{"openvas": [{"lastseen": "2020-06-10T17:44:12", "description": "Samba is prone to a denial of service vulnerability.", "cvss3": {}, "published": "2020-05-05T00:00:00", "type": "openvas", "title": "Samba DoS Vulnerability (CVE-2020-10700)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310143637", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310143637", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:samba:samba\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.143637\");\n script_version(\"2020-06-09T06:40:15+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 06:40:15 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-05 08:07:59 +0000 (Tue, 05 May 2020)\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2020-10700\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Samba DoS Vulnerability (CVE-2020-10700)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"smb_nativelanman.nasl\", \"gb_samba_detect.nasl\");\n script_mandatory_keys(\"samba/smb_or_ssh/detected\");\n\n script_tag(name:\"summary\", value:\"Samba is prone to a denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A use-after-free flaw was found in the way samba AD DC LDAP servers, handled\n 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw\n to cause denial of service.\");\n\n script_tag(name:\"affected\", value:\"Samba version 4.10.0 and later.\");\n\n script_tag(name:\"solution\", value:\"Update to version 4.10.15, 4.11.8, 4.12.2 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2020-10700.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif (version_in_range(version: version, test_version: \"4.10.0\", test_version2: \"4.10.14\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.10.15\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.11.0\", test_version2: \"4.11.7\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.11.8\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.12.0\", test_version2: \"4.12.1\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.12.2\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-18T15:21:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-11T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for libldb (FEDORA-2020-e244c98af5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310877815", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877815", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877815\");\n script_version(\"2020-05-15T04:25:55+0000\");\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 04:25:55 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-11 03:22:25 +0000 (Mon, 11 May 2020)\");\n script_name(\"Fedora: Security Advisory for libldb (FEDORA-2020-e244c98af5)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-e244c98af5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3NB2S4UPHNZCMEULJ3HCI5VEJ2FNHFG\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libldb'\n package(s) announced via the FEDORA-2020-e244c98af5 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An extensible library that implements an LDAP like API to access remote LDAP\nservers, or use local tdb databases.\");\n\n script_tag(name:\"affected\", value:\"'libldb' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb\", rpm:\"libldb~1.5.7~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-18T15:23:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-11T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for libldb (FEDORA-2020-9cf0b1c8f1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310877810", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877810", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877810\");\n script_version(\"2020-05-15T04:25:55+0000\");\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 04:25:55 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-11 03:22:23 +0000 (Mon, 11 May 2020)\");\n script_name(\"Fedora: Security Advisory for libldb (FEDORA-2020-9cf0b1c8f1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-9cf0b1c8f1\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5KW3ZO35NVDO57JSBZHTQZOS3AIQ5QE\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libldb'\n package(s) announced via the FEDORA-2020-9cf0b1c8f1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An extensible library that implements an LDAP like API to access remote LDAP\nservers, or use local tdb databases.\");\n\n script_tag(name:\"affected\", value:\"'libldb' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb\", rpm:\"libldb~2.0.10~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-19T15:29:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-06T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for samba (FEDORA-2020-c931060ab7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310877785", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877785", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877785\");\n script_version(\"2020-05-15T13:28:34+0000\");\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 13:28:34 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-06 03:26:53 +0000 (Wed, 06 May 2020)\");\n script_name(\"Fedora: Security Advisory for samba (FEDORA-2020-c931060ab7)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-c931060ab7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WG54NRMES2GTURZKZH6H4BGXCD3OMJDJ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2020-c931060ab7 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.12.2~0.fc32.1\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-18T15:23:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-11T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for samba (FEDORA-2020-e244c98af5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310877793", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877793", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877793\");\n script_version(\"2020-05-15T04:25:55+0000\");\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 04:25:55 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-11 03:21:20 +0000 (Mon, 11 May 2020)\");\n script_name(\"Fedora: Security Advisory for samba (FEDORA-2020-e244c98af5)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-e244c98af5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7DVGCHG3XPIBQ5ETGMGW7MXNOO4HFH4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2020-e244c98af5 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.10.15~0.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-19T15:26:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-06T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for libldb (FEDORA-2020-c931060ab7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310877783", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877783", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877783\");\n script_version(\"2020-05-15T13:28:34+0000\");\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 13:28:34 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-06 03:26:51 +0000 (Wed, 06 May 2020)\");\n script_name(\"Fedora: Security Advisory for libldb (FEDORA-2020-c931060ab7)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-c931060ab7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZO6IMQ2R63UJQUUQO4SRMQRIKRCYYY2\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libldb'\n package(s) announced via the FEDORA-2020-c931060ab7 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An extensible library that implements an LDAP like API to access remote LDAP\nservers, or use local tdb databases.\");\n\n script_tag(name:\"affected\", value:\"'libldb' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb\", rpm:\"libldb~2.1.2~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-18T15:23:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-11T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for samba (FEDORA-2020-9cf0b1c8f1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310877818", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877818", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877818\");\n script_version(\"2020-05-15T04:25:55+0000\");\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 04:25:55 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-11 03:22:30 +0000 (Mon, 11 May 2020)\");\n script_name(\"Fedora: Security Advisory for samba (FEDORA-2020-9cf0b1c8f1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-9cf0b1c8f1\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KFJQS2U4PAJ5672UOJVMIIRYMP6NGZAE\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2020-9cf0b1c8f1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.11.8~0.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-19T15:42:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for samba (USN-4341-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310844408", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844408", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844408\");\n script_version(\"2020-05-15T13:28:34+0000\");\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 13:28:34 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-29 03:01:03 +0000 (Wed, 29 Apr 2020)\");\n script_name(\"Ubuntu: Security Advisory for samba (USN-4341-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS|UBUNTU20\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4341-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005406.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the USN-4341-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Andrei Popa discovered that Samba incorrectly handled certain LDAP queries.\nA remote attacker could use this issue to cause Samba to crash, resulting\nin a denial of service, or possibly execute arbitrary code. This issue only\naffected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10700)\n\nIt was discovered that Samba incorrectly handled certain LDAP queries. A\nremote attacker could possibly use this issue to cause Samba to consume\nresources, resulting in a denial of service. (CVE-2020-10704)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.10.7+dfsg-0ubuntu2.5\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.16\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.16.04.26\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU20.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.11.6+dfsg-0ubuntu1.1\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-21T19:53:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-07-03T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-1746)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2019-14861", "CVE-2018-16860", "CVE-2019-14902", "CVE-2019-14907", "CVE-2019-14870"], "modified": "2020-07-03T00:00:00", "id": "OPENVAS:1361412562311220201746", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201746", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1746\");\n script_version(\"2020-07-03T06:19:25+0000\");\n script_cve_id(\"CVE-2018-16860\", \"CVE-2019-14861\", \"CVE-2019-14870\", \"CVE-2019-14902\", \"CVE-2019-14907\", \"CVE-2020-10700\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-07-03 06:19:25 +0000 (Fri, 03 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-03 06:19:25 +0000 (Fri, 03 Jul 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-1746)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1746\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1746\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2020-1746 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.(CVE-2019-14870)\n\nAll Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the DNS partition allow creation of new records by authenticated users. This is used for example to allow machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following invalid memory as a pointer.(CVE-2019-14861)\n\nAll samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with 'log level = 3' (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).