| Reporter | Title | Published | Views | Family All 1490 |
|---|---|---|---|---|
| Exploit for CVE-2020-1472 | 10 Oct 202018:21 | – | gitee | |
| Exploit for CVE-2020-1472 | 25 Jul 202116:14 | – | gitee | |
| Exploit for CVE-2020-1472 | 8 Oct 202115:47 | – | gitee | |
| Exploit for CVE-2020-1472 | 25 Jul 202115:13 | – | gitee | |
| Exploit for CVE-2020-1472 | 8 Dec 202016:33 | – | gitee | |
| Exploit for CVE-2020-1472 | 7 Jul 202120:29 | – | gitee | |
| Exploit for CVE-2020-1472 | 6 Sep 202511:51 | – | gitee | |
| Exploit for CVE-2020-1472 | 10 Oct 202018:21 | – | gitee | |
| Exploit for CVE-2020-1472 | 8 Dec 202016:32 | – | gitee | |
| Exploit for CVE-2020-1472 | 29 Apr 202121:43 | – | gitee |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Alibaba Cloud Linux Security Advisory ALINUX3-SA-2021:0077.
##
include('compat.inc');
if (description)
{
script_id(236653);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2025/12/17");
script_cve_id(
"CVE-2019-3880",
"CVE-2019-10197",
"CVE-2019-10218",
"CVE-2019-14907",
"CVE-2020-1472",
"CVE-2020-14318",
"CVE-2020-14323",
"CVE-2020-14383",
"CVE-2020-25717",
"CVE-2021-20254",
"CVE-2021-23192"
);
script_xref(name:"CEA-ID", value:"CEA-2020-0129");
script_xref(name:"CEA-ID", value:"CEA-2020-0121");
script_xref(name:"CEA-ID", value:"CEA-2021-0025");
script_xref(name:"CEA-ID", value:"CEA-2021-0008");
script_xref(name:"CEA-ID", value:"CEA-2023-0016");
script_xref(name:"CEA-ID", value:"CEA-2020-0101");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/05/03");
script_name(english:"Alibaba Cloud Linux 3 : 0077: samba (ALINUX3-SA-2021:0077)");
script_set_attribute(attribute:"synopsis", value:
"The remote Alibaba Cloud Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced
in the ALINUX3-SA-2021:0077 advisory.
Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities:
CVE-2019-10197:
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to
4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker
could use this flaw to escape the shared directory and access the contents of directories outside the
share.
CVE-2019-10218:
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a
malicious server can supply a pathname to the client with separators. This could allow the client to
access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to
create files outside of the current working directory using the privileges of the client user.
CVE-2019-14907:
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where
if it is set with log level = 3 (or above) then the string obtained from the client, after a failed
character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange.
In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to
terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a
crash there is harmless).
CVE-2019-3880:
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API.
An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix
permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6
and 4.10.2 are vulnerable.
CVE-2020-14318:
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use
this flaw to gain access to certain file and directory information which otherwise would be unavailable to
the attacker.
CVE-2020-14323:
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before
4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of
service.
CVE-2020-14383:
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to
crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short
delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it
returns. The Samba DNS server itself will continue to operate, but many RPC services will not.
CVE-2020-1472:
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure
channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon
Elevation of Privilege Vulnerability'.
CVE-2020-25717:
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use
this flaw to cause possible privilege escalation.
CVE-2021-20254:
A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix
group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end
of the array in the case where a negative cache entry had been added to the mapping cache. This could
cause the calling code to return those values into the process token that stores the group membership for
a user. The highest threat from this vulnerability is to data confidentiality and integrity.
CVE-2021-23192:
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large
DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data,
bypassing the signature requirements.
Tenable has extracted the preceding description block directly from the Alibaba Cloud Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"http://mirrors.aliyun.com/alinux/3/cve/alinux3-sa-20210077.xml");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-1472");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-10197");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/08");
script_set_attribute(attribute:"patch_publication_date", value:"2021/11/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/05/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ctdb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ctdb-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ctdb-tests");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ctdb-tests-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libsmbclient");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libsmbclient-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libsmbclient-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libwbclient");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libwbclient-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libwbclient-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:python3-samba");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:python3-samba-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:python3-samba-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:python3-samba-test");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-client-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-client-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-client-libs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-common-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-common-libs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-common-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-common-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-krb5-printing");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-krb5-printing-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-libs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-pidl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-test");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-test-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-test-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-test-libs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-vfs-glusterfs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-vfs-glusterfs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-winbind");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-winbind-clients");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-winbind-clients-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-winbind-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-winbind-krb5-locator");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-winbind-krb5-locator-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-winbind-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-winbind-modules-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-winexe");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:samba-winexe-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alibabacloud:alibaba_cloud_linux_3");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Alibaba Cloud Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Alibaba/release", "Host/Alibaba/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Alibaba/release');
if (isnull(os_release) || 'Alibaba Cloud Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Alibaba Cloud Linux');
var os_ver = pregmatch(pattern: "Alibaba Cloud Linux release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Alibaba Cloud Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Alibaba Cloud Linux 3.x', 'Alibaba Cloud Linux ' + os_ver);
if (!get_kb_item('Host/Alibaba/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'x86_64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Alibaba Cloud Linux', cpu);
var pkgs = [
{'reference':'ctdb-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'ctdb-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'ctdb-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'ctdb-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'ctdb-tests-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'ctdb-tests-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'ctdb-tests-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'ctdb-tests-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libsmbclient-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libsmbclient-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libsmbclient-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libsmbclient-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libsmbclient-devel-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libsmbclient-devel-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libwbclient-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libwbclient-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libwbclient-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libwbclient-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libwbclient-devel-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'libwbclient-devel-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'python3-samba-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'python3-samba-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'python3-samba-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'python3-samba-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'python3-samba-devel-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'python3-samba-devel-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'python3-samba-test-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'python3-samba-test-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-client-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-client-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-client-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-client-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-client-libs-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-client-libs-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-client-libs-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-client-libs-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-common-4.13.3-5.al8.1', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-common-libs-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-common-libs-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-common-libs-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-common-libs-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-common-tools-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-common-tools-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-common-tools-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-common-tools-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-debugsource-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-debugsource-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-devel-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-devel-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-krb5-printing-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-krb5-printing-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-krb5-printing-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-krb5-printing-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-libs-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-libs-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-libs-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-libs-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-pidl-4.13.3-5.al8.1', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-test-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-test-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-test-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-test-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-test-libs-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-test-libs-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-test-libs-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-test-libs-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-vfs-glusterfs-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-vfs-glusterfs-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-clients-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-clients-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-clients-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-clients-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-krb5-locator-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-krb5-locator-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-krb5-locator-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-krb5-locator-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-modules-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-modules-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-modules-debuginfo-4.13.3-5.al8.1', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winbind-modules-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winexe-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'samba-winexe-debuginfo-4.13.3-5.al8.1', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Alibaba Linux ' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['cves'])) cves = package_array['cves'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / ctdb-debuginfo / ctdb-tests / ctdb-tests-debuginfo / etc');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation