates users. A remote unauthenticated user could trigger this\nflaw to cause the Samba server to crash. Careful analysis of this flaw\nhas determined that arbitrary code execution is not possible, and\nunder most circumstances will not result in a crash of the Samba\nserver. (CVE-2007-4572)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research, and the\nSamba developers for responsibly disclosing these issues.\n\nUsers of Samba are advised to ugprade to these updated packages, which\ncontain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2007-4572.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2007-5398.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2007-1013.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(2\\.1|3)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:1013\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"samba-2.2.12-1.21as.8.1\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"samba-client-2.2.12-1.21as.8.1\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"samba-common-2.2.12-1.21as.8.1\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"samba-swat-2.2.12-1.21as.8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"samba-3.0.9-1.3E.14.1\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"samba-client-3.0.9-1.3E.14.1\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"samba-common-3.0.9-1.3E.14.1\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"samba-swat-3.0.9-1.3E.14.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba / samba-client / samba-common / samba-swat\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:51:58", "references": ["https://security.gentoo.org/glsa/200711-29"], "pluginID": "28318", "description": "The remote host is affected by the vulnerability described in GLSA-200711-29 (Samba: Execution of arbitrary code)\n\n Two vulnerabilities have been reported in nmbd. Alin Rad Pop (Secunia Research) discovered a boundary checking error in the reply_netbios_packet() function which could lead to a stack-based buffer overflow (CVE-2007-5398). The Samba developers discovered a boundary error when processing GETDC logon requests also leading to a buffer overflow (CVE-2007-4572).\n Impact :\n\n To exploit the first vulnerability, a remote unauthenticated attacker could send specially crafted WINS 'Name Registration' requests followed by a WINS 'Name Query' request. This might lead to execution of arbitrary code with elevated privileges. Note that this vulnerability is exploitable only when WINS server support is enabled in Samba. The second vulnerability could be exploited by sending specially crafted 'GETDC' mailslot requests, but requires Samba to be configured as a Primary or Backup Domain Controller. It is not believed the be exploitable to execute arbitrary code.\n Workaround :\n\n To work around the first vulnerability, disable WINS support in Samba by setting 'wins support = no' in the 'global' section of your smb.conf and restart Samba.", "edition": 5, "reporter": "Tenable", "published": "2007-11-26T00:00:00", "title": "GLSA-200711-29 : Samba: Execution of arbitrary code", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2018-08-10T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:samba"], "id": "GENTOO_GLSA-200711-29.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=28318", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200711-29.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28318);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2007-4572\", \"CVE-2007-5398\");\n script_xref(name:\"GLSA\", value:\"200711-29\");\n\n script_name(english:\"GLSA-200711-29 : Samba: Execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200711-29\n(Samba: Execution of arbitrary code)\n\n Two vulnerabilities have been reported in nmbd. Alin Rad Pop (Secunia\n Research) discovered a boundary checking error in the\n reply_netbios_packet() function which could lead to a stack-based\n buffer overflow (CVE-2007-5398). The Samba developers discovered a\n boundary error when processing GETDC logon requests also leading to a\n buffer overflow (CVE-2007-4572).\n \nImpact :\n\n To exploit the first vulnerability, a remote unauthenticated attacker\n could send specially crafted WINS 'Name Registration' requests followed\n by a WINS 'Name Query' request. This might lead to execution of\n arbitrary code with elevated privileges. Note that this vulnerability\n is exploitable only when WINS server support is enabled in Samba. The\n second vulnerability could be exploited by sending specially crafted\n 'GETDC' mailslot requests, but requires Samba to be configured as a\n Primary or Backup Domain Controller. It is not believed the be\n exploitable to execute arbitrary code.\n \nWorkaround :\n\n To work around the first vulnerability, disable WINS support in Samba\n by setting 'wins support = no' in the 'global' section of your\n smb.conf and restart Samba.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200711-29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Samba users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-3.0.27a'\n The first vulnerability (CVE-2007-5398) was already fixed in Samba\n 3.0.26a-r2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-fs/samba\", unaffected:make_list(\"ge 3.0.27a\"), vulnerable:make_list(\"lt 3.0.27a\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Samba\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-12T14:46:08", "references": ["https://rhn.redhat.com/errata/rh21as-errata.html", "http://www.ict.swin.edu.au/staff/jnewbigin"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "2", "packageVersion": "2.2.12-1.21as.8.1", "packageFilename": "samba-common-2.2.12-1.21as.8.1.i386.rpm", "packageName": "samba-common", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "2", "packageVersion": "2.2.12-1.21as.8.1", "packageFilename": "samba-swat-2.2.12-1.21as.8.1.i386.rpm", "packageName": "samba-swat", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "2", "packageVersion": "2.2.12-1.21as.8.1", "packageFilename": "samba-client-2.2.12-1.21as.8.1.i386.rpm", "packageName": "samba-client", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "2", "packageVersion": "2.2.12-1.21as.8.1", "packageFilename": "samba-2.2.12-1.21as.8.1.i386.rpm", "packageName": "samba", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2007:1013-01\n\n\nSamba is a suite of programs used by machines to share files, printers, and\r\nother information.\r\n\r\nA buffer overflow flaw was found in the way Samba creates NetBIOS replies.\r\nIf a Samba server is configured to run as a WINS server, a remote\r\nunauthenticated user could cause the Samba server to crash or execute\r\narbitrary code. (CVE-2007-5398)\r\n\r\nA heap-based buffer overflow flaw was found in the way Samba authenticates\r\nusers. A remote unauthenticated user could trigger this flaw to cause the\r\nSamba server to crash. Careful analysis of this flaw has determined that\r\narbitrary code execution is not possible, and under most circumstances will\r\nnot result in a crash of the Samba server. (CVE-2007-4572)\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research, and the Samba\r\ndevelopers for responsibly disclosing these issues.\r\n\r\nUsers of Samba are advised to ugprade to these updated packages, which\r\ncontain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/014441.html\n\n**Affected packages:**\nsamba\nsamba-client\nsamba-common\nsamba-swat\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 2, "reporter": "CentOS Project", "published": "2007-11-15T23:26:10", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "samba security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-11-15T23:26:10", "href": "http://lists.centos.org/pipermail/centos-announce/2007-November/014441.html", "id": "CESA-2007:1013-01", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-12T14:45:11", "references": ["http://pasi.pirhonen.eu/", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B", "https://rhn.redhat.com/errata/RHSA-2007-1013.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ia64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390x", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ia64", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ia64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390x", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "any", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "any", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "i386", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "x86_64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390x", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.1.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.1.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "ia64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.1.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.1", "arch": "s390x", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.1.s390x.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2007:1013\n\n\nSamba is a suite of programs used by machines to share files, printers, and\r\nother information.\r\n\r\nA buffer overflow flaw was found in the way Samba creates NetBIOS replies.\r\nIf a Samba server is configured to run as a WINS server, a remote\r\nunauthenticated user could cause the Samba server to crash or execute\r\narbitrary code. (CVE-2007-5398)\r\n\r\nA heap-based buffer overflow flaw was found in the way Samba authenticates\r\nusers. A remote unauthenticated user could trigger this flaw to cause the\r\nSamba server to crash. Careful analysis of this flaw has determined that\r\narbitrary code execution is not possible, and under most circumstances will\r\nnot result in a crash of the Samba server. (CVE-2007-4572)\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research, and the Samba\r\ndevelopers for responsibly disclosing these issues.\r\n\r\nUsers of Samba are advised to ugprade to these updated packages, which\r\ncontain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/014437.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/014438.