(CVE-2019-14907)\n\nThere is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.(CVE-2019-14902)\n\nA flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the reque ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS Virtualization 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.7.1~9.h19\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.7.1~9.h19\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.7.1~9.h19\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.7.1~9.h19\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.7.1~9.h19\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.7.1~9.h19\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.7.1~9.h19\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "metasploit": [{"lastseen": "2021-04-18T10:57:50", "description": "\n", "edition": 2, "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "SUSE: CVE-2020-10700: SUSE Linux Security Advisory", "bulletinFamily": "exploit", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/SUSE-CVE-2020-10700/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}], "samba": [{"lastseen": "2022-02-21T11:34:56", "description": "## Description\n\nSamba has, since Samba 4.0, supported the Paged Results LDAP feature,\nto allow clients to obtain pages of search results against a Samba AD\nDC using an LDAP control.\n\nSince Samba 4.7.11 and 4.8.6 a Denial of Service prevention has been\nin place in this module, to age out old client requests if more than\n10 such requests are outstanding.\n\nA rewrite of the module for more efficient memory handling in Samba\n4.11 changed the module behaviour, and combined with the above to\nintroduce the use-after-free. The use-after-free occurs when the\n'Paged Results' control is combined with the 'ASQ' control, another\nActive Directory LDAP feature.\n## Patch Availability\n\nPatches addressing both of these issues have been posted to:\n\n https://www.samba.org/samba/security/\n\nAdditionally, Samba 4.10.15, 4.11.8 and 4.12.2 have been issued\nas security releases to correct the defect. Samba administrators are\nadvised to upgrade to these releases or apply the patch as soon\nas possible.\n## CVSSv3 calculation\n\nCVSS:3.1:AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H (5.3)\n## Workaround or mitigating factors\n\nThe crash is hard to trigger, and relies in particular on the chain of\nchild and grandchild links being queried with ASQ. Malicious users\nwithout write access will need to find a suitable chain within the\nexisting directory layout.\n## Credits\n\nOriginally reported by Andrei Popa <andrei.popa@next-gen.ro>.\n\nPatches provided by Andrew Bartlett of Catalyst and the Samba team.\n\n== Our Code, Our Bugs, Our Responsibility.\n== The Samba Team", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-28T00:00:00", "type": "samba", "title": "Use-after-free in Samba AD DC LDAP Server with ASQ", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700"], "modified": "2020-04-28T00:00:00", "id": "SAMBA:CVE-2020-10700", "href": "https://www.samba.org/samba/security/CVE-2020-10700.html", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-03-17T19:02:09", "description": "## Description\n\nSamba has, since Samba 4.5, supported the VLV Active Directory LDAP\nfeature, to allow clients to obtain 'virtual list views' of search\nresults against a Samba AD DC using an LDAP control.\n\nThe combination of this control, and the ASQ control combines to allow\nan authenticated user to trigger a NULL-pointer de-reference. It is\nalso possible to trigger a use-after-free, both as the code is very\nsimilar to that addressed by CVE-2020-10700 and due to the way\nerrors are handled in the dsdb_paged_results module since Samba 4.10.\n## Patch Availability\n\nPatches addressing both of these issues have been posted to:\n\n https://www.samba.org/samba/security/\n\nAdditionally, Samba 4.10.17, 4.11.11 and 4.12.4 have been issued\nas security releases to correct the defect. Samba administrators are\nadvised to upgrade to these releases or apply the patch as soon\nas possible.\n## CVSSv3 calculation\n\nCVSS:v3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (6.5)\n## Workaround and mitigation\n\nNone.\n## Credits\n\nOriginally reported by Andrew Bartlett of Catalyst and the Samba Team.\n\nPatches provided by Andrew Bartlett and Gary Lockyer of Catalyst and\nthe Samba Team.\n\n== Our Code, Our Bugs, Our Responsibility.\n== The Samba Team", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-07-02T00:00:00", "type": "samba", "title": "NULL pointer de-reference and use-after-free", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10730"], "modified": "2020-07-02T00:00:00", "id": "SAMBA:CVE-2020-10730", "href": "https://www.samba.org/samba/security/CVE-2020-10730.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:26:37", "description": "A use-after-free flaw was found in the way samba AD DC LDAP servers,\nhandled 'Paged Results' control is combined with the 'ASQ' control. A\nmalicious user in a samba AD could use this flaw to cause denial of\nservice. This issue affects all samba versions before 4.10.15, before\n4.11.8 and before 4.12.2.\n\n#### Bugs\n\n * <https://bugzilla.samba.org/show_bug.cgi?id=14331>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | Samba 4.10.0 and later\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-28T00:00:00", "type": "ubuntucve", "title": "CVE-2020-10700", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700"], "modified": "2020-04-28T00:00:00", "id": "UB:CVE-2020-10700", "href": "https://ubuntu.com/security/CVE-2020-10700", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-05-13T07:37:46", "description": "A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-05-04T21:15:00", "type": "debiancve", "title": "CVE-2020-10700", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700"], "modified": "2020-05-04T21:15:00", "id": "DEBIANCVE:CVE-2020-10700", "href": "https://security-tracker.debian.org/tracker/CVE-2020-10700", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:00:20", "description": "A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-05-04T21:15:00", "type": "cve", "title": "CVE-2020-10700", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700"], "modified": "2020-09-01T18:15:00", "cpe": ["cpe:/o:opensuse:leap:15.2", "cpe:/o:fedoraproject:fedora:30", "cpe:/o:fedoraproject:fedora:32", "cpe:/o:fedoraproject:fedora:31"], "id": "CVE-2020-10700", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10700", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"]}], "redhatcve": [{"lastseen": "2022-05-21T01:11:08", "description": "A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.\n#### Mitigation\n\nAs per upstream, the crash is hard to trigger, and relies in particular on the chain of child and grandchild links being queried with ASQ. Malicious users without write access will need to find a suitable chain within the existing directory layout. \n\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-04-28T10:39:49", "type": "redhatcve", "title": "CVE-2020-10700", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700"], "modified": "2022-05-20T22:57:12", "id": "RH:CVE-2020-10700", "href": "https://access.redhat.com/security/cve/cve-2020-10700", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-07T03:27:34", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: samba-4.10.15-0.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-07T03:27:34", "id": "FEDORA:53FB4615E45F", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-07T04:21:24", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: libldb-2.0.10-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-07T04:21:24", "id": "FEDORA:5752E6061A97", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-07T04:21:24", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: samba-4.11.8-0.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-07T04:21:24", "id": "FEDORA:A54516061CCA", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-07T03:27:33", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: libldb-1.5.7-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-07T03:27:33", "id": "FEDORA:D2D8F600FD60", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-05T05:36:13", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: libldb-2.1.2-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-05T05:36:13", "id": "FEDORA:40FD66060C6A", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-05T05:36:13", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: samba-4.12.2-0.fc32.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-05T05:36:13", "id": "FEDORA:92C366065106", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated samba packages fix security vulnerabilities: A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a use-after-free in Samba's AD DC LDAP server (CVE-2020-10700). A deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server's stack memory causing a SIGSEGV (CVE-2020-10704). The samba package has been updated to version 4.10.15, fixing these issues and other bugs. The ldb package has been updated to version 1.5.7. The sssd package has been rebuilt for the updated ldb. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-08T10:57:54", "type": "mageia", "title": "Updated samba packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-08T10:57:54", "id": "MGASA-2020-0205", "href": "https://advisories.mageia.org/MGASA-2020-0205.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cisa": [{"lastseen": "2021-02-24T18:08:01", "description": "The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.\n\nThe Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Samba Security Announcements for [CVE-2020-10700](<https://www.samba.org/samba/security/CVE-2020-10700.html>) and [CVE-2020-10704](<https://www.samba.org/samba/security/CVE-2020-10704.html>) and apply the necessary updates and workarounds.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2020/04/28/samba-releases-security-updates>); we'd welcome your feedback.\n", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-28T00:00:00", "type": "cisa", "title": "Samba Releases Security Updates", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-04-28T00:00:00", "id": "CISA:0BFB9AE7AF46EF608722BDEE210865F3", "href": "https://us-cert.cisa.gov/ncas/current-activity/2020/04/28/samba-releases-security-updates", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nThe Samba Team reports:\n\nCVE-2020-10700\nA client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a\n\t use-after-free in Samba's AD DC LDAP server.\nCVE-2020-10704\nA deeply nested filter in an un-authenticated LDAP search can exhaust the\n\t LDAP server's stack memory causing a SIGSEGV.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-29T00:00:00", "type": "freebsd", "title": "samba -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-04-29T00:00:00", "id": "3C7911C9-8A29-11EA-8D8C-005056A311D1", "href": "https://vuxml.freebsd.org/freebsd/3c7911c9-8a29-11ea-8d8c-005056a311d1.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T11:25:39", "description": "Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. \nA remote attacker could use this issue to cause Samba to crash, resulting \nin a denial of service, or possibly execute arbitrary code. This issue only \naffected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10700)\n\nIt was discovered that Samba incorrectly handled certain LDAP queries. A \nremote attacker could possibly use this issue to cause Samba to consume \nresources, resulting in a denial of service. (CVE-2020-10704)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-28T00:00:00", "type": "ubuntu", "title": "Samba vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10704", "CVE-2020-10700"], "modified": "2020-04-28T00:00:00", "id": "USN-4341-1", "href": "https://ubuntu.com/security/notices/USN-4341-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2022-05-23T16:08:25", "description": "Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS.\n(CVE-2020-10700)\n\nIt was discovered that Samba incorrectly handled certain LDAP queries.\nA remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. (CVE-2020-10704).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-29T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.10 / 20.04 : Samba vulnerabilities (USN-4341-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:samba", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.10", "cpe:/o:canonical:ubuntu_linux:20.04"], "id": "UBUNTU_USN-4341-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136084", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4341-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136084);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_xref(name:\"USN\", value:\"4341-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.10 / 20.04 : Samba vulnerabilities (USN-4341-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Andrei Popa discovered that Samba incorrectly handled certain LDAP\nqueries. A remote attacker could use this issue to cause Samba to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS.\n(CVE-2020-10700)\n\nIt was discovered that Samba incorrectly handled certain LDAP queries.\nA remote attacker could possibly use this issue to cause Samba to\nconsume resources, resulting in a denial of service. (CVE-2020-10704).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4341-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected samba package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10700\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.10|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.10 / 20.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"samba\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.16.04.26\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"samba\", pkgver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.16\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"samba\", pkgver:\"2:4.10.7+dfsg-0ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"samba\", pkgver:\"2:4.11.6+dfsg-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-23T16:07:19", "description": "The version of Samba running on the remote host is 4.10.x prior to 4.10.15, 4.11.x prior to 4.11.8, or 4.12.x prior to 4.12.2. It is, therefore, affected by the following vulnerabilities :\n\n - A flaw exists related to handling 'ASQ' and 'Paged Results' LDAP controls that could allow use-after-free conditions having unspecified impact. (CVE-2020-10700)\n\n - A flaw exists related to handling deeply nested filters, un-authenticated LDAP searches, and stack memory that could allow application crashes.\n (CVE-2020-10704)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-30T00:00:00", "type": "nessus", "title": "Samba 4.10.x < 4.10.15 / 4.11.x < 4.11.8 / 4.12.x < 4.12.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2021-01-08T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_4_12_2.NASL", "href": "https://www.tenable.com/plugins/nessus/136177", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136177);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/08\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_xref(name:\"IAVA\", value:\"2020-A-0175-S\");\n\n script_name(english:\"Samba 4.10.x < 4.10.15 / 4.11.x < 4.11.8 / 4.12.x < 4.12.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Samba.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is potentially affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Samba running on the remote host is 4.10.x prior to\n4.10.15, 4.11.x prior to 4.11.8, or 4.12.x prior to 4.12.2. It is,\ntherefore, affected by the following vulnerabilities :\n\n - A flaw exists related to handling 'ASQ' and 'Paged\n Results' LDAP controls that could allow use-after-free\n conditions having unspecified impact. (CVE-2020-10700)\n\n - A flaw exists related to handling deeply nested\n filters, un-authenticated LDAP searches, and stack\n memory that could allow application crashes.\n (CVE-2020-10704)\n\nNote that Nessus has not tested for these issues but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.samba.org/samba/security/CVE-2020-10700.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a8fcf070\");\n # https://www.samba.org/samba/security/CVE-2020-10704.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0eb4abff\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Samba version 4.10.15 / 4.11.8 / 4.12.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10704\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/30\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp = vcf::samba::get_app_info();\nvcf::check_granularity(app_info:app, sig_segments:3);\n\nconstraints = [\n {'min_version':'4.10.0', 'fixed_version':'4.10.15'},\n {'min_version':'4.11.0', 'fixed_version':'4.11.8'},\n {'min_version':'4.12.0', 'fixed_version':'4.12.2'},\n];\n\nvcf::check_version_and_report(app_info:app, constraints:constraints, severity:SECURITY_WARNING, strict:FALSE);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-23T16:04:49", "description": "The Samba Team reports :\n\nCVE-2020-10700\n\nA client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a use-after-free in Samba's AD DC LDAP server.\n\nCVE-2020-10704\n\nA deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server's stack memory causing a SIGSEGV.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-30T00:00:00", "type": "nessus", "title": "FreeBSD : samba -- multiple vulnerabilities (3c7911c9-8a29-11ea-8d8c-005056a311d1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-11T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:samba410", "p-cpe:/a:freebsd:freebsd:samba411", "p-cpe:/a:freebsd:freebsd:samba412", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_3C7911C98A2911EA8D8C005056A311D1.NASL", "href": "https://www.tenable.com/plugins/nessus/136158", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136158);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/11\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n\n script_name(english:\"FreeBSD : samba -- multiple vulnerabilities (3c7911c9-8a29-11ea-8d8c-005056a311d1)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Samba Team reports :\n\nCVE-2020-10700\n\nA client combining the 'ASQ' and 'Paged Results' LDAP controls can\ncause a use-after-free in Samba's AD DC LDAP server.\n\nCVE-2020-10704\n\nA deeply nested filter in an un-authenticated LDAP search can exhaust\nthe LDAP server's stack memory causing a SIGSEGV.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/history/samba-4.12.2.html\"\n );\n # https://vuxml.freebsd.org/freebsd/3c7911c9-8a29-11ea-8d8c-005056a311d1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b46984a3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10700\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba410\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba411\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba412\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"samba410<4.10.15\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba411<4.11.8\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba412<4.12.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-23T16:09:42", "description": "Update to Samba 4.10.15\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-07T00:00:00", "type": "nessus", "title": "Fedora 30 : 2:samba / libldb (2020-e244c98af5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:samba", "p-cpe:/a:fedoraproject:fedora:libldb", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2020-E244C98AF5.NASL", "href": "https://www.tenable.com/plugins/nessus/136383", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-e244c98af5.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136383);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/11\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_xref(name:\"FEDORA\", value:\"2020-e244c98af5\");\n\n script_name(english:\"Fedora 30 : 2:samba / libldb (2020-e244c98af5)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Samba 4.10.15\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-e244c98af5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:samba and / or libldb packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10700\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"samba-4.10.15-0.fc30\", epoch:\"2\")) flag++;\nif (rpm_check(release:\"FC30\", reference:\"libldb-1.5.7-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:samba / libldb\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-23T16:11:13", "description": "Update to Samba 4.11.8\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-07T00:00:00", "type": "nessus", "title": "Fedora 31 : 2:samba / libldb (2020-9cf0b1c8f1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704"], "modified": "2020-05-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:samba", "p-cpe:/a:fedoraproject:fedora:libldb", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-9CF0B1C8F1.NASL", "href": "https://www.tenable.com/plugins/nessus/136382", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-9cf0b1c8f1.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136382);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/11\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\");\n script_xref(name:\"FEDORA\", value:\"2020-9cf0b1c8f1\");\n\n script_name(english:\"Fedora 31 : 2:samba / libldb (2020-9cf0b1c8f1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Samba 4.11.8\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-9cf0b1c8f1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:samba and / or libldb packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10700\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"samba-4.11.8-0.fc31\", epoch:\"2\")) flag++;\nif (rpm_check(release:\"FC31\", reference:\"libldb-2.0.10-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:samba / libldb\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T12:30:45", "description": "The remote host is affected by the vulnerability described in GLSA-202007-15 (Samba: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "GLSA-202007-15 : Samba: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704", "CVE-2020-10730", "CVE-2020-10745", "CVE-2020-10760", "CVE-2020-14303"], "modified": "2020-07-30T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:samba", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202007-15.NASL", "href": "https://www.tenable.com/plugins/nessus/138938", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202007-15.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138938);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/30\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\", \"CVE-2020-10730\", \"CVE-2020-10745\", \"CVE-2020-10760\", \"CVE-2020-14303\");\n script_xref(name:\"GLSA\", value:\"202007-15\");\n\n script_name(english:\"GLSA-202007-15 : Samba: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202007-15\n(Samba: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Samba. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202007-15\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Samba users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-4.11.11'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-fs/samba\", unaffected:make_list(\"ge 4.11.11\"), vulnerable:make_list(\"lt 4.11.11\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Samba\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-02-19T12:29:32", "description": "This update for ldb, samba fixes the following issues :\n\nChanges in samba: Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\nUpdate to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for share folder that contains incorrect symbols in any file name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow without bounds. (bso#14330)\n\nUpdate to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on non-existant paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\nUpdate to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC; (bso#14334); (bsc#1169851);\n\nUpdate to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection consistent; (bso#14274).\n\nUpdate to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering connection info; (bso#14227).\n\nAdd libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);\n\nInstalling: samba - samba-ad-dc.service does not exist and unit not found; (bsc#1171437);\n\nFix samba_winbind package is installing python3-base without python3 package; (bsc#1169521);\n\nChanges in ldb: Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\nUpdate to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-20T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : ldb, samba (SUSE-SU-2020:1948-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704", "CVE-2020-10730", "CVE-2020-10745", "CVE-2020-10760", "CVE-2020-14303"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ldb-debugsource", "p-cpe:/a:novell:suse_linux:ldb-tools", "p-cpe:/a:novell:suse_linux:ldb-tools-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-devel", "p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:libldb-devel", "p-cpe:/a:novell:suse_linux:libldb2", "p-cpe:/a:novell:suse_linux:libldb2-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libldb2-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt-devel", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr-nbt0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard-devel", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:libndr-standard0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:libndr0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi-devel", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libnetapi0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials-devel", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors-devel", "p-cpe:/a:novell:suse_linux:libsamba-errors0", "p-cpe:/a:novell:suse_linux:libsamba-errors0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb-devel", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-policy-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy0-python3", "p-cpe:/a:novell:suse_linux:libsamba-policy0-python3-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-util-devel", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-util0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamdb-devel", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:libsamdb0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient-devel", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf-devel", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:libsmbconf0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap-devel", "p-cpe:/a:novell:suse_linux:libsmbldap2", "p-cpe:/a:novell:suse_linux:libsmbldap2-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util-devel", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libtevent-util0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient-devel", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libwbclient0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:python3-ldb", "p-cpe:/a:novell:suse_linux:python3-ldb-debuginfo", "p-cpe:/a:novell:suse_linux:python3-ldb-devel", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-ad-dc", "p-cpe:/a:novell:suse_linux:samba-ad-dc-debuginfo", "p-cpe:/a:novell:suse_linux:samba-ceph", "p-cpe:/a:novell:suse_linux:samba-ceph-debuginfo", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:samba-core-devel", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:samba-dsdb-modules", "p-cpe:/a:novell:suse_linux:samba-dsdb-modules-debuginfo", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:samba-libs-python3", "p-cpe:/a:novell:suse_linux:samba-libs-python3-debuginfo", "p-cpe:/a:novell:suse_linux:samba-python3", "p-cpe:/a:novell:suse_linux:samba-python3-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-1948-1.NASL", "href": "https://www.tenable.com/plugins/nessus/138760", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1948-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138760);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\", \"CVE-2020-10730\", \"CVE-2020-10745\", \"CVE-2020-10760\", \"CVE-2020-14303\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : ldb, samba (SUSE-SU-2020:1948-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ldb, samba fixes the following issues :\n\nChanges in samba: Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing\n dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog\n LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent\n to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\nUpdate to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for\n share folder that contains incorrect symbols in any file\n name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in\n snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients\n exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow\n without bounds. (bso#14330)\n\nUpdate to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names\n with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo\n is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS\n attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88\n NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on\n non-existant paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC\n server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in\n SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved\n credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before\n results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\nUpdate to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP\n Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow)\n in Samba AD DC; (bso#14334); (bsc#1169851);\n\nUpdate to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet\n processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called\n from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect\n results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer\n dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty\n domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in\n Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection\n consistent; (bso#14274).\n\nUpdate to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using\n METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before\n cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with\n idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries\n during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also\n the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in\n ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering\n connection info; (bso#14227).\n\nAdd libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);\n\nInstalling: samba - samba-ad-dc.service does not exist and unit not\nfound; (bsc#1171437);\n\nFix samba_winbind package is installing python3-base without python3\npackage; (bsc#1169521);\n\nChanges in ldb: Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\nUpdate to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10700/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10704/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10730/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10745/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10760/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-14303/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201948-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?35b12723\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Python2 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Python2-15-SP2-2020-1948=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-1948=1\n\nSUSE Linux Enterprise High Availability 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Product-HA-15-SP2-2020-1948=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ad-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ad-dc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-dsdb-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-ceph-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"ldb-debugsource-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"ldb-tools-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"ldb-tools-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-binding0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-binding0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-samr-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-samr0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-samr0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb-devel-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb2-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb2-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-krb5pac-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-krb5pac0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-krb5pac0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-nbt-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-nbt0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-nbt0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-standard-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-standard0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-standard0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libnetapi-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libnetapi0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libnetapi0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-credentials-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-credentials0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-credentials0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-errors-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-errors0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-errors0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-hostconfig-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-hostconfig0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-hostconfig0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-passdb-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-passdb0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-passdb0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-policy-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-policy-python3-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-policy0-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-policy0-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-util-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-util0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-util0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamdb-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamdb0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamdb0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbclient-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbclient0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbconf-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbconf0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbconf0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbldap-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbldap2-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbldap2-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libtevent-util-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