DATABASE RESOURCES PRICING ABOUT US

{"id": "REDHAT-RHSA-2022-1756.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : samba (RHSA-2022:1756)", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1756 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2022-05-10T00:00:00", "modified": "2022-11-01T00:00:00", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 3.5}, "severity": "LOW", "exploitabilityScore": 6.8, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 1.6, "impactScore": 5.2}, "href": "https://www.tenable.com/plugins/nessus/160966", "reporter": "This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/security/cve/CVE-2021-20316", "https://bugzilla.redhat.com/2046120", "https://access.redhat.com/security/cve/CVE-2021-44141", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141", "https://access.redhat.com/errata/RHSA-2022:1756", "https://bugzilla.redhat.com/2009673", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20316"], "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "immutableFields": [], "lastseen": "2023-01-10T19:21:12", "viewCount": 4, "enchantments": {"score": {"value": 0.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:2074"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-20316", "ALPINE:CVE-2021-44141"]}, {"type": "cisa", "idList": ["CISA:07D5CC40C9E66F413405DC92522747C5"]}, {"type": "cve", "idList": ["CVE-2021-20316", "CVE-2021-44141"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-20316", "DEBIANCVE:CVE-2021-44141"]}, {"type": "f5", "idList": ["F5:K45752041"]}, {"type": "fedora", "idList": ["FEDORA:49AF8312EC07", "FEDORA:E133C304C758"]}, {"type": "freebsd", "idList": ["8579074C-839F-11EC-A3B2-005056A311D1"]}, {"type": "ibm", "idList": ["34CC9D7721C963B056C83F77396BEE1AE82A312286A43B241F322E84A8E5C203"]}, {"type": "kaspersky", "idList": ["KLA12440"]}, {"type": "mageia", "idList": ["MGASA-2022-0054"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:353332AFBB6514EFED7F5F38820FFD50"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-224.NASL", "ALMA_LINUX_ALSA-2022-2074.NASL", "CENTOS8_RHSA-2022-2074.NASL", "FREEBSD_PKG_8579074C839F11ECA3B2005056A311D1.NASL", "OPENSUSE-2022-0283-1.NASL", "ORACLELINUX_ELSA-2022-2074.NASL", "QNAP_QTS_QUTS_HERO_QSA-22-03.NASL", "REDHAT-RHSA-2022-2074.NASL", "ROCKY_LINUX_RLSA-2022-2074.NASL", "SAMBA_4_15_5.NASL", "SUSE_SU-2022-0283-1.NASL", "SUSE_SU-2022-0323-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-2074"]}, {"type": "redhat", "idList": ["RHSA-2022:1756", "RHSA-2022:2074"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-20316", "RH:CVE-2021-44141"]}, {"type": "redos", "idList": ["ROS-20220208-01"]}, {"type": "rocky", "idList": ["RLSA-2022:2074"]}, {"type": "samba", "idList": ["SAMBA:CVE-2021-44141"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0283-1"]}, {"type": "thn", "idList": ["THN:61909FFAAC80372942BFAE32AACCD487"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-20316", "UB:CVE-2021-44141"]}, {"type": "veracode", "idList": ["VERACODE:33993", "VERACODE:35092"]}]}, "vulnersScore": 0.1}, "_state": {"score": 1673379222, "dependencies": 1673378777}, "_internal": {"score_hash": "a6b4001b2e529fb869c6ead86352e139"}, "pluginID": "160966", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:1756. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160966);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/01\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"RHSA\", value:\"2022:1756\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"RHEL 8 : samba (RHSA-2022:1756)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:1756 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share\n (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-44141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:1756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2009673\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2046120\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 362);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'storage_3_5_nfs_el8': [\n 'rh-gluster-3-nfs-for-rhel-8-x86_64-debug-rpms',\n 'rh-gluster-3-nfs-for-rhel-8-x86_64-rpms',\n 'rh-gluster-3-nfs-for-rhel-8-x86_64-source-rpms'\n ],\n 'storage_3_5_samba_el8': [\n 'rh-gluster-3-samba-for-rhel-8-x86_64-debug-rpms',\n 'rh-gluster-3-samba-for-rhel-8-x86_64-rpms',\n 'rh-gluster-3-samba-for-rhel-8-x86_64-source-rpms'\n ],\n 'storage_3_5_server_el8': [\n 'rh-gluster-3-for-rhel-8-x86_64-debug-rpms',\n 'rh-gluster-3-for-rhel-8-x86_64-rpms',\n 'rh-gluster-3-for-rhel-8-x86_64-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\nvar repos_found = !(isnull(repo_sets) || isnull(max_index(keys(repo_sets))));\n\nvar constraints = [\n {\n 'repo_list': ['storage_3_5_nfs_el8', 'storage_3_5_samba_el8', 'storage_3_5_server_el8'],\n 'pkgs': [\n {'reference':'ctdb-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'libsmbclient-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'libsmbclient-devel-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'libwbclient-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'libwbclient-devel-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'python3-samba-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-client-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-client-libs-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-common-4.15.5-100.el8rhgs', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-common-libs-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-common-tools-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-devel-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-krb5-printing-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-libs-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-pidl-4.15.5-100.el8rhgs', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-vfs-glusterfs-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-winbind-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-winbind-clients-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-winbind-krb5-locator-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-winbind-modules-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'}\n ]\n }\n];\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_list = NULL;\n if (!empty_or_null(constraint_array['repo_list'])) repo_list = constraint_array['repo_list'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n release &&\n rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) &&\n (repos_found || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libsmbclient / libsmbclient-devel / libwbclient / etc');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ctdb", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:libwbclient", "p-cpe:/a:redhat:enterprise_linux:libwbclient-devel", "p-cpe:/a:redhat:enterprise_linux:python3-samba", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-client-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-common-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common-tools", "p-cpe:/a:redhat:enterprise_linux:samba-devel", "p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing", "p-cpe:/a:redhat:enterprise_linux:samba-libs", "p-cpe:/a:redhat:enterprise_linux:samba-pidl", "p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules"], "solution": "Update the affected packages.", "nessusSeverity": "Low", "cvssScoreSource": "CVE-2021-44141", "vendor_cvss2": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}, "vendor_cvss3": {"score": 6.8, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "vpr": {"risk factor": "Medium", "score": "6"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2022-05-10T00:00:00", "vulnerabilityPublicationDate": "2022-01-31T00:00:00", "exploitableWith": []}

{"redhat": [{"lastseen": "2022-08-26T20:43:41", "description": "Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version: samba (4.15.5). (BZ#2013596)\n\nSecurity Fix(es):\n\n* samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n\n* samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-10T08:15:39", "type": "redhat", "title": "(RHSA-2022:2074) Moderate: samba security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-05-10T10:02:50", "id": "RHSA-2022:2074", "href": "https://access.redhat.com/errata/RHSA-2022:2074", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2022-08-26T20:43:41", "description": "Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges.\n\nSecurity Fix(es):\n\n* samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n* samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUsers of samba with Red Hat Gluster Storage are advised to upgrade to these updated packages.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-10T04:11:43", "type": "redhat", "title": "(RHSA-2022:1756) Moderate: samba security, bug fix and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-05-10T04:12:08", "id": "RHSA-2022:1756", "href": "https://access.redhat.com/errata/RHSA-2022:1756", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "almalinux": [{"lastseen": "2022-10-18T17:08:43", "description": "Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version: samba (4.15.5). (BZ#2013596)\n\nSecurity Fix(es):\n\n* samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n\n* samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-10T08:15:39", "type": "almalinux", "title": "Moderate: samba security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-05-10T08:15:23", "id": "ALSA-2022:2074", "href": "https://errata.almalinux.org/8/ALSA-2022-2074.html", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "oraclelinux": [{"lastseen": "2022-08-26T22:28:59", "description": "[4.15.5-5]\n- resolves: rhbz#2064325 - Fix 'create krb5 conf = yes' when a KDC has a\n single IP address.\n[4.15.5-4]\n- resolves: rhbz#2057503 - Fix winbind kerberos ticket refresh\n[4.15.5-3]\n- related: rhbz#1979959 - Fix typo in testparm output\n[4.15.5-2]\n- resolves: rhbz#1979959 - Improve idmap autorid sanity checks and documentation\n[4.15.5-1]\n- resolves: #1995849 - [RFE] Change change password change prompt phrasing\n- resolves: #2029417 - virusfilter_vfs_openat: Not scanned: Directory or special file\n[4.15.5-0]\n- Update to Samba 4.15.5\n- related: rhbz#2013596 - Rebase Samba to the the latest 4.15.x release\n- resolves: rhbz#2046127 - Fix CVE-2021-44141\n- resolves: rhbz#2046153 - Fix CVE-2021-44142\n- resolves: rhbz#2044404 - Printing no longer works on Windows 7\n- resolves: rhbz#2043154 - Fix systemd notifications\n- resolves: rhbz#2049602 - Disable NTLMSSP for ldap client connections (e.g. libads)\n[4.15.4-0]\n- Update to Samba 4.15.4\n- related: rhbz#2013596 - Rebase Samba to the the latest 4.15.x release\n- resolves: rhbz#2039153 - Fix CVE-2021-20316\n- resolves: rhbz#1912549 - Winexe: Kerberos flag not invoking Kerberos Auth\n- resolves: rhbz#2039157 - Fix CVE-2021-43566\n- resolves: rhbz#2038148 - Failed to authenticate users after upgrade samba package to release samba-4.14.5-7\n- resolves: rhbz#2035528 - [smb] Segmentation fault when joining the domain\n- resolves: rhbz#2038796 - filename_convert_internal: open_pathref_fsp [xxx] failed: NT_STATUS_ACCESS_DENIED\n[4.15.3-1]\n- related: rhbz#2013596 - Rebase to version 4.15.3\n- resolves: rhbz#2028029 - Fix possible null pointer dereference in winbind\n- resolves: rhbz#1912549 - Winexe: Kerberos Auth is respected via --use-kerberos=desired\n[4.15.2-2]\n- related: rhbz#2013596 - Remove