Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2013-1805.NASL
HistoryDec 10, 2013 - 12:00 a.m.

Oracle Linux 6 : samba4 (ELSA-2013-1805)

2013-12-1000:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13

8.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.6%

JSON

From Red Hat Security Advisory 2013:1805 :

Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.

A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges. (CVE-2013-4408)

Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Stefan Metzmacher and Michael Adam of SerNet as the original reporters of this issue.

All users of Samba are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2013:1805 and 
# Oracle Linux Security Advisory ELSA-2013-1805 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(71288);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2013-4408");
  script_bugtraq_id(64191);
  script_xref(name:"RHSA", value:"2013:1805");

  script_name(english:"Oracle Linux 6 : samba4 (ELSA-2013-1805)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Oracle Linux host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"From Red Hat Security Advisory 2013:1805 :

Updated samba4 packages that fix one security issue are now available
for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System
(CVSS) base score, which gives a detailed severity rating, is
available from the CVE link in the References section.

Samba is an open source implementation of the Server Message Block
(SMB) or Common Internet File System (CIFS) protocol, which allows
PC-compatible machines to share files, printers, and other
information.

A heap-based buffer overflow flaw was found in the DCE-RPC client code
in Samba. A specially crafted DCE-RPC packet could cause various Samba
programs to crash or, possibly, execute arbitrary code when parsed. A
malicious or compromised Active Directory Domain Controller could use
this flaw to compromise the winbindd daemon running with root
privileges. (CVE-2013-4408)

Red Hat would like to thank the Samba project for reporting this
issue. Upstream acknowledges Stefan Metzmacher and Michael Adam of
SerNet as the original reporters of this issue.

All users of Samba are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. After
installing this update, the smb service will be restarted
automatically."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2013-December/003862.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected samba4 packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-dc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-dc-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-pidl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-swat");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-winbind");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-winbind-clients");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-winbind-krb5-locator");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/12/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/12/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/10");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Oracle Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);

flag = 0;
if (rpm_check(release:"EL6", reference:"samba4-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-client-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-common-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-dc-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-dc-libs-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-devel-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-libs-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-pidl-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-python-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-swat-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-test-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-winbind-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-winbind-clients-4.0.0-60.el6_5.rc4")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-winbind-krb5-locator-4.0.0-60.el6_5.rc4")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "samba4 / samba4-client / samba4-common / samba4-dc / samba4-dc-libs / etc");
}
VendorProductVersionCPE
oraclelinuxsamba4p-cpe:/a:oracle:linux:samba4
oraclelinuxsamba4-clientp-cpe:/a:oracle:linux:samba4-client
oraclelinuxsamba4-commonp-cpe:/a:oracle:linux:samba4-common
oraclelinuxsamba4-dcp-cpe:/a:oracle:linux:samba4-dc
oraclelinuxsamba4-dc-libsp-cpe:/a:oracle:linux:samba4-dc-libs
oraclelinuxsamba4-develp-cpe:/a:oracle:linux:samba4-devel
oraclelinuxsamba4-libsp-cpe:/a:oracle:linux:samba4-libs
oraclelinuxsamba4-pidlp-cpe:/a:oracle:linux:samba4-pidl
oraclelinuxsamba4-pythonp-cpe:/a:oracle:linux:samba4-python
oraclelinuxsamba4-swatp-cpe:/a:oracle:linux:samba4-swat
Rows per page:
1-10 of 151