libtevent-util0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libtevent-util0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwbclient-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwbclient0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"python3-ldb-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"python3-ldb-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"python3-ldb-devel-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-ad-dc-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-ad-dc-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-client-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-client-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-core-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-debugsource-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-dsdb-modules-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-dsdb-modules-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-libs-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-libs-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-libs-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-libs-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-winbind-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-winbind-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-ceph-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"ldb-debugsource-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"ldb-tools-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"ldb-tools-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-binding0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-binding0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-samr-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-samr0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-samr0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb-devel-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb2-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb2-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-krb5pac-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-krb5pac0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-krb5pac0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-nbt-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-nbt0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-nbt0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-standard-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-standard0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-standard0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libnetapi-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libnetapi0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libnetapi0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-credentials-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-credentials0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-credentials0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-errors-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-errors0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-errors0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-hostconfig-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-hostconfig0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-hostconfig0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-passdb-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-passdb0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-passdb0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-policy-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-policy-python3-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-policy0-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-policy0-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-util-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-util0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-util0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamdb-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamdb0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamdb0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbclient-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbclient0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbconf-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbconf0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbconf0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbldap-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbldap2-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbldap2-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libtevent-util-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libtevent-util0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libtevent-util0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwbclient-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwbclient0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"python3-ldb-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"python3-ldb-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"python3-ldb-devel-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-ad-dc-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-ad-dc-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-client-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-client-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-core-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-debugsource-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-dsdb-modules-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-dsdb-modules-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-libs-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-libs-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-libs-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-libs-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-winbind-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-winbind-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldb / samba\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-02-19T12:32:23", "description": "This update for ldb, samba fixes the following issues :\n\nChanges in samba :\n\n - Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\n - Update to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for share folder that contains incorrect symbols in any file name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow without bounds. (bso#14330)\n\n - Update to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on non-existent paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\n - Update to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC; (bso#14334); (bsc#1169851);\n\n - Update to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection consistent; (bso#14274).\n\n - Update to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering connection info; (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage;\n (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist and unit not found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base without python3 package; (bsc#1169521);\n\nChanges in ldb :\n\n - Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\n - Update to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ldb / samba (openSUSE-2020-1023)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704", "CVE-2020-10730", "CVE-2020-10745", "CVE-2020-10760", "CVE-2020-14303"], "modified": "2020-07-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-tests", "p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo", "p-cpe:/a:novell:opensuse:ldb-debugsource", "p-cpe:/a:novell:opensuse:ldb-tools", "p-cpe:/a:novell:opensuse:ldb-tools-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo", "p-cpe:/a:novell:opensuse:libldb-devel", "p-cpe:/a:novell:opensuse:libldb2", "p-cpe:/a:novell:opensuse:libldb2-32bit", "p-cpe:/a:novell:opensuse:libldb2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libldb2-debuginfo", "p-cpe:/a:novell:opensuse:libndr-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac0", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt-devel", "p-cpe:/a:novell:opensuse:libndr-nbt0", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard-devel", "p-cpe:/a:novell:opensuse:libndr-standard0", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo", "p-cpe:/a:novell:opensuse:libndr0", "p-cpe:/a:novell:opensuse:libndr0-32bit", "p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi-devel", "p-cpe:/a:novell:opensuse:libnetapi-devel-32bit", "p-cpe:/a:novell:opensuse:libnetapi0", "p-cpe:/a:novell:opensuse:libnetapi0-32bit", "p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials-devel", "p-cpe:/a:novell:opensuse:libsamba-credentials0", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors-devel", "p-cpe:/a:novell:opensuse:libsamba-errors0", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb-devel", "p-cpe:/a:novell:opensuse:libsamba-passdb0", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util-devel", "p-cpe:/a:novell:opensuse:libsamba-util0", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb-devel", "p-cpe:/a:novell:opensuse:libsamdb0", "p-cpe:/a:novell:opensuse:libsamdb0-32bit", "p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient-devel", "p-cpe:/a:novell:opensuse:libsmbclient0", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf-devel", "p-cpe:/a:novell:opensuse:libsmbconf0", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap-devel", "p-cpe:/a:novell:opensuse:libsmbldap2", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util-devel", "p-cpe:/a:novell:opensuse:libtevent-util0", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient-devel", "p-cpe:/a:novell:opensuse:libwbclient0", "p-cpe:/a:novell:opensuse:libwbclient0-32bit", "p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb", "p-cpe:/a:novell:opensuse:python3-ldb-32bit", "p-cpe:/a:novell:opensuse:python3-ldb-32bit-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb-devel", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:samba-ad-dc", "p-cpe:/a:novell:opensuse:samba-ad-dc-32bit", "p-cpe:/a:novell:opensuse:samba-ad-dc-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-ad-dc-debuginfo", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:samba-ceph-debuginfo", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-debuginfo", "p-cpe:/a:novell:opensuse:samba-core-devel", "p-cpe:/a:novell:opensuse:samba-debuginfo", "p-cpe:/a:novell:opensuse:samba-debugsource", "p-cpe:/a:novell:opensuse:samba-dsdb-modules", "p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-python3", "p-cpe:/a:novell:opensuse:samba-libs-python3-32bit", "p-cpe:/a:novell:opensuse:samba-libs-python3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-python3-debuginfo", "p-cpe:/a:novell:opensuse:samba-python3", "p-cpe:/a:novell:opensuse:samba-python3-debuginfo", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:samba-test-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:samba-winbind-32bit", "p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1023.NASL", "href": "https://www.tenable.com/plugins/nessus/138790", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1023.