unneeded lmdb dependency\n[4.15.2-1]\n- resolves: rhbz#2013596 - Rebase to version 4.15.2\n- resolves: rhbz#1999294 - Remove noisy error message in winbindd\n- resolves: rhbz#1958881 - Dont require winbind being online for krb5 auth\n with one-way trusts\n- resolves: rhbz#2019461 - Fix deleting directories with dangling symlinks\n[4.14.5-14]\n- related: rbhz#2019674 - Fix CVE-2020-25717\n- Fix running ktest (selftest)\n[4.14.5-13]\n- related: rbhz#2019674 - Fix CVE-2020-25717\n- Add missing checks for IPA DC server role\n[4.14.5-12]\n- related: rbhz#2019674 - Fix regression with 'allow trusted domains = no'\n[4.14.5-11]\n- resolves: rhbz#2021425 - Add missing PAC buffer types to krb5pac.idl", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-17T00:00:00", "type": "oraclelinux", "title": "samba security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-05-17T00:00:00", "id": "ELSA-2022-2074", "href": "http://linux.oracle.com/errata/ELSA-2022-2074.html", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2023-01-10T19:22:28", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:2074 advisory.\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-12T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : samba (ALSA-2022:2074)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-11-01T00:00:00", "cpe": ["p-cpe:/a:alma:linux:ctdb", "p-cpe:/a:alma:linux:libsmbclient", "p-cpe:/a:alma:linux:libwbclient", "p-cpe:/a:alma:linux:python3-samba", "p-cpe:/a:alma:linux:python3-samba-test", "p-cpe:/a:alma:linux:samba", "p-cpe:/a:alma:linux:samba-client", "p-cpe:/a:alma:linux:samba-client-libs", "p-cpe:/a:alma:linux:samba-common", "p-cpe:/a:alma:linux:samba-common-libs", "p-cpe:/a:alma:linux:samba-common-tools", "p-cpe:/a:alma:linux:samba-krb5-printing", "p-cpe:/a:alma:linux:samba-libs", "p-cpe:/a:alma:linux:samba-pidl", "p-cpe:/a:alma:linux:samba-test", "p-cpe:/a:alma:linux:samba-test-libs", "p-cpe:/a:alma:linux:samba-vfs-iouring", "p-cpe:/a:alma:linux:samba-winbind", "p-cpe:/a:alma:linux:samba-winbind-clients", "p-cpe:/a:alma:linux:samba-winbind-krb5-locator", "p-cpe:/a:alma:linux:samba-winbind-modules", "p-cpe:/a:alma:linux:samba-winexe", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2022-2074.NASL", "href": "https://www.tenable.com/plugins/nessus/161095", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:2074.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161095);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/01\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"ALSA\", value:\"2022:2074\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"AlmaLinux 8 : samba (ALSA-2022:2074)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:2074 advisory.\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-2074.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-winexe\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libsmbclient / libwbclient / python3-samba / python3-samba-test / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-10T19:23:31", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-18T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : samba (ELSA-2022-2074)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-11-01T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:ctdb", "p-cpe:/a:oracle:linux:libsmbclient", "p-cpe:/a:oracle:linux:libsmbclient-devel", "p-cpe:/a:oracle:linux:libwbclient", "p-cpe:/a:oracle:linux:libwbclient-devel", "p-cpe:/a:oracle:linux:python3-samba", "p-cpe:/a:oracle:linux:python3-samba-test", "p-cpe:/a:oracle:linux:samba", "p-cpe:/a:oracle:linux:samba-client", "p-cpe:/a:oracle:linux:samba-client-libs", "p-cpe:/a:oracle:linux:samba-common", "p-cpe:/a:oracle:linux:samba-common-libs", "p-cpe:/a:oracle:linux:samba-common-tools", "p-cpe:/a:oracle:linux:samba-devel", "p-cpe:/a:oracle:linux:samba-krb5-printing", "p-cpe:/a:oracle:linux:samba-libs", "p-cpe:/a:oracle:linux:samba-pidl", "p-cpe:/a:oracle:linux:samba-test", "p-cpe:/a:oracle:linux:samba-test-libs", "p-cpe:/a:oracle:linux:samba-vfs-iouring", "p-cpe:/a:oracle:linux:samba-winbind", "p-cpe:/a:oracle:linux:samba-winbind-clients", "p-cpe:/a:oracle:linux:samba-winbind-krb5-locator", "p-cpe:/a:oracle:linux:samba-winbind-modules", "p-cpe:/a:oracle:linux:samba-winexe"], "id": "ORACLELINUX_ELSA-2022-2074.NASL", "href": "https://www.tenable.com/plugins/nessus/161285", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-2074.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161285);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/01\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"Oracle Linux 8 : samba (ELSA-2022-2074)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share\n (CVE-2021-20316)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-2074.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winexe\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libsmbclient / libsmbclient-devel / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-10T19:23:32", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:2074 advisory.