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/014444.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/014448.html\n\n**Affected packages:**\nsamba\nsamba-client\nsamba-common\nsamba-swat\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-1013.html", "edition": 2, "reporter": "CentOS Project", "published": "2007-11-15T19:31:12", "title": "samba security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-11-16T14:58:05", "href": "http://lists.centos.org/pipermail/centos-announce/2007-November/014437.html", "id": "CESA-2007:1013", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-12T14:46:32", "references": ["http://pasi.pirhonen.eu/", "https://rhn.redhat.com/errata/RHSA-2007-1016.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-3.0.25b-1.c4.2.s390x.rpm", "packageName": "samba", "arch": "s390x", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-client-3.0.25b-1.c4.2.ia64.rpm", "packageName": "samba-client", "arch": "ia64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-common-3.0.25b-1.c4.2.s390x.rpm", "packageName": "samba-common", "arch": "s390x", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-common-3.0.25b-1.c4.2.s390.rpm", "packageName": "samba-common", "arch": "s390", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-3.0.25b-1.c4.2.ia64.rpm", "packageName": "samba", "arch": "ia64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-client-3.0.25b-1.c4.2.s390x.rpm", "packageName": "samba-client", "arch": "s390x", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-common-3.0.25b-1.c4.2.ia64.rpm", "packageName": "samba-common", "arch": "ia64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-3.0.25b-1.c4.2.s390.rpm", "packageName": "samba", "arch": "s390", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-swat-3.0.25b-1.c4.2.s390x.rpm", "packageName": "samba-swat", "arch": "s390x", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-swat-3.0.25b-1.c4.2.s390.rpm", "packageName": "samba-swat", "arch": "s390", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-swat-3.0.25b-1.c4.2.ia64.rpm", "packageName": "samba-swat", "arch": "ia64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.2", "packageFilename": "samba-client-3.0.25b-1.c4.2.s390.rpm", "packageName": "samba-client", "arch": "s390", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2007:1016\n\n\nSamba is a suite of programs used by machines to share files, printers, and\r\nother information.\r\n\r\nA buffer overflow flaw was found in the way Samba creates NetBIOS replies.\r\nIf a Samba server is configured to run as a WINS server, a remote\r\nunauthenticated user could cause the Samba server to crash or execute\r\narbitrary code. (CVE-2007-5398)\r\n\r\nA heap-based buffer overflow flaw was found in the way Samba authenticates\r\nusers. A remote unauthenticated user could trigger this flaw to cause the\r\nSamba server to crash. Careful analysis of this flaw has determined that\r\narbitrary code execution is not possible, and under most circumstances will\r\nnot result in a crash of the Samba server. (CVE-2007-4572)\r\n\r\nA flaw was found in the way Samba assigned group IDs under certain\r\nconditions. If the \"winbind nss info\" parameter in smb.conf is set to\r\neither \"sfu\" or \"rfc2307\", Samba users are incorrectly assigned the group\r\nID of 0. (CVE-2007-4138)\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research, Rick King,\r\nand the Samba developers for responsibly disclosing these issues.\r\n\r\nAll Samba users are advised to upgrade to these updated packages, which\r\ncontain a backported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/014428.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/014442.html\n\n**Affected packages:**\nsamba\nsamba-client\nsamba-common\nsamba-swat\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-1016.html", "edition": 2, "reporter": "CentOS Project", "published": "2007-11-15T18:56:31", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "samba security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-4138", "CVE-2007-5398"], "modified": "2007-11-16T04:39:39", "href": "http://lists.centos.org/pipermail/centos-announce/2007-November/014428.html", "id": "CESA-2007:1016", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-12T14:46:06", "references": ["https://rhn.redhat.com/errata/rh21as-errata.html", "http://www.ict.swin.edu.au/staff/jnewbigin"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "2", "packageVersion": "2.2.12-1.21as.8.2", "arch": "i386", "packageName": "samba-client", "packageFilename": "samba-client-2.2.12-1.21as.8.2.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "2", "packageVersion": "2.2.12-1.21as.8.2", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-2.2.12-1.21as.8.2.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "2", "packageVersion": "2.2.12-1.21as.8.2", "arch": "i386", "packageName": "samba", "packageFilename": "samba-2.2.12-1.21as.8.2.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "2", "packageVersion": "2.2.12-1.21as.8.2", "arch": "i386", "packageName": "samba-swat", "packageFilename": "samba-swat-2.2.12-1.21as.8.2.i386.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2007:1114-01\n\n\nSamba is a suite of programs used by machines to share files, printers, and\r\nother information.\r\n\r\nA stack buffer overflow flaw was found in the way Samba authenticates\r\nremote users. A remote unauthenticated user could trigger this flaw to\r\ncause the Samba server to crash, or execute arbitrary code with the\r\npermissions of the Samba server. (CVE-2007-6015)\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\r\nresponsibly disclosing this issue.\r\n\r\nThis update also fixes a regression caused by the fix for CVE-2007-4572,\r\nwhich prevented some clients from being able to properly access shares.\r\n\r\nUsers of Samba are advised to upgrade to these updated packages, which\r\ncontain a backported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/014501.html\n\n**Affected packages:**\nsamba\nsamba-client\nsamba-common\nsamba-swat\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 2, "reporter": "CentOS Project", "published": "2007-12-11T01:23:47", "title": "samba security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-6015"], "modified": "2007-12-11T01:23:47", "href": "http://lists.centos.org/pipermail/centos-announce/2007-December/014501.html", "id": "CESA-2007:1114-01", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-12T14:44:54", "references": ["https://rhn.redhat.com/errata/RHSA-2007-1114.html", "http://pasi.pirhonen.eu/", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "s390x", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.c4.4.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390x", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ia64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390x", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "ia64", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.c4.4.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el5_1.4.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.el5_1.4.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390x", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "any", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "any", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el5_1.4.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ia64", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el5_1.4.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "s390x", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.c4.4.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "x86_64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el5_1.4.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "ia64", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.c4.4.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.el5_1.4.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "s390", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.c4.4.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "ia64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.c4.4.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "s390", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.c4.4.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "s390x", "packageName": "samba-common", "packageFilename": "samba-common-3.0.25b-1.c4.4.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "ia64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.c4.4.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ia64", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "i386", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.9-1.3E.14.3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "i386", "packageName": "samba-client", "packageFilename": "samba-client-3.0.25b-1.el5_1.4.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "s390", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.c4.4.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "ia64", "packageName": "samba-common", "packageFilename": "samba-common-3.0.9-1.3E.14.3.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "any", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el5_1.4.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.0.25b-1.el5_1.4", "arch": "any", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.el5_1.4.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "x86_64", "packageName": "samba", "packageFilename": "samba-3.0.9-1.3E.14.3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "s390x", "packageName": "samba-swat", "packageFilename": "samba-swat-3.0.25b-1.c4.4.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "3.0.9-1.3E.14.3", "arch": "s390x", "packageName": "samba-client", "packageFilename": "samba-client-3.0.9-1.3E.14.3.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.25b-1.c4.4", "arch": "s390", "packageName": "samba", "packageFilename": "samba-3.0.25b-1.c4.4.s390.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2007:1114\n\n\nSamba is a suite of programs used by machines to share files, printers, and\r\nother information.