Related

openvas 37
samba 1
centos 2
nessus 26
slackware 1
prion 1
veracode 2
ubuntucve 1
cve 1
oraclelinux 3
debiancve 1
cvelist 1
redhat 3
nvd 1
altlinux 3
securityvulns 1
fedora 9
osv 1
freebsd 1
ibm 2
mageia 1
debian 1
suse 3
ubuntu 1
gentoo 1
openvas
openvas
CentOS Update for samba4 CESA-2013:1805 centos6
2013-12-17 00:00:00
Samba >= 3.4.0 DoS Vulnerability (CVE-2013-4408)
2021-09-24 00:00:00
RedHat Update for samba4 RHSA-2013:1805-01
2013-12-17 00:00:00
samba
samba
DCE-RPC fragment length field is incorrectly checked.
2013-12-09 00:00:00
centos
centos
samba4 security update
2013-12-10 01:02:20
libsmbclient, samba, samba3x security update
2013-12-10 01:03:24
nessus
nessus
CentOS 6 : samba4 (CESA-2013:1805)
2013-12-10 00:00:00
Slackware 14.1 / current : samba (SSA:2014-013-04)
2014-01-14 00:00:00
RHEL 6 : samba4 (RHSA-2013:1805)
2013-12-10 00:00:00
slackware
slackware
samba
2014-01-13 22:30:45
prion
prion
Heap overflow
2013-12-10 06:14:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:53:06
Privilege Escalation
2019-05-02 05:00:33
ubuntucve
ubuntucve
CVE-2013-4408
2013-12-09 00:00:00
cve
cve
CVE-2013-4408
2013-12-10 06:14:55
oraclelinux
oraclelinux
samba4 security update
2013-12-09 00:00:00
samba and samba3x security update
2013-12-09 00:00:00
samba security and bug fix update
2018-06-25 00:00:00
debiancve
debiancve
CVE-2013-4408
2013-12-10 06:14:55
cvelist
cvelist
CVE-2013-4408
2013-12-10 02:00:00
redhat
redhat
(RHSA-2013:1805) Important: samba4 security update
2013-12-09 00:00:00
(RHSA-2013:1806) Important: samba and samba3x security update
2013-12-09 00:00:00
(RHSA-2014:0009) Important: samba security update
2014-01-06 00:00:00
nvd
nvd
CVE-2013-4408
2013-12-10 06:14:55
altlinux
altlinux
Security fix for the ALT Linux 8 package samba-DC version 4.1.3-alt1
2013-12-09 00:00:00
Security fix for the ALT Linux 10 package samba version 4.1.3-alt1
2013-12-09 00:00:00
Security fix for the ALT Linux 8 package samba version 4.1.3-alt1
2013-12-09 00:00:00
securityvulns
securityvulns
Samba buffer overflow
2014-01-08 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: samba-4.1.3-2.fc20
2013-12-24 03:39:37
[SECURITY] Fedora 19 Update: samba-4.0.13-1.fc19
2013-12-15 03:35:27
[SECURITY] Fedora 20 Update: samba-4.1.6-1.fc20
2014-03-15 15:15:35
osv
osv
samba - several
2013-12-09 00:00:00
freebsd
freebsd
samba -- multiple vulnerabilities
2012-06-12 00:00:00
ibm
ibm
Security Bulletin: Samba vulnerability issue on IBM Storwize V7000 Unified (CVE-2013-4408 and CVE-2012-6105)
2018-06-18 00:07:38
Security Bulletin: Samba vulnerability issue on SONAS (CVE-2013-4408 and CVE-2012-6105)
2018-06-18 00:07:42
mageia
mageia
Updated samba package fixes multiple vulnerabilities
2013-12-13 02:22:59
debian
debian
[SECURITY] [DSA 2812-1] samba security update
2013-12-09 10:13:23
suse
suse
Security update for Samba (important)
2014-01-07 00:04:36
Security update for samba (important)
2016-04-20 12:07:48
Security update for samba (important)
2016-04-20 12:11:11
ubuntu
ubuntu
Samba vulnerabilities
2013-12-11 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2015-02-25 00:00:00

8.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.6%

JSON
Related for ORACLELINUX_ELSA-2013-1805.NASL
openvas37samba1centos2nessus26slackware1prion1veracode2ubuntucve1cve1oraclelinux3debiancve1cvelist1redhat3nvd1altlinux3securityvulns1fedora9osv1freebsd1ibm2mageia1debian1suse3ubuntu1gentoo1