Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2018-1883.NASL
HistoryJun 27, 2018 - 12:00 a.m.

Oracle Linux 6 : samba4 (ELSA-2018-1883)

2018-06-2700:00:00
This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

From Red Hat Security Advisory 2018:1883 :

An update for samba4 is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.

Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.

Security Fix(es) :

  • samba: NULL pointer indirection in printer server process (CVE-2018-1050)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank the Samba project for reporting this issue.

Additional Changes :

For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.10 Release Notes and Red Hat Enterprise Linux 6.10 Technical Notes linked from the References section.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2018:1883 and 
# Oracle Linux Security Advisory ELSA-2018-1883 respectively.
#

include("compat.inc");

if (description)
{
  script_id(110705);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/09/10");

  script_cve_id("CVE-2018-1050");
  script_xref(name:"RHSA", value:"2018:1883");

  script_name(english:"Oracle Linux 6 : samba4 (ELSA-2018-1883)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote Oracle Linux host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description",
    value:
"From Red Hat Security Advisory 2018:1883 :

An update for samba4 is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security
impact of Low. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link (s) in the References section.

Samba is an open source implementation of the Server Message Block
(SMB) or Common Internet File System (CIFS) protocol, which allows
PC-compatible machines to share files, printers, and other
information.

Security Fix(es) :

* samba: NULL pointer indirection in printer server process
(CVE-2018-1050)

For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.

Red Hat would like to thank the Samba project for reporting this
issue.

Additional Changes :

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 6.10 Release Notes and Red Hat Enterprise Linux 6.10
Technical Notes linked from the References section."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2018-June/007810.html"
  );
  script_set_attribute(
    attribute:"solution",
    value:"Update the affected samba4 packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-dc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-dc-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-pidl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-winbind");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-winbind-clients");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:samba4-winbind-krb5-locator");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/06/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/06/27");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Oracle Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);

flag = 0;
if (rpm_check(release:"EL6", reference:"samba4-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-client-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-common-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-dc-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-dc-libs-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-devel-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-libs-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-pidl-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-python-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-test-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-winbind-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-winbind-clients-4.2.10-15.el6")) flag++;
if (rpm_check(release:"EL6", reference:"samba4-winbind-krb5-locator-4.2.10-15.el6")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
  else security_note(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "samba4 / samba4-client / samba4-common / samba4-dc / samba4-dc-libs / etc");
}
VendorProductVersionCPE
oraclelinuxsamba4p-cpe:/a:oracle:linux:samba4
oraclelinuxsamba4-clientp-cpe:/a:oracle:linux:samba4-client
oraclelinuxsamba4-commonp-cpe:/a:oracle:linux:samba4-common
oraclelinuxsamba4-dcp-cpe:/a:oracle:linux:samba4-dc
oraclelinuxsamba4-dc-libsp-cpe:/a:oracle:linux:samba4-dc-libs
oraclelinuxsamba4-develp-cpe:/a:oracle:linux:samba4-devel
oraclelinuxsamba4-libsp-cpe:/a:oracle:linux:samba4-libs
oraclelinuxsamba4-pidlp-cpe:/a:oracle:linux:samba4-pidl
oraclelinuxsamba4-pythonp-cpe:/a:oracle:linux:samba4-python
oraclelinuxsamba4-testp-cpe:/a:oracle:linux:samba4-test
Rows per page:
1-10 of 141