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138790);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/23\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\", \"CVE-2020-10730\", \"CVE-2020-10745\", \"CVE-2020-10760\", \"CVE-2020-14303\");\n\n script_name(english:\"openSUSE Security Update : ldb / samba (openSUSE-2020-1023)\");\n script_summary(english:\"Check for the openSUSE-2020-1023 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ldb, samba fixes the following issues :\n\nChanges in samba :\n\n - Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing\n dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog\n LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent\n to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\n - Update to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for\n share folder that contains incorrect symbols in any file\n name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in\n snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients\n exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow\n without bounds. (bso#14330)\n\n - Update to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names\n with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo\n is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS\n attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88\n NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on\n non-existent paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC\n server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in\n SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved\n credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before\n results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\n - Update to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP\n Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow)\n in Samba AD DC; (bso#14334); (bsc#1169851);\n\n - Update to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet\n processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called\n from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect\n results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer\n dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty\n domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in\n Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection\n consistent; (bso#14274).\n\n - Update to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using\n METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before\n cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with\n idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries\n during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also\n the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in\n ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering\n connection info; (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage;\n (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist\n and unit not found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base\n without python3 package; (bsc#1169521);\n\nChanges in ldb :\n\n - Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\n - Update to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1162680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1171437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174120\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected ldb / samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-pcp-pmda-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-pcp-pmda-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-tests-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-tests-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-debugsource-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-tools-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-tools-debuginfo-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-binding0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-binding0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb-devel-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb2-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb2-debuginfo-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy-python3-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy0-python3-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy0-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap2-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap2-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-debuginfo-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-devel-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-ad-dc-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-ad-dc-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-client-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-client-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-core-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-debugsource-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-dsdb-modules-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-dsdb-modules-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-python3-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-python3-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-test-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-test-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-winbind-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-winbind-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi-devel-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-policy0-python3-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-policy0-python3-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"python3-ldb-32bit-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"python3-ldb-32bit-debuginfo-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ad-dc-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ad-dc-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ceph-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-client-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-python3-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-python3-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldb-debugsource / ldb-tools / ldb-tools-debuginfo / libldb-devel / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-02-19T12:22:33", "description": "This update for ldb, samba fixes the following issues :\n\nChanges in samba :\n\n - Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\n - Update to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for share folder that contains incorrect symbols in any file name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow without bounds. (bso#14330)\n\n - Update to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on non-existent paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\n - Update to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC; (bso#14334); (bsc#1169851);\n\n - Update to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection consistent; (bso#14274).\n\n - Update to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering connection info; (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage;\n (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist and unit not found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base without python3 package; (bsc#1169521);\n\nChanges in ldb :\n\n - Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\n - Update to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-09-02T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ldb / samba (openSUSE-2020-1313)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704", "CVE-2020-10730", "CVE-2020-10745", "CVE-2020-10760", "CVE-2020-14303"], "modified": "2020-09-04T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-tests", "p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo", "p-cpe:/a:novell:opensuse:ldb-debugsource", "p-cpe:/a:novell:opensuse:ldb-tools", "p-cpe:/a:novell:opensuse:ldb-tools-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo", "p-cpe:/a:novell:opensuse:libldb-devel", "p-cpe:/a:novell:opensuse:libldb2", "p-cpe:/a:novell:opensuse:libldb2-32bit", "p-cpe:/a:novell:opensuse:libldb2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libldb2-debuginfo", "p-cpe:/a:novell:opensuse:libndr-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac0", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt-devel", "p-cpe:/a:novell:opensuse:libndr-nbt0", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard-devel", "p-cpe:/a:novell:opensuse:libndr-standard0", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo", "p-cpe:/a:novell:opensuse:libndr0", "p-cpe:/a:novell:opensuse:libndr0-32bit", "p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi-devel", "p-cpe:/a:novell:opensuse:libnetapi-devel-32bit", "p-cpe:/a:novell:opensuse:libnetapi0", "p-cpe:/a:novell:opensuse:libnetapi0-32bit", "p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials-devel", "p-cpe:/a:novell:opensuse:libsamba-credentials0", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors-devel", "p-cpe:/a:novell:opensuse:libsamba-errors0", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb-devel", "p-cpe:/a:novell:opensuse:libsamba-passdb0", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util-devel", "p-cpe:/a:novell:opensuse:libsamba-util0", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb-devel", "p-cpe:/a:novell:opensuse:libsamdb0", "p-cpe:/a:novell:opensuse:libsamdb0-32bit", "p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient-devel", "p-cpe:/a:novell:opensuse:libsmbclient0", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf-devel", "p-cpe:/a:novell:opensuse:libsmbconf0", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap-devel", "p-cpe:/a:novell:opensuse:libsmbldap2", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util-devel", "p-cpe:/a:novell:opensuse:libtevent-util0", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient-devel", "p-cpe:/a:novell:opensuse:libwbclient0", "p-cpe:/a:novell:opensuse:libwbclient0-32bit", "p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb", "p-cpe:/a:novell:opensuse:python3-ldb-32bit", "p-cpe:/a:novell:opensuse:python3-ldb-32bit-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb-devel", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:samba-ad-dc", "p-cpe:/a:novell:opensuse:samba-ad-dc-32bit", "p-cpe:/a:novell:opensuse:samba-ad-dc-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-ad-dc-debuginfo", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:samba-ceph-debuginfo", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-debuginfo", "p-cpe:/a:novell:opensuse:samba-core-devel", "p-cpe:/a:novell:opensuse:samba-debuginfo", "p-cpe:/a:novell:opensuse:samba-debugsource", "p-cpe:/a:novell:opensuse:samba-dsdb-modules", "p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-python3", "p-cpe:/a:novell:opensuse:samba-libs-python3-32bit", "p-cpe:/a:novell:opensuse:samba-libs-python3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-python3-debuginfo", "p-cpe:/a:novell:opensuse:samba-python3", "p-cpe:/a:novell:opensuse:samba-python3-debuginfo", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:samba-test-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:samba-winbind-32bit", "p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1313.NASL", "href": "https://www.tenable.com/plugins/nessus/140174", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1313.