\r\n\r\nA stack buffer overflow flaw was found in the way Samba authenticates\r\nremote users. A remote unauthenticated user could trigger this flaw to\r\ncause the Samba server to crash, or execute arbitrary code with the\r\npermissions of the Samba server. (CVE-2007-6015)\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\r\nresponsibly disclosing this issue.\r\n\r\nThis update also fixes a regression caused by the fix for CVE-2007-4572,\r\nwhich prevented some clients from being able to properly access shares.\r\n\r\nUsers of Samba are advised to upgrade to these updated packages, which\r\ncontain a backported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/014490.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/014492.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/014494.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/014495.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/014498.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/014499.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/014503.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/014504.html\n\n**Affected packages:**\nsamba\nsamba-client\nsamba-common\nsamba-swat\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-1114.html", "edition": 2, "reporter": "CentOS Project", "published": "2007-12-10T19:26:24", "title": "samba security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-6015"], "modified": "2007-12-11T01:43:53", "href": "http://lists.centos.org/pipermail/centos-announce/2007-December/014490.html", "id": "CESA-2007:1114", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:42", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572", "https://bugs.gentoo.org/show_bug.cgi?id=197519"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "3.0.27a", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "net-fs/samba", "operator": "lt"}], "edition": 1, "description": "### Background\n\nSamba is a suite of SMB and CIFS client/server programs for UNIX. \n\n### Description\n\nTwo vulnerabilities have been reported in nmbd. Alin Rad Pop (Secunia Research) discovered a boundary checking error in the reply_netbios_packet() function which could lead to a stack-based buffer overflow (CVE-2007-5398). The Samba developers discovered a boundary error when processing GETDC logon requests also leading to a buffer overflow (CVE-2007-4572). \n\n### Impact\n\nTo exploit the first vulnerability, a remote unauthenticated attacker could send specially crafted WINS \"Name Registration\" requests followed by a WINS \"Name Query\" request. This might lead to execution of arbitrary code with elevated privileges. Note that this vulnerability is exploitable only when WINS server support is enabled in Samba. The second vulnerability could be exploited by sending specially crafted \"GETDC\" mailslot requests, but requires Samba to be configured as a Primary or Backup Domain Controller. It is not believed the be exploitable to execute arbitrary code. \n\n### Workaround\n\nTo work around the first vulnerability, disable WINS support in Samba by setting \"_wins support = no_\" in the \"global\" section of your smb.conf and restart Samba. \n\n### Resolution\n\nAll Samba users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-fs/samba-3.0.27a\"\n\nThe first vulnerability (CVE-2007-5398) was already fixed in Samba 3.0.26a-r2.", "reporter": "Gentoo Foundation", "published": "2007-11-20T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "Samba: Execution of arbitrary code", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-12-05T00:00:00", "id": "GLSA-200711-29", "href": "https://security.gentoo.org/glsa/200711-29", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2016-09-02T18:33:58", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a.orig", "packageFilename": "samba_3.0.14a.orig.tar.gz", "arch": "src", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10.dsc", "arch": "src", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-doc_3.0.24-6etch8_all.deb", "arch": "all", "packageName": "samba-doc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-doc-pdf_3.0.24-6etch8_all.deb", "arch": "all", "packageName": "samba-doc-pdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8.dsc", "arch": "src", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-doc_3.0.14a-3sarge10_all.deb", "arch": "all", "packageName": "samba-doc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8.diff", "packageFilename": "samba_3.0.24-6etch8.diff.gz", "arch": "src", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10.diff", "packageFilename": "samba_3.0.14a-3sarge10.diff.gz", "arch": "src", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_mipsel.deb", "arch": "mipsel", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_amd64.deb", "arch": "x86-64", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_mipsel.deb", "arch": "mipsel", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_mips.deb", "arch": "mips", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_hppa.deb", "arch": "hppa", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-common_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbfs_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbclient_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "python-samba_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "python-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libpam-smbpass_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "libpam-smbpass", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_s390.deb", "arch": "s390x", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24.orig", "packageFilename": "samba_3.0.24.orig.tar.gz", "arch": "src", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_sparc.deb", "arch": "sparc", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient-dev_3.0.24-6etch8_mips.deb", "arch": "mips", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_amd64.deb", "arch": "x86-64", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_ia64.deb", "arch": "ia64", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "samba-dbg_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "smbfs_3.0.24-6etch8_alpha.deb", "arch": "alpha", "packageName": "smbfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "libsmbclient_3.0.24-6etch8_s390.deb", "arch": "s390x", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "python2.3-samba_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "python2.3-samba", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_arm.deb", "arch": "arm", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "winbind_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_powerpc.deb", "arch": "ppc", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "swat_3.0.24-6etch8_ia64.deb", "arch": "ia64", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-dbg_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "samba-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "swat_3.0.14a-3sarge10_hppa.deb", "arch": "hppa", "packageName": "swat", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_powerpc.deb", "arch": "ppc", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "3.0.24-6etch8", "packageFilename": "samba-common_3.0.24-6etch8_i386.deb", "arch": "i686", "packageName": "samba-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libsmbclient-dev_3.0.14a-3sarge10_alpha.deb", "arch": "alpha", "packageName": "libsmbclient-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "winbind_3.0.14a-3sarge10_arm.deb", "arch": "arm", "packageName": "winbind", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "smbclient_3.0.14a-3sarge10_i386.deb", "arch": "i686", "packageName": "smbclient", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "3.0.14a-3sarge10", "packageFilename": "libpam-smbpass_3.0.14a-3sarge10_sparc.deb", "arch": "sparc", "packageName": "libpam-smbpass", "operator": "lt"}], "edition": 1, "description": "This update fixes all currently known regressions introduced with the previous two revisions of DSA-1409. The original text is reproduced below:\n\n> Several local/remote vulnerabilities have been discovered in samba, a LanManager-like file and printer server for Unix. The Common Vulnerabilities and Exposures project identifies the following problems:\n> \n> * [CVE-2007-5398](<https://security-tracker.debian.org/tracker/CVE-2007-5398>)\n> \n> Alin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets. When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges.\n> \n> * [CVE-2007-4572](<https://security-tracker.debian.org/tracker/CVE-2007-4572>)\n> \n> Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service.\n\nFor the old stable distribution (sarge), these problems have been fixed in version 3.0.14a-3sarge10.\n\nFor the stable distribution (etch), these problems have been fixed in version 3.0.24-6etch8.\n\nFor the unstable distribution (sid), these problems have been fixed in version 3.0.27-1.\n\nWe recommend that you upgrade your samba packages.", "reporter": "Debian", "published": "2007-11-29T00:00:00", "type": "debian", "title": "samba -- several vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-11-29T00:00:00", "id": "DSA-1409", "href": "http://www.debian.org/security/dsa-1409", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:10", "references": ["https://launchpad.net/bugs/163042", "https://people.canonical.com/~ubuntu-security/cve/CVE-2007-4572", "https://usn.ubuntu.com/usn/usn-544-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "3.0.26a-1ubuntu2.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "3.0.22-1ubuntu3.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.04", "packageVersion": "3.0.24-2ubuntu1.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.10", "packageVersion": "3.0.22-1ubuntu4.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}], "description": "USN-544-1 fixed two vulnerabilities in Samba. Fixes for CVE-2007-5398 are unchanged, but the upstream changes for CVE-2007-4572 introduced a regression in all releases which caused Linux smbfs mounts to fail. Additionally, Dapper and Edgy included an incomplete patch which caused configurations using NetBIOS to fail. A proper fix for these regressions does not exist at this time, and so the patch addressing CVE-2007-4572 has been removed. This vulnerability is believed to be an unexploitable denial of service, but a future update will address this issue. We apologize for the inconvenience.