\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-18T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : samba (RLSA-2022:2074)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-11-01T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:ctdb", "p-cpe:/a:rocky:linux:ctdb-debuginfo", "p-cpe:/a:rocky:linux:libsmbclient", "p-cpe:/a:rocky:linux:libsmbclient-debuginfo", "p-cpe:/a:rocky:linux:libsmbclient-devel", "p-cpe:/a:rocky:linux:libwbclient", "p-cpe:/a:rocky:linux:libwbclient-debuginfo", "p-cpe:/a:rocky:linux:libwbclient-devel", "p-cpe:/a:rocky:linux:python3-samba", "p-cpe:/a:rocky:linux:python3-samba-debuginfo", "p-cpe:/a:rocky:linux:python3-samba-devel", "p-cpe:/a:rocky:linux:python3-samba-test", "p-cpe:/a:rocky:linux:samba", "p-cpe:/a:rocky:linux:samba-client", "p-cpe:/a:rocky:linux:samba-client-debuginfo", "p-cpe:/a:rocky:linux:samba-client-libs", "p-cpe:/a:rocky:linux:samba-client-libs-debuginfo", "p-cpe:/a:rocky:linux:samba-common", "p-cpe:/a:rocky:linux:samba-common-libs", "p-cpe:/a:rocky:linux:samba-common-libs-debuginfo", "p-cpe:/a:rocky:linux:samba-common-tools", "p-cpe:/a:rocky:linux:samba-common-tools-debuginfo", "p-cpe:/a:rocky:linux:samba-debuginfo", "p-cpe:/a:rocky:linux:samba-debugsource", "p-cpe:/a:rocky:linux:samba-devel", "p-cpe:/a:rocky:linux:samba-krb5-printing", "p-cpe:/a:rocky:linux:samba-krb5-printing-debuginfo", "p-cpe:/a:rocky:linux:samba-libs", "p-cpe:/a:rocky:linux:samba-libs-debuginfo", "p-cpe:/a:rocky:linux:samba-pidl", "p-cpe:/a:rocky:linux:samba-test", "p-cpe:/a:rocky:linux:samba-test-debuginfo", "p-cpe:/a:rocky:linux:samba-test-libs", "p-cpe:/a:rocky:linux:samba-test-libs-debuginfo", "p-cpe:/a:rocky:linux:samba-vfs-iouring", "p-cpe:/a:rocky:linux:samba-vfs-iouring-debuginfo", "p-cpe:/a:rocky:linux:samba-winbind", "p-cpe:/a:rocky:linux:samba-winbind-clients", "p-cpe:/a:rocky:linux:samba-winbind-clients-debuginfo", "p-cpe:/a:rocky:linux:samba-winbind-debuginfo", "p-cpe:/a:rocky:linux:samba-winbind-krb5-locator", "p-cpe:/a:rocky:linux:samba-winbind-krb5-locator-debuginfo", "p-cpe:/a:rocky:linux:samba-winbind-modules", "p-cpe:/a:rocky:linux:samba-winbind-modules-debuginfo", "p-cpe:/a:rocky:linux:samba-winexe", "p-cpe:/a:rocky:linux:samba-winexe-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-2074.NASL", "href": "https://www.tenable.com/plugins/nessus/161339", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:2074.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161339);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/01\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"RLSA\", value:\"2022:2074\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"Rocky Linux 8 : samba (RLSA-2022:2074)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2022:2074 advisory.\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:2074\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1979959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1995849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1999294\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2009673\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2013596\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2019461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2028029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2035528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2038148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2038796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2043154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2044404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2046120\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2049602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2057503\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2064325\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libsmbclient-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libwbclient-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-client-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-common-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-common-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-krb5-printing-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-test-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-vfs-iouring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-clients-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-krb5-locator-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winexe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winexe-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debugsource-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debugsource-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debugsource-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / ctdb-debuginfo / libsmbclient / libsmbclient-debuginfo / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-10T19:21:34", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-10T00:00:00", "type": "nessus", "title": "CentOS 8 : samba (CESA-2022:2074)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-11-01T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:ctdb", "p-cpe:/a:centos:centos:libsmbclient", "p-cpe:/a:centos:centos:libsmbclient-devel", "p-cpe:/a:centos:centos:libwbclient", "p-cpe:/a:centos:centos:libwbclient-devel", "p-cpe:/a:centos:centos:python3-samba", "p-cpe:/a:centos:centos:python3-samba-test", "p-cpe:/a:centos:centos:samba", "p-cpe:/a:centos:centos:samba-client", "p-cpe:/a:centos:centos:samba-client-libs", "p-cpe:/a:centos:centos:samba-common", "p-cpe:/a:centos:centos:samba-common-libs", "p-cpe:/a:centos:centos:samba-common-tools", "p-cpe:/a:centos:centos:samba-devel", "p-cpe:/a:centos:centos:samba-krb5-printing", "p-cpe:/a:centos:centos:samba-libs", "p-cpe:/a:centos:centos:samba-pidl", "p-cpe:/a:centos:centos:samba-test", "p-cpe:/a:centos:centos:samba-test-libs", "p-cpe:/a:centos:centos:samba-vfs-iouring", "p-cpe:/a:centos:centos:samba-winbind", "p-cpe:/a:centos:centos:samba-winbind-clients", "p-cpe:/a:centos:centos:samba-winbind-krb5-locator", "p-cpe:/a:centos:centos:samba-winbind-modules", "p-cpe:/a:centos:centos:samba-winexe"], "id": "CENTOS8_RHSA-2022-2074.NASL", "href": "https://www.tenable.com/plugins/nessus/160964", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:2074. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160964);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/01\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"RHSA\", value:\"2022:2074\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"CentOS 8 : samba (CESA-2022:2074)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2022:2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share\n (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:2074\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winexe\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libsmbclient / libsmbclient-devel / libwbclient / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-24T00:28:14", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-11T00:00:00", "type": "nessus", "title": "RHEL 8 : samba (RHSA-2022:2074)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:ctdb", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:libwbclient", "p-cpe:/a:redhat:enterprise_linux:libwbclient-devel", "p-cpe:/a:redhat:enterprise_linux:python3-samba", "p-cpe:/a:redhat:enterprise_linux:python3-samba-test", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-client-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-common-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common-tools", "p-cpe:/a:redhat:enterprise_linux:samba-devel", "p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing", "p-cpe:/a:redhat:enterprise_linux:samba-libs", "p-cpe:/a:redhat:enterprise_linux:samba-pidl", "p-cpe:/a:redhat:enterprise_linux:samba-test", "p-cpe:/a:redhat:enterprise_linux:samba-test-libs", "p-cpe:/a:redhat:enterprise_linux:samba-vfs-iouring", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules", "p-cpe:/a:redhat:enterprise_linux:samba-winexe"], "id": "REDHAT-RHSA-2022-2074.NASL", "href": "https://www.tenable.com/plugins/nessus/161020", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:2074. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161020);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"RHSA\", value:\"2022:2074\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"RHEL 8 : samba (RHSA-2022:2074)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share\n (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-44141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:2074\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2009673\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2046120\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(59, 200, 362);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winexe\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ctdb-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ctdb-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libsmbclient / libsmbclient-devel / libwbclient / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-10T19:15:22", "description": "The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0323-1 advisory.\n\n - An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc. (CVE-2020-29361)\n\n - All versions of Samba prior to 4.15.0 are vulnerable to a malicious client using an SMB1 or NFS symlink race to allow filesystem metadata to be accessed in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-20316)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba Team reports: (CVE-2021-44141, CVE-2022-0336)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-04T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2022:0323-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25721", "CVE-2020-29361", "CVE-2021-20316", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-11-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_apparmor", "p-cpe:/a:novell:suse_linux:apparmor-docs", "p-cpe:/a:novell:suse_linux:apparmor-parser", "p-cpe:/a:novell:suse_linux:apparmor-profiles", "p-cpe:/a:novell:suse_linux:apparmor-utils", "p-cpe:/a:novell:suse_linux:ca-certificates", "p-cpe:/a:novell:suse_linux:ctdb", "p-cpe:/a:novell:suse_linux:libapparmor-devel", "p-cpe:/a:novell:suse_linux:libapparmor1", "p-cpe:/a:novell:suse_linux:libapparmor1-32bit", "p-cpe:/a:novell:suse_linux:libgnutls30", "p-cpe:/a:novell:suse_linux:libgnutls30-32bit", "p-cpe:/a:novell:suse_linux:libhogweed4", "p-cpe:/a:novell:suse_linux:libhogweed4-32bit", "p-cpe:/a:novell:suse_linux:libipa_hbac-devel", "p-cpe:/a:novell:suse_linux:libipa_hbac0", "p-cpe:/a:novell:suse_linux:libnettle6", "p-cpe:/a:novell:suse_linux:libnettle6-32bit", "p-cpe:/a:novell:suse_linux:libp11-kit0", "p-cpe:/a:novell:suse_linux:libp11-kit0-32bit", "p-cpe:/a:novell:suse_linux:libsamba-policy-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy0-python3", "p-cpe:/a:novell:suse_linux:libsamba-policy0-python3-32bit", "p-cpe:/a:novell:suse_linux:libsss_certmap0", "p-cpe:/a:novell:suse_linux:libsss_idmap-devel", "p-cpe:/a:novell:suse_linux:libsss_idmap0", "p-cpe:/a:novell:suse_linux:libsss_nss_idmap-devel", "p-cpe:/a:novell:suse_linux:libsss_nss_idmap0", "p-cpe:/a:novell:suse_linux:libsss_simpleifp0", "p-cpe:/a:novell:suse_linux:p11-kit", "p-cpe:/a:novell:suse_linux:p11-kit-32bit", "p-cpe:/a:novell:suse_linux:p11-kit-devel", "p-cpe:/a:novell:suse_linux:p11-kit-nss-trust", "p-cpe:/a:novell:suse_linux:p11-kit-tools", "p-cpe:/a:novell:suse_linux:pam_apparmor", "p-cpe:/a:novell:suse_linux:pam_apparmor-32bit", "p-cpe:/a:novell:suse_linux:perl-apparmor", "p-cpe:/a:novell:suse_linux:python-sssd-config", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-32bit", "p-cpe:/a:novell:suse_linux:samba-client-libs", "p-cpe:/a:novell:suse_linux:samba-client-libs-32bit", "p-cpe:/a:novell:suse_linux:samba-devel", "p-cpe:/a:novell:suse_linux:samba-devel-32bit", "p-cpe:/a:novell:suse_linux:samba-doc", "p-cpe:/a:novell:suse_linux:samba-ldb-ldap", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-32bit", "p-cpe:/a:novell:suse_linux:samba-libs-python3", "p-cpe:/a:novell:suse_linux:samba-libs-python3-32bit", "p-cpe:/a:novell:suse_linux:samba-python3", "p-cpe:/a:novell:suse_linux:samba-tool", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-libs", "p-cpe:/a:novell:suse_linux:samba-winbind-libs-32bit", "p-cpe:/a:novell:suse_linux:sssd", "p-cpe:/a:novell:suse_linux:sssd-ad", "p-cpe:/a:novell:suse_linux:sssd-common", "p-cpe:/a:novell:suse_linux:sssd-dbus", "p-cpe:/a:novell:suse_linux:sssd-ipa", "p-cpe:/a:novell:suse_linux:sssd-krb5", "p-cpe:/a:novell:suse_linux:sssd-krb5-common", "p-cpe:/a:novell:suse_linux:sssd-ldap", "p-cpe:/a:novell:suse_linux:sssd-proxy", "p-cpe:/a:novell:suse_linux:sssd-tools", "p-cpe:/a:novell:suse_linux:yast2-samba-client", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-0323-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157373", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0323-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157373);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/08\");\n\n script_cve_id(\n \"CVE-2020-25721\",\n \"CVE-2020-29361\",\n \"CVE-2021-20316\",\n \"CVE-2021-43566\",\n \"CVE-2021-44141\",\n \"CVE-2021-44142\",\n \"CVE-2022-0336\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0323-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2022:0323-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0323-1 advisory.\n\n - An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered\n in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are\n missing before calling realloc or calloc. (CVE-2020-29361)\n\n - All versions of Samba prior to 4.15.0 are vulnerable to a malicious client using an SMB1 or NFS symlink\n race to allow filesystem metadata to be accessed in an area of the server file system not exported under\n the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for\n this attack to succeed. (CVE-2021-20316)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba Team reports: (CVE-2021-44141, CVE-2022-0336)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution\n (CVE-2021-44142)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1089938\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1139519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158916\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180064\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1182058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193533\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194859\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195048\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010181.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f1fe4996\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-43566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0336\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-profiles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ca-certificates\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgnutls30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgnutls30-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libhogweed4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libhogweed4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libipa_hbac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libipa_hbac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnettle6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnettle6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libp11-kit0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libp11-kit0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_certmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_nss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_nss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_simpleifp0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:p11-kit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:p11-kit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:p11-kit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:p11-kit-nss-trust\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:p11-kit-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pam_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pam_apparmor-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-sssd-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ldb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ad\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ipa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-krb5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:yast2-samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4/5\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'apache2-mod_apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apparmor-docs-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apparmor-parser-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apparmor-profiles-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apparmor-utils-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'ca-certificates-1_201403302107-15.3.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libapparmor1-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libapparmor1-32bit-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libgnutls30-3.4.17-8.4.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libgnutls30-32bit-3.4.17-8.4.