Related

checkpoint_advisories 1
nessus 40
redhatcve 1
centos 3
alpinelinux 1
debian 4
samba 1
veracode 1
openvas 25
osv 4
ubuntu 2
oraclelinux 3
redhat 5
prion 1
cbl_mariner 1
f5 1
ibm 3
cve 1
ubuntucve 1
debiancve 1
mageia 1
archlinux 1
altlinux 6
cisa 1
fedora 7
thn 1
freebsd 1
threatpost 1
amazon 2
gentoo 1
checkpoint_advisories
checkpoint_advisories
Samba Printer Server spoolss Denial Of Service (CVE-2018-1050)
2018-06-03 00:00:00
nessus
nessus
SUSE SLES11 Security Update : samba (SUSE-SU-2018:0774-1)
2018-03-23 00:00:00
RHEL 6 : samba (RHSA-2018:1860)
2018-06-19 00:00:00
CentOS 6 : samba4 (CESA-2018:1883)
2018-06-22 00:00:00
redhatcve
redhatcve
CVE-2018-1050
2019-10-09 10:03:19
centos
centos
libsmbclient, samba security update
2018-06-21 11:56:04
samba4 security update
2018-06-21 11:56:05
ctdb, libsmbclient, libwbclient, samba security update
2018-12-14 16:36:48
alpinelinux
alpinelinux
CVE-2018-1050
2018-03-13 16:29:00
debian
debian
[SECURITY] [DLA 1320-1] samba security update
2018-03-27 22:36:20
[SECURITY] [DSA 4135-1] samba security update
2018-03-13 09:49:45
[SECURITY] [DSA 4135-1] samba security update
2018-03-13 09:49:45
samba
samba
Denial of Service Attack on external print server.
2018-03-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:23:30
openvas
openvas
Ubuntu: Security Advisory (USN-3595-2)
2022-08-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0832-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0754-1)
2021-04-19 00:00:00
osv
osv
samba - security update
2018-03-27 00:00:00
CVE-2018-1050
2018-03-13 16:29:00
samba - security update
2018-03-13 00:00:00
ubuntu
ubuntu
Samba vulnerability
2018-03-23 00:00:00
Samba vulnerabilities
2018-03-13 00:00:00
oraclelinux
oraclelinux
samba4 security and bug fix update
2018-06-25 00:00:00
samba security, bug fix, and enhancement update
2018-11-05 00:00:00
samba security and bug fix update
2018-06-25 00:00:00
redhat
redhat
(RHSA-2018:1860) Low: samba security and bug fix update
2018-06-19 02:11:16
(RHSA-2018:1883) Low: samba4 security and bug fix update
2018-06-19 02:11:50
(RHSA-2018:3056) Moderate: samba security, bug fix, and enhancement update
2018-10-30 04:13:40
prion
prion
Design/Logic Flaw
2018-03-13 16:29:00
cbl_mariner
cbl_mariner
CVE-2018-1050 affecting package samba 4.12.5-4
2024-05-08 09:06:46
f5
f5
K01494912 : Samba vulnerability CVE-2018-1050
2020-12-17 00:00:00
ibm
ibm
Security Bulletin: Public disclosed vulnerability from Samba affect IBM Netezza Host Management
2019-10-18 03:36:34
Security Bulletin: A vulnerability in Samba affects IBM OS Image for Red Hat Linux Systems on IBM PureApplication (CVE-2018-1050)
2018-10-17 12:20:01
Security Bulletin: Multiple Vulnerabilities in Samba affect IBM i
2019-12-18 14:26:38
cve
cve
CVE-2018-1050
2018-03-13 16:29:00
ubuntucve
ubuntucve
CVE-2018-1050
2018-03-13 00:00:00
debiancve
debiancve
CVE-2018-1050
2018-03-13 16:29:00
mageia
mageia
Updated samba packages fix security vulnerabilities
2018-04-13 23:08:48
archlinux
archlinux
[ASA-201803-10] samba: multiple issues
2018-03-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package samba-DC version 4.6.14-alt1.1
2018-03-15 00:00:00
Security fix for the ALT Linux 8 package samba version 4.6.14-alt1.1
2018-03-15 00:00:00
Security fix for the ALT Linux 10 package samba version 4.6.14-alt1.S1
2018-03-12 00:00:00
cisa
cisa
Samba Releases Security Updates
2018-03-13 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: samba-4.7.6-0.fc27
2018-03-14 19:40:44
[SECURITY] Fedora 27 Update: libldb-1.3.2-1.fc27
2018-03-14 19:40:43
[SECURITY] Fedora 26 Update: samba-4.6.14-0.fc26
2018-03-20 17:38:39
thn
thn
Update Samba Servers Immediately to Patch Password Reset and DoS Vulnerabilities
2018-03-13 10:05:00
freebsd
freebsd
samba -- multiple vulnerabilities
2018-01-03 00:00:00
threatpost
threatpost
Samba Patches Two Critical Vulnerabilities in Server Software
2018-03-13 12:56:17
amazon
amazon
Medium: samba
2018-12-13 20:13:00
Medium: samba
2019-01-22 17:55:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2018-05-22 00:00:00
JSON
Related for ORACLELINUX_ELSA-2018-1883.NASL
checkpoint_advisories1nessus40redhatcve1centos3alpinelinux1debian4samba1veracode1openvas25osv4ubuntu2oraclelinux3redhat5prion1cbl_mariner1f51ibm3cve1ubuntucve1debiancve1mageia1archlinux1altlinux6cisa1fedora7thn1freebsd1threatpost1amazon2gentoo1