\n\nOriginal advisory details:\n\nSamba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. (CVE-2007-4572)\n\nAlin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets. When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges. (CVE-2007-5398)", "edition": 3, "reporter": "Ubuntu", "published": "2007-11-16T00:00:00", "title": "Samba regression", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-11-16T00:00:00", "id": "USN-544-2", "href": "https://usn.ubuntu.com/544-2/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:23", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2007-4572", "https://people.canonical.com/~ubuntu-security/cve/CVE-2007-5398"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "3.0.26a-1ubuntu2.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.04", "packageVersion": "3.0.24-2ubuntu1.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.10", "packageVersion": "3.0.22-1ubuntu4.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "3.0.22-1ubuntu3.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}], "description": "Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. (CVE-2007-4572)\n\nAlin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets. When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges. (CVE-2007-5398)", "edition": 3, "reporter": "Ubuntu", "published": "2007-11-16T00:00:00", "title": "Samba vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-11-16T00:00:00", "id": "USN-544-1", "href": "https://usn.ubuntu.com/544-1/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:30", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1105", "https://people.canonical.com/~ubuntu-security/cve/CVE-2007-4572"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "3.0.22-1ubuntu3.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.04", "packageVersion": "3.0.24-2ubuntu1.6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "3.0.28a-1ubuntu4.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "3.0.26a-1ubuntu2.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "3.0.22-1ubuntu3.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "3.0.26a-1ubuntu2.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "samba", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.04", "packageVersion": "3.0.24-2ubuntu1.6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "3.0.28a-1ubuntu4.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsmbclient", "operator": "lt"}], "description": "Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. (CVE-2007-4572)\n\nAlin Rad Pop of Secunia Research discovered that Samba did not properly perform bounds checking when parsing SMB replies. A remote attacker could send crafted SMB packets and execute arbitrary code. (CVE-2008-1105)", "edition": 3, "reporter": "Ubuntu", "published": "2008-06-17T00:00:00", "title": "Samba vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2008-1105"], "modified": "2008-06-17T00:00:00", "id": "USN-617-1", "href": "https://usn.ubuntu.com/617-1/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:16", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1105", "https://usn.ubuntu.com/usn/usn-617-1", "https://bugs.launchpad.net/bugs/241448"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "7.04", "packageVersion": "3.0.24-2ubuntu1.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "3.0.22-1ubuntu3.8", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "3.0.26a-1ubuntu2.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "3.0.28a-1ubuntu4.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsmbclient", "operator": "lt"}], "description": "USN-617-1 fixed vulnerabilities in Samba. The upstream patch introduced a regression where under certain circumstances accessing large files might cause the client to report an invalid packet length error. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nSamba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. (CVE-2007-4572)\n\nAlin Rad Pop of Secunia Research discovered that Samba did not properly perform bounds checking when parsing SMB replies. A remote attacker could send crafted SMB packets and execute arbitrary code. (CVE-2008-1105)", "edition": 3, "reporter": "Ubuntu", "published": "2008-06-30T00:00:00", "title": "Samba regression", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2008-1105"], "modified": "2008-06-30T00:00:00", "id": "USN-617-2", "href": "https://usn.ubuntu.com/617-2/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2018-08-31T02:36:35", "references": [], "affectedPackage": [{"OS": "Slackware", "OSVersion": "10.0", "packageVersion": "3.0.27", "arch": "i486", "packageFilename": "samba-3.0.27-i486-1_slack10.0.tgz", "packageName": "samba", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "10.2", "packageVersion": "3.0.27", "arch": "i486", "packageFilename": "samba-3.0.27-i486-1_slack10.2.tgz", "packageName": "samba", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "10.1", "packageVersion": "3.0.27", "arch": "i486", "packageFilename": "samba-3.0.27-i486-1_slack10.1.tgz", "packageName": "samba", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.0", "packageVersion": "3.0.27", "arch": "i486", "packageFilename": "samba-3.0.27-i486-1_slack12.0.tgz", "packageName": "samba", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "11.0", "packageVersion": "3.0.27", "arch": "i486", "packageFilename": "samba-3.0.27-i486-1_slack11.0.tgz", "packageName": "samba", "operator": "lt"}], "description": "New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0,\nand -current to fix security issues.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398\n\n\nHere are the details from the Slackware 12.0 ChangeLog:\n\npatches/packages/samba-3.0.27-i486-1_slack12.0.tgz:\n Upgraded to samba-3.0.27.\n Samba 3.0.27 is a security release in order to address a stack buffer\n overflow in nmbd's logon request processing, and remote code execution in\n Samba's WINS server daemon (nmbd) when processing name registration followed\n name query requests.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/samba-3.0.27-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/samba-3.0.27-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/samba-3.0.27-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/samba-3.0.27-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/samba-3.0.27-i486-1_slack12.0.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-3.0.27-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 10.0 package:\nf45e9c4f7dca31a0e7d54750c41ed7cb samba-3.0.27-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\nf720d064e49e2eb076b651d4711214b7 samba-3.0.27-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\ncfbfa85b36bab92cd2c4c7533d893789 samba-3.0.27-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\n56c4e1b1556a551438b752bc333b87a2 samba-3.0.27-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n83eb1ee443157b74aae38ea82e11220e samba-3.0.27-i486-1_slack12.0.tgz\n\nSlackware -current package:\n3d151739e88c3df03e23c07af60389fd samba-3.0.27-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg samba-3.0.27-i486-1.tgz\n\nThen, restart Samba: \n > /etc/rc.d/rc.samba restart", "edition": 3, "reporter": "Slackware Linux Project", "published": "2007-11-16T17:28:32", "title": "samba", "type": "slackware", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-11-16T17:28:32", "id": "SSA-2007-320-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:46:39", "references": [], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "libmsrpc-devel-3.0.24-2.33.i586.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "samba-python-3.0.24-2.33.s390x.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "x86_64", "packageFilename": "samba-client-3.0.20b-3.17.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "0.3.6b-4.16", "arch": "i586", "packageFilename": "samba-vscan-0.3.6b-4.16.i586.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "libmsrpc-devel-3.0.23d-19.10.ppc.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "libsmbsharemodes-3.0.26a-3.3.ppc.rpm", "packageName": "libsmbsharemodes", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "samba-devel-3.0.26a-3.3.x86_64.rpm", "packageName": "samba-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "samba-python-3.0.26a-3.3.i586.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "samba-python-3.0.23d-19.10.x86_64.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "libmsrpc-3.0.24-2.33.i586.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "ppc", "packageFilename": "samba-python-3.0.20b-3.17.ppc.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "0.3.6b-98.8", "arch": "ppc", "packageFilename": "samba-vscan-0.3.6b-98.8.ppc.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "samba-3.0.26a-3.3.i586.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "x86_64", "packageFilename": "samba-python-3.0.20b-3.17.x86_64.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "samba-winbind-32bit-3.0.26a-3.3.x86_64.rpm", "packageName": "samba-winbind-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "samba-krb-printing-3.0.24-2.33.ppc.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "i586", "packageFilename": "libsmbclient-devel-3.0.22-13.36.i586.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "libsmbclient-32bit-3.0.26a-3.3.x86_64.rpm", "packageName": "libsmbclient-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "samba-winbind-32bit-3.0.23d-19.10.x86_64.rpm", "packageName": "samba-winbind-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "libsmbclient-3.0.26a-3.3.x86_64.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "libmsrpc-3.0.26a-3.3.ppc.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "libmsrpc-devel-3.0.24-2.33.ppc.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "samba-python-3.0.24-2.33.ppc.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "samba-winbind-3.0.26a-3.3.x86_64.