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140174);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/04\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\", \"CVE-2020-10730\", \"CVE-2020-10745\", \"CVE-2020-10760\", \"CVE-2020-14303\");\n\n script_name(english:\"openSUSE Security Update : ldb / samba (openSUSE-2020-1313)\");\n script_summary(english:\"Check for the openSUSE-2020-1313 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ldb, samba fixes the following issues :\n\nChanges in samba :\n\n - Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing\n dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog\n LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent\n to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\n - Update to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for\n share folder that contains incorrect symbols in any file\n name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in\n snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients\n exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow\n without bounds. (bso#14330)\n\n - Update to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names\n with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo\n is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS\n attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88\n NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on\n non-existent paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC\n server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in\n SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved\n credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before\n results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\n - Update to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP\n Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow)\n in Samba AD DC; (bso#14334); (bsc#1169851);\n\n - Update to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet\n processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called\n from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect\n results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer\n dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty\n domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in\n Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection\n consistent; (bso#14274).\n\n - Update to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using\n METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before\n cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with\n idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries\n during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also\n the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in\n ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering\n connection info; (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage;\n (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist\n and unit not found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base\n without python3 package; (bsc#1169521);\n\nChanges in ldb :\n\n - Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\n - Update to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1162680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1171437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174120\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected ldb / samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-pcp-pmda-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-pcp-pmda-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-tests-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-tests-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-debugsource-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-tools-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-tools-debuginfo-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-binding0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-binding0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb-devel-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb2-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb2-debuginfo-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy-python3-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy0-python3-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy0-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap2-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap2-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-debuginfo-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-devel-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-ad-dc-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-ad-dc-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-client-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-client-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-core-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-debugsource-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-dsdb-modules-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-dsdb-modules-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-python3-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-python3-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-test-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-test-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-winbind-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-winbind-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi-devel-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-policy0-python3-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-policy0-python3-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"python3-ldb-32bit-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"python3-ldb-32bit-debuginfo-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ad-dc-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ad-dc-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ceph-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-client-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-python3-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-python3-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldb-debugsource / ldb-tools / ldb-tools-debuginfo / libldb-devel / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-05-15T13:52:21", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.(CVE-2019-14870)\n\n - All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the DNS partition allow creation of new records by authenticated users. This is used for example to allow machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following invalid memory as a pointer.(CVE-2019-14861)\n\n - All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with 'log level = 3' (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).(CVE-2019-14907)\n\n - There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.(CVE-2019-14902)\n\n - A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.(CVE-2018-16860)\n\n - A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.(CVE-2020-10700)\n\n - A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.(CVE-2020-10700)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-07-01T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2020-1746)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16860", "CVE-2019-14861", "CVE-2019-14870", "CVE-2019-14902", "CVE-2019-14907", "CVE-2020-10700"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2020-1746.NASL", "href": "https://www.tenable.com/plugins/nessus/137965", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137965);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2018-16860\",\n \"CVE-2019-14861\",\n \"CVE-2019-14870\",\n \"CVE-2019-14902\",\n \"CVE-2019-14907\",\n \"CVE-2020-10700\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2020-1746)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - All Samba versions 4.x.x before 4.9.17, 4.10.x before\n 4.10.11 and 4.11.x before 4.11.3 have an issue, where\n the S4U (MS-SFU) Kerberos delegation model includes a\n feature allowing for a subset of clients to be opted\n out of constrained delegation in any way, either\n S4U2Self or regular Kerberos authentication, by forcing\n all tickets for these clients to be non-forwardable. In\n AD this is implemented by a user attribute\n delegation_not_allowed (aka not-delegated), which\n translates to disallow-forwardable. However the Samba\n AD DC does not do that for S4U2Self and does set the\n forwardable flag even if the impersonated client has\n the not-delegated flag set.(CVE-2019-14870)\n\n - All Samba versions 4.x.x before 4.9.17, 4.10.x before\n 4.10.11 and 4.11.x before 4.11.3 have an issue, where\n the (poorly named) dnsserver RPC pipe provides\n administrative facilities to modify DNS records and\n zones. Samba, when acting as an AD DC, stores DNS\n records in LDAP. In AD, the default permissions on the\n DNS partition allow creation of new records by\n authenticated users. This is used for example to allow\n machines to self-register in DNS. If a DNS record was\n created that case-insensitively matched the name of the\n zone, the ldb_qsort() and dns_name_compare() routines\n could be confused into reading memory prior to the list\n of DNS entries when responding to DnssrvEnumRecords()\n or DnssrvEnumRecords2() and so following invalid memory\n as a pointer.(CVE-2019-14861)\n\n - All samba versions 4.9.x before 4.9.18, 4.10.x before\n 4.10.12 and 4.11.x before 4.11.5 have an issue where if\n it is set with 'log level = 3' (or above) then the\n string obtained from the client, after a failed\n character conversion, is printed. Such strings can be\n provided during the NTLMSSP authentication exchange. In\n the Samba AD DC in particular, this may cause a\n long-lived process(such as the RPC server) to\n terminate. (In the file server case, the most likely\n target, smbd, operates as process-per-client and so a\n crash there is harmless).(CVE-2019-14907)\n\n - There is an issue in all samba 4.11.x versions before\n 4.11.5, all samba 4.10.x versions before 4.10.12 and\n all samba 4.9.x versions before 4.9.18, where the\n removal of the right to create or modify a subtree\n would not automatically be taken away on all domain\n controllers.(CVE-2019-14902)\n\n - A flaw was found in samba's Heimdal KDC implementation,\n versions 4.8.x up to, excluding 4.8.12, 4.9.x up to,\n excluding 4.9.8 and 4.10.x up to, excluding 4.10.3,\n when used in AD DC mode. A man in the middle attacker\n could use this flaw to intercept the request to the KDC\n and replace the user name (principal) in the request\n with any desired user name (principal) that exists in\n the KDC effectively obtaining a ticket for that\n principal.(CVE-2018-16860)\n\n - A use-after-free flaw was found in the way samba AD DC\n LDAP servers, handled 'Paged Results' control is\n combined with the 'ASQ' control. A malicious user in a\n samba AD could use this flaw to cause denial of\n service. This issue affects all samba versions before\n 4.10.15, before 4.11.8 and before\n 4.12.2.(CVE-2020-10700)\n\n - A use-after-free flaw was found in the way samba AD DC\n LDAP servers, handled 'Paged Results' control is\n combined with the 'ASQ' control. A malicious user in a\n samba AD could use this flaw to cause denial of\n service. This issue affects all samba versions before\n 4.10.15, before 4.11.8 and before\n 4.12.2.(CVE-2020-10700)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1746\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?68ff6903\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14870\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.7.1-9.h19\",\n \"libwbclient-4.7.1-9.h19\",\n \"samba-client-libs-4.7.1-9.h19\",\n \"samba-common-4.7.1-9.h19\",\n \"samba-common-libs-4.7.1-9.h19\",\n \"samba-common-tools-4.7.1-9.h19\",\n \"samba-libs-4.7.1-9.h19\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "gentoo": [{"lastseen": "2022-01-17T19:01:52", "description": "### Background\n\nSamba is a suite of SMB and CIFS client/server programs.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Samba users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-fs/samba-4.11.11\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-26T00:00:00", "type": "gentoo", "title": "Samba: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704", "CVE-2020-10730", "CVE-2020-10745", "CVE-2020-10760", "CVE-2020-14303"], "modified": "2020-07-26T00:00:00", "id": "GLSA-202007-15", "href": "https://security.gentoo.org/glsa/202007-15", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2022-04-18T12:41:06", "description": "An update that solves 6 vulnerabilities and has 7 fixes is\n now available.