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libhogweed4-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libhogweed4-32bit-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libipa_hbac0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libnettle6-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libnettle6-32bit-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libp11-kit0-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libp11-kit0-32bit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsamba-policy0-python3-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsamba-policy0-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsss_certmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsss_idmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsss_nss_idmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsss_simpleifp0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'p11-kit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'p11-kit-32bit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'p11-kit-nss-trust-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'p11-kit-tools-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'pam_apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'pam_apparmor-32bit-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'perl-apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'python-sssd-config-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-client-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-client-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-client-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-client-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-doc-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-ldb-ldap-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-libs-python3-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-libs-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-tool-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-winbind-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-winbind-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-winbind-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-ad-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-common-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-dbus-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-ipa-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-krb5-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-krb5-common-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-ldap-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-proxy-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-tools-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'yast2-samba-client-3.1.23-3.3.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'ctdb-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-ha-release-12.5'},\n {'reference':'ctdb-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-ha-release-12.5'},\n {'reference':'ctdb-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-ha-release-12.5'},\n {'reference':'libapparmor-devel-2.8.2-56.6.3', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libapparmor-devel-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libipa_hbac-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libipa_hbac-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsamba-policy-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsamba-policy-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsamba-policy-python3-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsamba-policy-python3-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'p11-kit-devel-0.23.2-8.3.2', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'p11-kit-devel-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'samba-devel-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'samba-devel-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'apache2-mod_apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apparmor-docs-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apparmor-parser-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apparmor-profiles-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apparmor-utils-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'ca-certificates-1_201403302107-15.3.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libapparmor1-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libapparmor1-32bit-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libgnutls30-3.4.17-8.4.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libgnutls30-32bit-3.4.17-8.4.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libhogweed4-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libhogweed4-32bit-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libipa_hbac0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libnettle6-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libnettle6-32bit-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libp11-kit0-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libp11-kit0-32bit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsamba-policy0-python3-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsamba-policy0-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsss_certmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsss_idmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsss_nss_idmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsss_simpleifp0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'p11-kit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'p11-kit-32bit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'p11-kit-nss-trust-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'p11-kit-tools-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'pam_apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'pam_apparmor-32bit-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'perl-apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'python-sssd-config-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-client-