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "samba-3.0.24-2.33.ppc.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "i586", "packageFilename": "libmsrpc-devel-3.0.22-13.36.i586.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "libsmbclient-devel-3.0.22-13.36.x86_64.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "x86_64", "packageFilename": "cifs-mount-3.0.20b-3.17.x86_64.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.7", "arch": "noarch", "packageFilename": "samba-doc-3.0.23d-19.7.noarch.rpm", "packageName": "samba-doc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "samba-winbind-64bit-3.0.24-2.33.ppc.rpm", "packageName": "samba-winbind-64bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "libsmbclient-devel-3.0.26a-3.3.x86_64.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "samba-python-3.0.24-2.33.ia64.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "libsmbclient-devel-3.0.24-2.33.i586.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "ppc", "packageFilename": "libsmbclient-3.0.20b-3.17.ppc.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "libmsrpc-devel-3.0.26a-3.3.i586.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "1.34b-110.3", "arch": "ppc", "packageFilename": "ldapsmb-1.34b-110.3.ppc.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "0.3.6b-181.3", "arch": "i586", "packageFilename": "samba-vscan-0.3.6b-181.3.i586.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "0.3.6b-42.62", "arch": "i586", "packageFilename": "samba-vscan-0.3.6b-42.62.i586.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "libsmbsharemodes-3.0.26a-3.3.x86_64.rpm", "packageName": "libsmbsharemodes", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "ppc", "packageFilename": "cifs-mount-3.0.22-13.36.ppc.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "0.3.6b-4.16", "arch": "ppc", "packageFilename": "samba-vscan-0.3.6b-4.16.ppc.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "samba-pdb-3.0.23d-19.10.i586.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "samba-client-3.0.26a-3.3.ppc.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "samba-python-3.0.24-2.33.ia64.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "libmsrpc-3.0.24-2.33.ia64.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "libmsrpc-devel-3.0.22-13.36.x86_64.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "libsmbclient-devel-3.0.24-2.33.ia64.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "libmsrpc-3.0.24-2.33.x86_64.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "ppc", "packageFilename": "libsmbclient-devel-3.0.20b-3.17.ppc.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "i586", "packageFilename": "libsmbclient-3.0.20b-3.17.i586.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "libsmbclient-3.0.23d-19.10.ppc.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "libsmbclient-3.0.23d-19.10.x86_64.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "ppc", "packageFilename": "samba-doc-3.0.20b-3.17.ppc.rpm", "packageName": "samba-doc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "cifs-mount-3.0.26a-3.3.x86_64.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "0.3.6b-181.3", "arch": "x86_64", "packageFilename": "samba-vscan-0.3.6b-181.3.x86_64.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "samba-python-3.0.24-2.33.ppc.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "0.3.6b-98.8", "arch": "x86_64", "packageFilename": "samba-vscan-0.3.6b-98.8.x86_64.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "libsmbclient-devel-3.0.23d-19.10.ppc.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "samba-winbind-3.0.24-2.33.i586.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "samba-64bit-3.0.24-2.33.ppc.rpm", "packageName": "samba-64bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "0.3.6b-42.63", "arch": "i586", "packageFilename": "samba-vscan-0.3.6b-42.63.i586.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "i586", "packageFilename": "samba-3.0.20b-3.17.i586.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "0.3.6b-42.62", "arch": "ia64", "packageFilename": "samba-vscan-0.3.6b-42.62.ia64.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "samba-client-3.0.22-13.36.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "samba-winbind-3.0.24-2.33.ppc.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "samba-winbind-3.0.24-2.33.ia64.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "ppc", "packageFilename": "samba-pdb-3.0.22-13.36.ppc.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "libsmbclient-devel-3.0.24-2.33.ppc.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "samba-krb-printing-3.0.23d-19.10.i586.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "libmsrpc-3.0.24-2.33.s390x.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "0.3.6b-42.62", "arch": "ppc", "packageFilename": "samba-vscan-0.3.6b-42.62.ppc.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "libsmbclient-3.0.24-2.33.ia64.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "i586", "packageFilename": "libmsrpc-3.0.22-13.36.i586.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "libsmbclient-3.0.26a-3.3.ppc.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "ppc", "packageFilename": "samba-pdb-3.0.20b-3.17.ppc.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "x86_64", "packageFilename": "libsmbclient-devel-3.0.20b-3.17.x86_64.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "0.3.6b-4.16", "arch": "x86_64", "packageFilename": "samba-vscan-0.3.6b-4.16.x86_64.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "libmsrpc-3.0.26a-3.3.x86_64.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "libsmbclient-64bit-3.0.24-2.33.ppc.rpm", "packageName": "libsmbclient-64bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "libmsrpc-3.0.24-2.33.i586.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "libsmbclient-x86-3.0.24-2.33.ia64.rpm", "packageName": "libsmbclient-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "libmsrpc-3.0.23d-19.10.i586.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "ppc", "packageFilename": "samba-3.0.20b-3.17.ppc.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "cifs-mount-3.0.23d-19.10.i586.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "i586", "packageFilename": "samba-pdb-3.0.22-13.36.i586.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "samba-client-3.0.24-2.33.ppc.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "i586", "packageFilename": "samba-pdb-3.0.20b-3.17.i586.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "i586", "packageFilename": "libsmbclient-devel-3.0.20b-3.17.i586.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "libmsrpc-3.0.23d-19.10.x86_64.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "1.34b-110.3", "arch": "x86_64", "packageFilename": "ldapsmb-1.34b-110.3.x86_64.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "x86_64", "packageFilename": "samba-3.0.20b-3.17.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "samba-client-32bit-3.0.22-13.36.x86_64.rpm", "packageName": "samba-client-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "samba-winbind-3.0.24-2.33.x86_64.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "samba-winbind-3.0.24-2.33.s390x.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "cifs-mount-3.0.26a-3.3.ppc.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.34b-27.8", "arch": "x86_64", "packageFilename": "ldapsmb-1.34b-27.8.x86_64.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "libsmbclient-devel-3.0.24-2.33.x86_64.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "x86_64", "packageFilename": "samba-winbind-3.0.20b-3.17.x86_64.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "samba-krb-printing-3.0.24-2.33.s390x.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "libsmbclient-devel-3.0.24-2.33.s390x.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "libsmbclient-devel-3.0.23d-19.10.x86_64.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "samba-krb-printing-3.0.24-2.33.x86_64.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "cifs-mount-3.0.24-2.33.ppc.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "x86_64", "packageFilename": "samba-pdb-3.0.20b-3.17.x86_64.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "libmsrpc-3.0.24-2.33.ia64.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "libmsrpc-devel-3.0.24-2.33.x86_64.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "cifs-mount-3.0.23d-19.10.x86_64.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "samba-winbind-3.0.23d-19.10.i586.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "i586", "packageFilename": "cifs-mount-3.0.22-13.36.i586.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "samba-winbind-3.0.22-13.36.x86_64.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "samba-32bit-3.0.23d-19.10.x86_64.rpm", "packageName": "samba-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "samba-krb-printing-3.0.24-2.33.ia64.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "libsmbclient-32bit-3.0.23d-19.10.x86_64.rpm", "packageName": "libsmbclient-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "samba-client-32bit-3.0.24-2.33.x86_64.rpm", "packageName": "samba-client-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "samba-32bit-3.0.24-2.33.s390x.rpm", "packageName": "samba-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "libmsrpc-devel-3.0.24-2.33.ia64.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "samba-3.0.23d-19.10.ppc.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "libsmbclient-3.0.24-2.33.i586.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "samba-pdb-3.0.24-2.33.i586.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "samba-winbind-3.0.23d-19.10.x86_64.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "i586", "packageFilename": "samba-client-3.0.22-13.36.i586.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "samba-client-3.0.24-2.33.i586.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "libsmbclient-3.0.22-13.36.x86_64.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "i586", "packageFilename": "cifs-mount-3.0.20b-3.17.i586.