\n\nDescription:\n\n This update for ldb, samba fixes the following issues:\n\n Changes in samba:\n - Update to samba 4.11.11\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and\n VLV combined; (bso#14364); (bsc#1173159]\n + CVE-2020-10745: invalid DNS or NBT queries containing dots use several\n seconds of CPU each; (bso#14378); (bsc#1173160).\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP server\n with paged_result or VLV; (bso#14402); (bsc#1173161)\n + CVE-2020-14303: Endless loop from empty UDP packet sent to AD DC\n nbt_server; (bso#14417); (bsc#1173359).\n - Update to samba 4.11.10\n + Fix segfault when using SMBC_opendir_ctx() routine for share folder\n that contains incorrect symbols in any file name; (bso#14374).\n + vfs_shadow_copy2 doesn't fail case looking in snapdirseverywhere mode;\n (bso#14350)\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr; (bso#14413).\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n + winbindd: Fix a use-after-free when winbind clients exit; (bso#14382)\n + ldb: Bump version to 2.0.11, LMDB databases can grow without bounds.\n (bso#14330)\n - Update to samba 4.11.9\n + nmblib: Avoid undefined behaviour in handle_name_ptrs(); (bso#14242).\n + 'samba-tool group' commands do not handle group names with special\n chars correctly; (bso#14296).\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid;\n (bso#14237).\n + Missing check for DMAPI offline status in async DOS attributes;\n (bso#14293).\n + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs;\n (bso#14307).\n + vfs_recycle: Prevent flooding the log if we're called on non-existant\n paths; (bso#14316)\n + smbd mistakenly updates a file's write-time on close; (bso#14320).\n + RPC handles cannot be differentiated in source3 RPC server;\n (bso#14359).\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW; (bso#14313).\n + nsswitch: Fix use-after-free causing segfault in _pam_delete_cred;\n (bso#14327).\n + Fix fruit:time machine max size on arm; (bso#13622)\n + CTDB recovery corner cases can cause record resurrection and node\n banning; (bso#14294).\n + ctdb: Fix a memleak; (bso#14348).\n + libsmb: Don't try to find posix stat info in SMBC_getatr().\n + ctdb-tcp: Move free of inbound queue to TCP restart; (bso#14295);\n (bsc#1162680).\n + s3/librpc/crypto: Fix double free with unresolved credential cache;\n (bso#14344); (bsc#1169095)\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n + CTDB recovery corner cases can cause record resurrection and node\n banning; (bso#14294)\n + Starting ctdb node that was powered off hard before results in\n recovery loop; (bso#14295); (bsc#1162680).\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap; (bso#14324)\n - Update to samba 4.11.8\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ;\n (bso#14331); (bsc#1169850);\n + CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD\n DC; (bso#14334); (bsc#1169851);\n - Update to samba 4.11.7\n + s3: lib: nmblib. Clean up and harden nmb packet processing;\n (bso#14239).\n + s3: VFS: full_audit. Use system session_info if called from a\n temporary share definition; (bso#14283)\n + dsdb: Correctly handle memory in objectclass_attrs; (bso#14258).\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect results for\n SCOPE_ONE searches; (bso#14270)\n + auth: Fix CIDs 1458418 and 1458420 Null pointer dereferences;\n (bso#14247).\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n + winbind member (source3) fails local SAM auth with empty domain name;\n (bso#14247)\n + winbindd: Handling missing idmap in getgrgid(); (bso#14265).\n + lib:util: Log mkdir error on correct debug levels; (bso#14253).\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9;\n (bso#14266).\n + ctdb-tcp: Make error handling for outbound connection consistent;\n (bso#14274).\n - Update to samba 4.11.6\n + pygpo: Use correct method flags; (bso#14209).\n + vfs_ceph_snapshots: Fix root relative path handling; (bso#14216);\n (bsc#1141320).\n + Avoiding bad call flags with python 3.8, using METH_NOARGS instead of\n zero; (bso#14209).\n + source4/utils/oLschema2ldif: Include stdint.h before cmocka.h;\n (bso#14218).\n + docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc;\n (bso#14122).\n + smbd: Fix the build with clang; (bso#14251).\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n + s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir;\n (bso#14182).\n + smbc_stat() doesn't return the correct st_mode and also the uid/gid is\n not filled (SMBv1) file; (bso#14101).\n + librpc: Fix string length checking in ndr_pull_charset_to_null();\n (bso#14219).\n + ctdb-scripts: Strip square brackets when gathering connection info;\n (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist and unit not\n found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base without python3\n package; (bsc#1169521);\n\n Changes in ldb:\n - Update to version 2.0.12\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and\n VLV combined; (bso#14364); (bsc#1173159).\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr; (bso#14413).\n + lib/ldb: add unit test for ldb_ldap internal code.\n - Update to version 2.0.11\n + lib ldb: lmdb init var before calling mdb_reader_check.\n + lib ldb: lmdb clear stale readers on write txn start; (bso#14330).\n + ldb tests: Confirm lmdb free list handling\n\n This update was imported from the SUSE:SLE-15-SP2:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2020-1313=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-01T00:00:00", "type": "suse", "title": "Security update for ldb, samba (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704", "CVE-2020-10730", "CVE-2020-10745", "CVE-2020-10760", "CVE-2020-14303"], "modified": "2020-09-01T00:00:00", "id": "OPENSUSE-SU-2020:1313-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/G6CWABZYPZM5WM3TNQERK2OMN6VELZKV/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-04-18T12:41:14", "description": "An update that solves 6 vulnerabilities and has 7 fixes is\n now available.\n\nDescription:\n\n This update for ldb, samba fixes the following issues:\n\n Changes in samba:\n - Update to samba 4.11.11\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and\n VLV combined; (bso#14364); (bsc#1173159]\n + CVE-2020-10745: invalid DNS or NBT queries containing dots use several\n seconds of CPU each; (bso#14378); (bsc#1173160).\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP server\n with paged_result or VLV; (bso#14402); (bsc#1173161)\n + CVE-2020-14303: Endless loop from empty UDP packet sent to AD DC\n nbt_server; (bso#14417); (bsc#1173359).\n - Update to samba 4.11.10\n + Fix segfault when using SMBC_opendir_ctx() routine for share folder\n that contains incorrect symbols in any file name; (bso#14374).\n + vfs_shadow_copy2 doesn't fail case looking in snapdirseverywhere mode;\n (bso#14350)\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr; (bso#14413).\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n + winbindd: Fix a use-after-free when winbind clients exit; (bso#14382)\n + ldb: Bump version to 2.0.11, LMDB databases can grow without bounds.\n (bso#14330)\n - Update to samba 4.11.9\n + nmblib: Avoid undefined behaviour in handle_name_ptrs(); (bso#14242).\n + 'samba-tool group' commands do not handle group names with special\n chars correctly; (bso#14296).\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid;\n (bso#14237).\n + Missing check for DMAPI offline status in async DOS attributes;\n (bso#14293).\n + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs;\n (bso#14307).\n + vfs_recycle: Prevent flooding the log if we're called on non-existant\n paths; (bso#14316)\n + smbd mistakenly updates a file's write-time on close; (bso#14320).\n + RPC handles cannot be differentiated in source3 RPC server;\n (bso#14359).\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW; (bso#14313).\n + nsswitch: Fix use-after-free causing segfault in _pam_delete_cred;\n (bso#14327).\n + Fix fruit:time machine max size on arm; (bso#13622)\n + CTDB recovery corner cases can cause record resurrection and node\n banning; (bso#14294).\n + ctdb: Fix a memleak; (bso#14348).\n + libsmb: Don't try to find posix stat info in SMBC_getatr().\n + ctdb-tcp: Move free of inbound queue to TCP restart; (bso#14295);\n (bsc#1162680).\n + s3/librpc/crypto: Fix double free with unresolved credential cache;\n (bso#14344); (bsc#1169095)\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n + CTDB recovery corner cases can cause record resurrection and node\n banning; (bso#14294)\n + Starting ctdb node that was powered off hard before results in\n recovery loop; (bso#14295); (bsc#1162680).\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap; (bso#14324)\n - Update to samba 4.11.8\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ;\n (bso#14331); (bsc#1169850);\n + CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD\n DC; (bso#14334); (bsc#1169851);\n - Update to samba 4.11.7\n + s3: lib: nmblib. Clean up and harden nmb packet processing;\n (bso#14239).\n + s3: VFS: full_audit. Use system session_info if called from a\n temporary share definition; (bso#14283)\n + dsdb: Correctly handle memory in objectclass_attrs; (bso#14258).\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect results for\n SCOPE_ONE searches; (bso#14270)\n + auth: Fix CIDs 1458418 and 1458420 Null pointer dereferences;\n (bso#14247).\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n + winbind member (source3) fails local SAM auth with empty domain name;\n (bso#14247)\n + winbindd: Handling missing idmap in getgrgid(); (bso#14265).\n + lib:util: Log mkdir error on correct debug levels; (bso#14253).\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9;\n (bso#14266).\n + ctdb-tcp: Make error handling for outbound connection consistent;\n (bso#14274).\n - Update to samba 4.11.6\n + pygpo: Use correct method flags; (bso#14209).\n + vfs_ceph_snapshots: Fix root relative path handling; (bso#14216);\n (bsc#1141320).\n + Avoiding bad call flags with python 3.8, using METH_NOARGS instead of\n zero; (bso#14209).\n + source4/utils/oLschema2ldif: Include stdint.h before cmocka.h;\n (bso#14218).\n + docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc;\n (bso#14122).\n + smbd: Fix the build with clang; (bso#14251).\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n + s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir;\n (bso#14182).\n + smbc_stat() doesn't return the correct st_mode and also the uid/gid is\n not filled (SMBv1) file; (bso#14101).\n + librpc: Fix string length checking in ndr_pull_charset_to_null();\n (bso#14219).\n + ctdb-scripts: Strip square brackets when gathering connection info;\n (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist and unit not\n found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base without python3\n package; (bsc#1169521);\n\n Changes in ldb:\n - Update to version 2.0.12\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and\n VLV combined; (bso#14364); (bsc#1173159).\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr; (bso#14413).\n + lib/ldb: add unit test for ldb_ldap internal code.\n - Update to version 2.0.11\n + lib ldb: lmdb init var before calling mdb_reader_check.\n + lib ldb: lmdb clear stale readers on write txn start; (bso#14330).\n + ldb tests: Confirm lmdb free list handling\n\n This update was imported from the SUSE:SLE-15-SP2:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2020-1023=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-21T00:00:00", "type": "suse", "title": "Security update for ldb, samba (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10700", "CVE-2020-10704", "CVE-2020-10730", "CVE-2020-10745", "CVE-2020-10760", "CVE-2020-14303"], "modified": "2020-07-21T00:00:00", "id": "OPENSUSE-SU-2020:1023-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QEBUQFHEBKSTCNWEBA5BNTU3U4N3NVNA/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}
