Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.ALMA_LINUX_ALSA-2023-4328.NASLHistoryAug 03, 2023 - 12:00 a.m.
AlmaLinux 8 : samba (ALSA-2023:4328)
2023-08-0300:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
almalinux 8
samba
smb2 packet signing
vulnerability
cve-2023-3347
man-in-the-middle attack
network traffic
data integrity
nessus scanner
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
35.7%
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4328 advisory.
- A vulnerability was found in Samba’s SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured server signing = required or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to perform attacks, such as a man-in- the-middle attack, by intercepting the network traffic and modifying the SMB2 messages between client and server, affecting the integrity of the data. (CVE-2023-3347)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# AlmaLinux Security Advisory ALSA-2023:4328.
##
include('compat.inc');
if (description)
{
script_id(179328);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/12");
script_cve_id("CVE-2023-3347");
script_xref(name:"ALSA", value:"2023:4328");
script_xref(name:"IAVA", value:"2023-A-0376-S");
script_name(english:"AlmaLinux 8 : samba (ALSA-2023:4328)");
script_set_attribute(attribute:"synopsis", value:
"The remote AlmaLinux host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the
ALSA-2023:4328 advisory.
- A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not
enforced if an admin configured server signing = required or for SMB2 connections to Domain Controllers
where SMB2 packet signing is mandatory. This flaw allows an attacker to perform attacks, such as a man-in-
the-middle attack, by intercepting the network traffic and modifying the SMB2 messages between client and
server, affecting the integrity of the data. (CVE-2023-3347)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://errata.almalinux.org/8/ALSA-2023-4328.html");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-3347");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/07/20");
script_set_attribute(attribute:"patch_publication_date", value:"2023/07/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/08/03");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:ctdb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:libnetapi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:libnetapi-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:libsmbclient");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:libsmbclient-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:libwbclient");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:libwbclient-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python3-samba");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python3-samba-dc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python3-samba-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python3-samba-test");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-client-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-common-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-common-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-dc-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-dcerpc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-krb5-printing");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-ldb-ldap-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-pidl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-test");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-test-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-usershares");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-vfs-iouring");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-winbind");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-winbind-clients");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-winbind-krb5-locator");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-winbind-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:samba-winexe");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::appstream");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::baseos");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::highavailability");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::nfv");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::powertools");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::realtime");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::resilientstorage");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::sap");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::sap_hana");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::supplementary");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Alma Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AlmaLinux/release", "Host/AlmaLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/AlmaLinux/release');
if (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');
var os_ver = pregmatch(pattern: "AlmaLinux release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);
if (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);
var pkgs = [
{'reference':'ctdb-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libnetapi-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libnetapi-devel-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libsmbclient-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libsmbclient-devel-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libwbclient-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libwbclient-devel-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-samba-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-samba-dc-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-samba-devel-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-samba-test-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-client-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-client-libs-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-common-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-common-libs-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-common-tools-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-dc-libs-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-dcerpc-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-devel-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-krb5-printing-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-ldb-ldap-modules-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-libs-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-pidl-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-test-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-test-libs-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-tools-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-usershares-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-vfs-iouring-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-winbind-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-winbind-clients-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-winbind-krb5-locator-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-winbind-modules-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'samba-winexe-4.17.5-3.el8_8.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libnetapi / libnetapi-devel / libsmbclient / etc');
}
Related
nvd
nvd
CVE-2023-3347
2023-07-20 15:15:11
nessus
nessus
Oracle Linux 8 : samba (ELSA-2023-4328)
2023-08-02 00:00:00
RHEL 8 : samba (RHSA-2023:4328)
2023-07-31 00:00:00
AlmaLinux 9 : samba (ALSA-2023:4325)
2023-08-03 00:00:00
ubuntucve
ubuntucve
CVE-2023-3347
2023-07-19 00:00:00
oraclelinux
oraclelinux
samba security and bug fix update
2023-08-02 00:00:00
samba security and bug fix update
2023-08-02 00:00:00
osv
osv
Moderate: samba security and bug fix update
2023-07-31 00:00:00
Moderate: samba security and bug fix update
2023-07-31 00:00:00
CVE-2023-3347
2023-07-20 15:15:11
veracode
veracode
Authorization Bypass
2023-07-21 14:57:25
openvas
openvas
Samba Information Disclosure Vulnerability (CVE-2023-3347)
2023-07-20 00:00:00
Samba File Truncation Vulnerability (CVE-2023-3347)
2023-10-11 00:00:00
Fedora: Security Advisory for samba (FEDORA-2023-bcd91bfcd3)
2023-08-06 00:00:00
vulnrichment
vulnrichment
cvelist
cvelist
cve
cve
CVE-2023-3347
2023-07-20 15:15:11
redhat
redhat
(RHSA-2023:4325) Moderate: samba security and bug fix update
2023-07-31 08:22:24
(RHSA-2023:4328) Moderate: samba security and bug fix update
2023-07-31 08:42:56
prion
prion
Design/Logic Flaw
2023-07-20 15:15:00
almalinux
almalinux
Moderate: samba security and bug fix update
2023-07-31 00:00:00
Moderate: samba security and bug fix update
2023-07-31 00:00:00
redhatcve
redhatcve
CVE-2023-3347
2023-07-20 09:31:05
samba
samba
SMB2 packet signing not enforced
2023-07-19 00:00:00
debiancve
debiancve
CVE-2023-3347
2023-07-20 15:15:11
ibm
ibm
fedora
fedora
[SECURITY] Fedora 37 Update: samba-4.17.10-0.fc37
2023-08-05 01:20:29
[SECURITY] Fedora 38 Update: samba-4.18.5-0.fc38
2023-07-22 01:23:14
redos
redos
ROS-20230920-01
2023-09-20 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2023-07-19 00:00:00
slackware
slackware
[slackware-security] samba
2023-08-04 20:53:11
debian
debian
[SECURITY] [DSA 5477-1] samba security update
2023-08-14 18:38:41
freebsd
freebsd
samba -- multiple vulnerabilities
2023-07-19 00:00:00
cloudfoundry
cloudfoundry
USN-6238-1: Samba vulnerabilities | Cloud Foundry
2023-08-10 00:00:00
mageia
mageia
Updated samba packages fix security vulnerability
2023-08-23 22:56:41
gentoo
gentoo
Samba: Multiple Vulnerabilities
2024-02-19 00:00:00
hp
hp
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
35.7%
Related for ALMA_LINUX_ALSA-2023-4328.NASL