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "samba-client-64bit-3.0.24-2.33.ppc.rpm", "packageName": "samba-client-64bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "libmsrpc-devel-3.0.23d-19.10.x86_64.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "samba-3.0.24-2.33.ia64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "ppc", "packageFilename": "samba-winbind-3.0.20b-3.17.ppc.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "samba-client-32bit-3.0.23d-19.10.x86_64.rpm", "packageName": "samba-client-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "ppc", "packageFilename": "libmsrpc-3.0.22-13.36.ppc.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "i586", "packageFilename": "libsmbclient-3.0.22-13.36.i586.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "samba-3.0.22-13.36.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "libsmbclient-devel-3.0.23d-19.10.i586.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "noarch", "packageFilename": "samba-doc-3.0.26a-3.3.noarch.rpm", "packageName": "samba-doc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "cifs-mount-3.0.22-13.36.x86_64.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "1.34b-110.3", "arch": "i586", "packageFilename": "ldapsmb-1.34b-110.3.i586.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "0.3.6b-42.62", "arch": "s390x", "packageFilename": "samba-vscan-0.3.6b-42.62.s390x.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "cifs-mount-3.0.24-2.33.i586.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "0.3.6b-42.63", "arch": "ppc", "packageFilename": "samba-vscan-0.3.6b-42.63.ppc.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "libsmbclient-3.0.24-2.33.s390x.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.33-6.17", "arch": "x86_64", "packageFilename": "ldapsmb-1.33-6.17.x86_64.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "samba-python-3.0.26a-3.3.ppc.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "ppc", "packageFilename": "cifs-mount-3.0.20b-3.17.ppc.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "cifs-mount-3.0.23d-19.10.ppc.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "libsmbclient-devel-3.0.24-2.33.s390x.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "x86_64", "packageFilename": "libsmbclient-3.0.20b-3.17.x86_64.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "cifs-mount-3.0.24-2.33.ia64.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.34b-27.8", "arch": "ppc", "packageFilename": "ldapsmb-1.34b-27.8.ppc.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "samba-python-3.0.22-13.36.x86_64.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.34a-18.32", "arch": "x86_64", "packageFilename": "ldapsmb-1.34a-18.32.x86_64.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "libmsrpc-devel-3.0.24-2.33.s390x.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "samba-32bit-3.0.26a-3.3.x86_64.rpm", "packageName": "samba-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "samba-32bit-3.0.24-2.33.x86_64.rpm", "packageName": "samba-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "i586", "packageFilename": "samba-winbind-3.0.20b-3.17.i586.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "libsmbsharemodes-devel-3.0.26a-3.3.i586.rpm", "packageName": "libsmbsharemodes-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "libsmbclient-devel-3.0.26a-3.3.i586.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "samba-python-3.0.26a-3.3.x86_64.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "libsmbclient-devel-3.0.24-2.33.ia64.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "0.3.6b-181.3", "arch": "ppc", "packageFilename": "samba-vscan-0.3.6b-181.3.ppc.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "samba-pdb-3.0.24-2.33.x86_64.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "samba-client-3.0.26a-3.3.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "ppc", "packageFilename": "samba-client-3.0.20b-3.17.ppc.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "cifs-mount-3.0.24-2.33.x86_64.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "libsmbclient-3.0.26a-3.3.i586.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "samba-3.0.24-2.33.s390x.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "libsmbclient-3.0.24-2.33.ppc.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "samba-client-3.0.26a-3.3.i586.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "samba-client-3.0.24-2.33.ia64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "x86_64", "packageFilename": "samba-doc-3.0.20b-3.17.x86_64.rpm", "packageName": "samba-doc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "i586", "packageFilename": "samba-client-3.0.20b-3.17.i586.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "ppc", "packageFilename": "samba-3.0.22-13.36.ppc.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "libmsrpc-devel-3.0.24-2.33.ppc.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "samba-krb-printing-3.0.26a-3.3.ppc.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "samba-client-32bit-3.0.24-2.33.s390x.rpm", "packageName": "samba-client-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "libmsrpc-3.0.24-2.33.s390x.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "samba-winbind-32bit-3.0.24-2.33.s390x.rpm", "packageName": "samba-winbind-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "samba-pdb-3.0.24-2.33.ppc.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "0.3.6b-98.8", "arch": "i586", "packageFilename": "samba-vscan-0.3.6b-98.8.i586.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.34a-18.32", "arch": "i586", "packageFilename": "ldapsmb-1.34a-18.32.i586.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "0.3.6b-42.62", "arch": "x86_64", "packageFilename": "samba-vscan-0.3.6b-42.62.x86_64.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "libmsrpc-devel-3.0.24-2.33.ia64.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "samba-winbind-3.0.26a-3.3.i586.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "i586", "packageFilename": "samba-python-3.0.22-13.36.i586.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "libsmbclient-3.0.24-2.33.x86_64.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "libmsrpc-devel-3.0.26a-3.3.x86_64.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.34a-18.32", "arch": "ppc", "packageFilename": "ldapsmb-1.34a-18.32.ppc.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "ppc", "packageFilename": "samba-client-3.0.22-13.36.ppc.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "samba-winbind-x86-3.0.24-2.33.ia64.rpm", "packageName": "samba-winbind-x86", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "samba-python-3.0.24-2.33.i586.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "samba-3.0.26a-3.3.ppc.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "samba-devel-3.0.26a-3.3.ppc.rpm", "packageName": "samba-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "cifs-mount-3.0.26a-3.3.i586.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "libmsrpc-devel-3.0.23d-19.10.i586.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "i586", "packageFilename": "samba-doc-3.0.20b-3.17.i586.rpm", "packageName": "samba-doc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "samba-krb-printing-3.0.26a-3.3.i586.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "samba-python-3.0.24-2.33.x86_64.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "libmsrpc-devel-3.0.24-2.33.s390x.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "libsmbsharemodes-devel-3.0.26a-3.3.x86_64.rpm", "packageName": "libsmbsharemodes-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "libmsrpc-3.0.24-2.33.x86_64.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "samba-3.0.24-2.33.i586.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "samba-python-3.0.24-2.33.s390x.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "libmsrpc-devel-3.0.24-2.33.x86_64.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "samba-32bit-3.0.22-13.36.x86_64.rpm", "packageName": "samba-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "libsmbclient-devel-3.0.24-2.33.ppc.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "libmsrpc-devel-3.0.24-2.33.i586.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "samba-client-3.0.23d-19.10.ppc.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "i586", "packageFilename": "samba-winbind-3.0.22-13.36.i586.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "libsmbsharemodes-3.0.26a-3.3.i586.rpm", "packageName": "libsmbsharemodes", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "libmsrpc-3.0.22-13.36.x86_64.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "samba-client-3.0.24-2.33.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "libsmbsharemodes-devel-3.0.26a-3.3.ppc.rpm", "packageName": "libsmbsharemodes-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "samba-pdb-3.0.23d-19.10.ppc.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "samba-winbind-3.0.23d-19.10.ppc.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "samba-pdb-3.0.22-13.36.x86_64.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "libsmbclient-32bit-3.0.24-2.33.x86_64.rpm", "packageName": "libsmbclient-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "libsmbclient-devel-3.0.26a-3.3.ppc.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.33-6.17", "arch": "i586", "packageFilename": "ldapsmb-1.33-6.17.i586.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "libmsrpc-3.0.24-2.33.ppc.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "ppc", "packageFilename": "samba-winbind-3.0.22-13.36.ppc.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "samba-client-32bit-3.0.26a-3.3.x86_64.rpm", "packageName": "samba-client-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "samba-krb-printing-3.0.26a-3.3.x86_64.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "samba-krb-printing-3.0.23d-19.10.ppc.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "libmsrpc-3.0.26a-3.3.i586.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ppc", "packageFilename": "libmsrpc-3.0.24-2.33.ppc.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.34b-27.8", "arch": "i586", "packageFilename": "ldapsmb-1.34b-27.8.i586.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "libsmbclient-devel-3.0.24-2.33.i586.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "samba-client-3.0.24-2.33.s390x.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "ppc", "packageFilename": "libsmbclient-devel-3.0.22-13.36.ppc.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "samba-pdb-3.0.23d-19.10.x86_64.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "libmsrpc-devel-3.0.26a-3.3.ppc.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "samba-3.0.24-2.33.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "samba-python-3.0.23d-19.10.ppc.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "0.3.6b-42.63", "arch": "x86_64", "packageFilename": "samba-vscan-0.3.6b-42.63.x86_64.rpm", "packageName": "samba-vscan", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "samba-client-3.0.23d-19.10.x86_64.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "samba-pdb-3.0.24-2.33.ia64.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "ppc", "packageFilename": "samba-python-3.0.22-13.36.ppc.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "samba-python-3.0.24-2.33.x86_64.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "libsmbclient-3.0.23d-19.10.i586.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "samba-krb-printing-3.0.23d-19.10.x86_64.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "samba-client-3.0.23d-19.10.i586.rpm", "packageName": "samba-client", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-20.50", "arch": "noarch", "packageFilename": "samba-doc-3.0.22-20.50.noarch.rpm", "packageName": "samba-doc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "samba-winbind-32bit-3.0.22-13.36.x86_64.rpm", "packageName": "samba-winbind-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "samba-krb-printing-3.0.24-2.33.i586.rpm", "packageName": "samba-krb-printing", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "x86_64", "packageFilename": "libsmbclient-32bit-3.0.20b-3.17.x86_64.rpm", "packageName": "libsmbclient-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "ppc", "packageFilename": "libmsrpc-3.0.23d-19.10.ppc.rpm", "packageName": "libmsrpc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "i586", "packageFilename": "samba-devel-3.0.26a-3.3.i586.rpm", "packageName": "samba-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "libsmbclient-32bit-3.0.24-2.33.s390x.rpm", "packageName": "libsmbclient-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "samba-pdb-3.0.24-2.33.s390x.rpm", "packageName": "samba-pdb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "x86_64", "packageFilename": "samba-3.0.23d-19.10.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "i586", "packageFilename": "samba-python-3.0.24-2.33.i586.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "i586", "packageFilename": "samba-3.0.22-13.36.i586.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "samba-winbind-32bit-3.0.24-2.33.x86_64.rpm", "packageName": "samba-winbind-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.33-6.17", "arch": "ppc", "packageFilename": "ldapsmb-1.33-6.17.ppc.rpm", "packageName": "ldapsmb", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "x86_64", "packageFilename": "samba-3.0.26a-3.3.x86_64.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "samba-3.0.23d-19.10.i586.rpm", "packageName": "samba", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "3.0.23d-19.10", "arch": "i586", "packageFilename": "samba-python-3.0.23d-19.10.i586.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "x86_64", "packageFilename": "libsmbclient-32bit-3.0.22-13.36.x86_64.rpm", "packageName": "libsmbclient-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "samba-x86-3.0.24-2.33.ia64.rpm", "packageName": "samba-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "ppc", "packageFilename": "libsmbclient-3.0.22-13.36.ppc.rpm", "packageName": "libsmbclient", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "s390x", "packageFilename": "cifs-mount-3.0.24-2.33.s390x.rpm", "packageName": "cifs-mount", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "ia64", "packageFilename": "samba-client-x86-3.0.24-2.33.ia64.rpm", "packageName": "samba-client-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "3.0.26a-3.3", "arch": "ppc", "packageFilename": "samba-winbind-3.0.26a-3.3.ppc.rpm", "packageName": "samba-winbind", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "3.0.20b-3.17", "arch": "i586", "packageFilename": "samba-python-3.0.20b-3.17.i586.rpm", "packageName": "samba-python", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "3.0.22-13.36", "arch": "ppc", "packageFilename": "libmsrpc-devel-3.0.22-13.36.ppc.rpm", "packageName": "libmsrpc-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.1", "packageVersion": "3.0.24-2.33", "arch": "x86_64", "packageFilename": "libsmbclient-devel-3.0.24-2.33.x86_64.rpm", "packageName": "libsmbclient-devel", "operator": "lt"}], "description": "The samba-suite is an open-source implementation of the SMB protocol. CVE-2007-5398: Secunia Research has reported a bug in function reply_netbios_packet() that allowed remote attackers to execute arbitrary code by sending specially crafted WINS \"Name Registration\" requests followed by a WINS \"Name Query\" request packet. The exploitable code in samba can only be reached if the option \"wins support\" was enabled. CVE-2007-4572: Another bug reported by Secunia Research affected the processing of GETDC mailslot request in nmbd. This error can also be exploited remotely to execute arbitrary code, but only if samba was configured as Primary or Backup Domain Controller.\n#### Solution\nPlease install the provided samba update packages.", "edition": 1, "reporter": "Suse", "published": "2007-12-05T16:05:59", "title": "remote code execution in samba", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4572", "CVE-2007-5398"], "modified": "2007-12-05T16:05:59", "id": "SUSE-SA:2007:065", "href": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00003.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:35", "references": [], "description": "# No description provided by the source\n\n## References:\nVendor Specific Solution URL: http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml\nVendor Specific News/Changelog Entry: http://docs.info.apple.com/article.html?artnum=307179</a>\nVendor Specific News/Changelog Entry: https://issues.rpath.com/browse/RPL-1894</a>\nVendor Specific News/Changelog Entry: http://us1.samba.org/samba/security/CVE-2007-4572.html</a>\n[Vendor Specific Advisory URL](http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00003.html)\n[Vendor Specific Advisory URL](http://lists.vmware.com/pipermail/security-announce/2008/000002.html)\nSecurity Tracker: 1018954\n[Secunia Advisory ID:27450](https://secuniaresearch.flexerasoftware.com/advisories/27450/)\n[Secunia Advisory ID:27742](https://secuniaresearch.flexerasoftware.com/advisories/27742/)\n[Secunia Advisory ID:27720](https://secuniaresearch.flexerasoftware.com/advisories/27720/)\n[Secunia Advisory ID:28136](https://secuniaresearch.flexerasoftware.com/advisories/28136/)\n[Secunia Advisory ID:27691](https://secuniaresearch.flexerasoftware.com/advisories/27691/)\n[Secunia Advisory ID:27682](https://secuniaresearch.flexerasoftware.com/advisories/27682/)\n[Secunia Advisory ID:27701](https://secuniaresearch.flexerasoftware.com/advisories/27701/)\n[Secunia Advisory ID:27731](https://secuniaresearch.flexerasoftware.com/advisories/27731/)\n[Secunia Advisory ID:27787](https://secuniaresearch.flexerasoftware.com/advisories/27787/)\n[Secunia Advisory ID:27927](https://secuniaresearch.flexerasoftware.com/advisories/27927/)\n[Secunia Advisory ID:27679](https://secuniaresearch.flexerasoftware.com/advisories/27679/)\n[Secunia Advisory ID:28368](https://secuniaresearch.flexerasoftware.com/advisories/28368/)\n[Related OSVDB ID: 1016820](https://vulners.com/osvdb/OSVDB:1016820)\n[Related OSVDB ID: 39179](https://vulners.com/osvdb/OSVDB:39179)\nRedHat RHSA: RHSA-2007:1016\nRedHat RHSA: RHSA-2007:1017\nRedHat RHSA: RHSA-2007:1013\nOther Advisory URL: http://www.debian.org/security/2007/dsa-1409\nOther Advisory URL: http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-544-1\nOther Advisory URL: http://www.ubuntu.com/usn/usn-544-2\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html\nOther Advisory URL: http://www.ubuntu.com/usn/usn-544-1\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2007_65_samba.html\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-November/000276.html\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:224\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-11/0218.html\nISS X-Force ID: 38501\nFrSIRT Advisory: ADV-2007-3869\nFrSIRT Advisory: ADV-2007-4238\n[CVE-2007-4572](https://vulners.com/cve/CVE-2007-4572)\nCERT: TA07-352A\nBugtraq ID: 26454\n", "edition": 1, "reporter": "OSVDB", "published": "2007-11-15T14:18:18", "title": "Samba nmbd Crafted GETDC mailslot Request Remote Overflow", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-4572"], "modified": "2007-11-15T14:18:18", "href": "https://vulners.com/osvdb/OSVDB:39180", "id": "OSVDB:39180", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-04-28T13:20:35", "references": [], "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://docs.info.apple.com/article.html?artnum=307179</a>\nVendor Specific News/Changelog Entry: https://issues.rpath.com/browse/RPL-1894</a>\nVendor Specific News/Changelog Entry: http://us1.samba.org/samba/security/CVE-2007-5398.html</a>\n[Vendor Specific Advisory URL](http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00003.html)\n[Vendor Specific Advisory URL](http://lists.vmware.com/pipermail/security-announce/2008/000002.html)\nSecurity Tracker: 1018953\n[Secunia Advisory ID:27450](https://secuniaresearch.flexerasoftware.com/advisories/27450/)\n[Secunia Advisory ID:27742](https://secuniaresearch.flexerasoftware.com/advisories/27742/)\n[Secunia Advisory ID:27720](https://secuniaresearch.flexerasoftware.com/advisories/27720/)\n[Secunia Advisory ID:28136](https://secuniaresearch.flexerasoftware.com/advisories/28136/)\n[Secunia Advisory ID:27691](https://secuniaresearch.flexerasoftware.com/advisories/27691/)\n[Secunia Advisory ID:27682](https://secuniaresearch.flexerasoftware.com/advisories/27682/)\n[Secunia Advisory ID:27701](https://secuniaresearch.flexerasoftware.com/advisories/27701/)\n[Secunia Advisory ID:27731](https://secuniaresearch.flexerasoftware.com/advisories/27731/)\n[Secunia Advisory ID:27787](https://secuniaresearch.flexerasoftware.com/advisories/27787/)\n[Secunia Advisory ID:27927](https://secuniaresearch.flexerasoftware.com/advisories/27927/)\n[Secunia Advisory ID:27679](https://secuniaresearch.flexerasoftware.com/advisories/27679/)\n[Secunia Advisory ID:28368](https://secuniaresearch.flexerasoftware.com/advisories/28368/)\n[Related OSVDB ID: 39180](https://vulners.com/osvdb/OSVDB:39180)\n[Related OSVDB ID: 1017399](https://vulners.com/osvdb/OSVDB:1017399)\nRedHat RHSA: RHSA-2007:1016\nRedHat RHSA: RHSA-2007:1017\nRedHat RHSA: RHSA-2007:1013\nOther Advisory URL: http://www.debian.org/security/2007/dsa-1409\nOther Advisory URL: http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-544-1\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html\nOther Advisory URL: http://www.ubuntu.com/usn/usn-544-1\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml\nOther Advisory URL: http://secunia.com/secunia_research/2007-90/advisory/\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2007_65_samba.html\nOther Advisory URL: http://securityreason.com/securityalert/3372\nOther Advisory URL: http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:224\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-November/000276.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-11/0219.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-11/0220.html\nISS X-Force ID: 38502\nFrSIRT Advisory: ADV-2007-3869\nFrSIRT Advisory: ADV-2007-4238\n[CVE-2007-5398](https://vulners.com/cve/CVE-2007-5398)\nCERT: TA07-352A\nBugtraq ID: 26455\n", "edition": 1, "reporter": "OSVDB", "published": "2007-11-15T14:18:18", "title": "Samba nmbd nmbd/nmbd_packets.c reply_netbios_packet Function Remote Overflow", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-5398"], "modified": "2007-11-15T14:18:18", "href": "https://vulners.com/osvdb/OSVDB:39179", "id": "OSVDB:39179", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "samba": [{"lastseen": "2018-08-31T00:35:45", "references": [], "description": "Samba developers have discovered what is believed to be a non-exploitable buffer over in nmbd during the processing of GETDC logon server requests. This code is only used when the Samba server is configured as a Primary or Backup Domain Controller.", "edition": 3, "reporter": "Samba", "published": "2007-11-15T00:00:00", "title": "Stack buffer overflow in nmbd's logon request processing. ", "type": "samba", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Samba", "version": "3.0.26a", "operator": "le"}], "cvelist": ["CVE-2007-4572"], "modified": "2007-11-15T00:00:00", "id": "SAMBA:CVE-2007-4572", "href": "https://www.samba.org/samba/security/CVE-2007-4572.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:35:44", "references": [], "description": "Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect may only be exploited when the &quot;wins support&quot; parameter has been enabled in smb.conf.", "edition": 3, "reporter": "Samba", "published": "2007-11-15T00:00:00", "title": "Remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests. ", "type": "samba", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Samba", "version": "3.0.26a", "operator": "le"}], "cvelist": ["CVE-2007-5398"], "modified": "2007-11-15T00:00:00", "id": "SAMBA:CVE-2007-5398", "href": "https://www.samba.org/samba/security/CVE-2007-5398.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T21:54:49", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 26454\r\nCVE(CAN) ID: CVE-2007-4572\r\n\r\nSamba\u662f\u4e00\u5957\u5b9e\u73b0SMB\uff08Server Messages Block\uff09\u534f\u8bae\u3001\u8de8\u5e73\u53f0\u8fdb\u884c\u6587\u4ef6\u5171\u4eab\u548c\u6253\u5370\u5171\u4eab\u670d\u52a1\u7684\u7a0b\u5e8f\u3002\r\n\r\nSamba\u7684nmbd\u5728\u5904\u7406GETDC\u767b\u5f55\u670d\u52a1\u5668\u8bf7\u6c42\u65f6\u5b58\u5728\u7f13\u51b2\u5668\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u53ef\u80fd\u5bfc\u81f4\u975e\u9884\u671f\u7684\u670d\u52a1\u5668\u884c\u4e3a\u3002\r\n\r\n\u5982\u679c\u8fdc\u7a0b\u653b\u51fb\u8005\u53d1\u9001\u4e86\u7578\u5f62\u7684GETDC\u8bf7\u6c42\u7684\u8bdd\u5c31\u53ef\u4ee5\u89e6\u53d1\u8fd9\u4e2a\u6f0f\u6d1e\uff0c\u4f46\u65e0\u6cd5\u5229\u7528\u8fd9\u4e2a\u6ea2\u51fa\u6267\u884c\u4efb\u610f\u6307\u4ee4\uff0c\u5728\u5927\u591a\u6570\u60c5\u51b5\u4e0b\u4e5f\u4e0d\u4f1a\u5bfc\u81f4Samba\u670d\u52a1\u5668\u5d29\u6e83\u3002\u4ec5\u5728\u5c06Samba\u670d\u52a1\u5668\u914d\u7f6e\u4e3a\u4e3b\u6216\u5907\u4efd\u57df\u63a7\u5236\u5668\u65f6\u624d\u4f1a\u51fa\u73b0\u8fd9\u4e2a\u6f0f\u6d1e\u3002\r\n\r\n\n\nSamba 3.0.0 - 3.0.26a\n \u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n* \u5728\u670d\u52a1\u5668\u7684smb.conf\u6587\u4ef6\u4e2d\u7981\u7528domain logons\u548cdomain master\u9009\u9879\u3002\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\uff08RHSA-2007:1017-01\u3001RHSA-2007:1016-01\u3001RHSA-2007:1013-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2007:1017-01\uff1aCritical: samba security update\r\n\u94fe\u63a5\uff1a<a href=\"https://www.redhat.com/support/errata/RHSA-2007-1017.html\" target=\"_blank\">https://www.redhat.com/support/errata/RHSA-2007-1017.html</a>\r\n\r\nRHSA-2007:1016-01\uff1aCritical: samba security update\r\n\u94fe\u63a5\uff1a<a href=\"https://www.redhat.com/support/errata/RHSA-2007-1016.html\" target=\"_blank\">https://www.redhat.com/support/errata/RHSA-2007-1016.html</a>\r\n\r\nRHSA-2007:1013-01\uff1aCritical: samba security update\r\n\u94fe\u63a5\uff1a<a href=\"https://www.redhat.com/support/errata/RHSA-2007-1013.html\" target=\"_blank\">https://www.redhat.com/support/errata/RHSA-2007-1013.html</a>\r\n\r\nSamba\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://us1.samba.org/samba/ftp/patches/security/samba-3.0.26a-CVE-2007_-4572.patch\" target=\"_blank\">http://us1.samba.org/samba/ftp/patches/security/samba-3.0.26a-CVE-2007_-4572.patch</a>", "reporter": "Root", "published": "2007-11-17T00:00:00", "type": "seebug", "title": "Samba NMBD\u767b\u5f55\u8bf7\u6c42\u8fdc\u7a0b\u6ea2\u51fa\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2007-4572"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2007-11-17T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-2434", "id": "SSV:2434", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "status": "details"}, {"lastseen": "2017-11-19T21:55:02", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 26455\r\nCVE(CAN) ID: CVE-2007-5398\r\n\r\nSamba\u662f\u4e00\u5957\u5b9e\u73b0SMB\uff08Server Messages Block\uff09\u534f\u8bae\u3001\u8de8\u5e73\u53f0\u8fdb\u884c\u6587\u4ef6\u5171\u4eab\u548c\u6253\u5370\u5171\u4eab\u670d\u52a1\u7684\u7a0b\u5e8f\u3002\r\n\r\nSamba\u7684nmbd/nmbd_packets.c\u6587\u4ef6\u4e2d\u7684reply_netbios_packet()\u51fd\u6570\u5728\u53d1\u9001NetBIOS\u56de\u590d\u65f6\u5b58\u5728\u6808\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6b64\u6f0f\u6d1e\u63a7\u5236\u670d\u52a1\u5668\u3002\r\n\r\n\u5982\u679c\u5ba2\u6237\u7aef\u53d1\u9001\u4e86\u591a\u4e2a\u7279\u5236\u7684WINS \u201cName Registration\u201d\u8bf7\u6c42\u5e76\u8ddf\u968f\u6709WINS \u201cName Query\u201d\u8bf7\u6c42\u7684\u8bdd\uff0c\u5c31\u53ef\u4ee5\u89e6\u53d1\u8fd9\u4e2a\u6ea2\u51fa\uff0c\u5bfc\u81f4\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\u4f46\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\u8981\u6c42\u5c06Samba\u914d\u7f6e\u4e3a\u7528\u4f5cWINS\u670d\u52a1\u5668\uff0c\u4e5f\u5c31\u662f\u542f\u7528\u4e86wins\u652f\u6301\u9009\u9879\u3002\r\n\r\n\n\nSamba Samba 3.0.0 - 3.0.26a\n \u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n* \u5728\u670d\u52a1\u5668\u7684smb.conf\u6587\u4ef6\u4e2d\u7981\u7528wins support\u529f\u80fd\u3002\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\uff08RHSA-2007:1017-01\u3001RHSA-2007:1016-01\u3001RHSA-2007:1013-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2007:1017-01\uff1aCritical: samba security update\r\n\u94fe\u63a5\uff1a<a href=\"https://www.redhat.com/support/errata/RHSA-2007-1017.html\" target=\"_blank\">https://www.redhat.com/support/errata/RHSA-2007-1017.html</a>\r\n\r\nRHSA-2007:1016-01\uff1aCritical: samba security update\r\n\u94fe\u63a5\uff1a<a href=\"https://www.redhat.com/support/errata/RHSA-2007-1016.html\" target=\"_blank\">https://www.redhat.com/support/errata/RHSA-2007-1016.html</a>\r\n\r\nRHSA-2007:1013-01\uff1aCritical: samba security update\r\n\u94fe\u63a5\uff1a<a href=\"https://www.redhat.com/support/errata/RHSA-2007-1013.html\" target=\"_blank\">https://www.redhat.com/support/errata/RHSA-2007-1013.html</a>\r\n\r\nSamba\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://us1.samba.org/samba/ftp/stable/samba-3.0.27.tar.gz\" target=\"_blank\">http://us1.samba.org/samba/ftp/stable/samba-3.0.27.tar.gz</a>", "reporter": "Root", "published": "2007-11-17T00:00:00", "type": "seebug", "title": "Samba nmbd_packets.c NetBIOS\u56de\u590d\u6808\u6ea2\u51fa\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2007-5398"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2007-11-17T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-2435", "id": "SSV:2435", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "status": "details"}], "vmware": [{"lastseen": "2018-09-02T02:40:43", "references": [], "affectedPackage": [], "description": "I Service Console package security updates\n", "edition": 3, "reporter": "VMware", "published": "2008-01-07T00:00:00", "title": "Updated service console patches.", "type": "vmware", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-3108", "CVE-2007-5191", "CVE-2007-5360", "CVE-2007-4572", "CVE-2007-5135", "CVE-2007-5116", "CVE-2007-5398"], "modified": "2008-01-22T00:00:00", "id": "VMSA-2008-0001", "href": "https://www.vmware.com/security/advisories/VMSA-2008-0001.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}