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-client-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-client-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-client-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-doc-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-ldb-ldap-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-libs-python3-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-libs-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-tool-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-winbind-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-winbind-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-winbind-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-ad-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-common-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-dbus-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-ipa-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-krb5-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-krb5-common-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-ldap-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-proxy-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-tools-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'yast2-samba-client-3.1.23-3.3.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2-mod_apparmor / apparmor-docs / apparmor-parser / etc');\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-01-10T19:16:05", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0283-1 advisory.\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\n - ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. (CVE-2021-36222)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Clients that have write access to the exported part of the file system under a share via SMB1 unix extensions or via NFS can create symlinks that point to arbitrary files or directories on the server filesystem. Clients can then use SMB1 unix extension information queries to determine if the target of the symlink exists or not by examining error codes returned from the smbd server. There is no ability to access these files or directories, only to determine if they exist or not. If SMB1 is turned off and only SMB2 is used, or unix extensions are not enabled then there is no way to discover if a symlink points to a valid target or not via SMB2. For this reason, even if symlinks are created via NFS, if the Samba server does not allow SMB1 with unix extensions there is no way to exploit this bug. Finding out what files or directories exist on a file server can help attackers guess system user names or the exact operating system release and applications running on the server hosting Samba which may help mount further attacks. SMB1 has been disabled on Samba since version 4.11.0 and onwards. Exploitation of this bug has not been seen in the wild. (CVE-2021-44141)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-02T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : samba (openSUSE-SU-2022:0283-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277", "CVE-2021-20316", "CVE-2021-36222", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-11-08T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_apparmor", "p-cpe:/a:novell:opensuse:apparmor-abstractions", "p-cpe:/a:novell:opensuse:apparmor-parser", "p-cpe:/a:novell:opensuse:apparmor-parser-lang", "p-cpe:/a:novell:opensuse:apparmor-profiles", "p-cpe:/a:novell:opensuse:apparmor-utils", "p-cpe:/a:novell:opensuse:apparmor-utils-lang", "p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda", "p-cpe:/a:novell:opensuse:krb5", "p-cpe:/a:novell:opensuse:krb5-32bit", "p-cpe:/a:novell:opensuse:krb5-client", "p-cpe:/a:novell:opensuse:krb5-devel", "p-cpe:/a:novell:opensuse:krb5-devel-32bit", "p-cpe:/a:novell:opensuse:krb5-mini", "p-cpe:/a:novell:opensuse:krb5-mini-devel", "p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap", "p-cpe:/a:novell:opensuse:krb5-plugin-preauth-otp", "p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit", "p-cpe:/a:novell:opensuse:krb5-plugin-preauth-spake", "p-cpe:/a:novell:opensuse:krb5-server", "p-cpe:/a:novell:opensuse:ldb-tools", "p-cpe:/a:novell:opensuse:libapparmor-devel", "p-cpe:/a:novell:opensuse:libapparmor1", "p-cpe:/a:novell:opensuse:libapparmor1-32bit", "p-cpe:/a:novell:opensuse:libipa_hbac-devel", "p-cpe:/a:novell:opensuse:libipa_hbac0", "p-cpe:/a:novell:opensuse:libldb-devel", "p-cpe:/a:novell:opensuse:libldb2", "p-cpe:/a:novell:opensuse:libldb2-32bit", "p-cpe:/a:novell:opensuse:libnfsidmap-sss", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-64bit", "p-cpe:/a:novell:opensuse:libsss_certmap-devel", "p-cpe:/a:novell:opensuse:libsss_certmap0", "p-cpe:/a:novell:opensuse:libsss_idmap-devel", "p-cpe:/a:novell:opensuse:libsss_idmap0", "p-cpe:/a:novell:opensuse:libsss_nss_idmap-devel", "p-cpe:/a:novell:opensuse:libsss_nss_idmap0", "p-cpe:/a:novell:opensuse:libsss_simpleifp-devel", "p-cpe:/a:novell:opensuse:libsss_simpleifp0", "p-cpe:/a:novell:opensuse:libtalloc-devel", "p-cpe:/a:novell:opensuse:libtalloc2", "p-cpe:/a:novell:opensuse:libtalloc2-32bit", "p-cpe:/a:novell:opensuse:libtdb-devel", "p-cpe:/a:novell:opensuse:libtdb1", "p-cpe:/a:novell:opensuse:libtdb1-32bit", "p-cpe:/a:novell:opensuse:libtevent-devel", "p-cpe:/a:novell:opensuse:libtevent0", "p-cpe:/a:novell:opensuse:libtevent0-32bit", "p-cpe:/a:novell:opensuse:pam_apparmor", "p-cpe:/a:novell:opensuse:pam_apparmor-32bit", "p-cpe:/a:novell:opensuse:perl-apparmor", "p-cpe:/a:novell:opensuse:python3-apparmor", "p-cpe:/a:novell:opensuse:python3-ipa_hbac", "p-cpe:/a:novell:opensuse:python3-ldb", "p-cpe:/a:novell:opensuse:python3-ldb-32bit", "p-cpe:/a:novell:opensuse:python3-ldb-devel", "p-cpe:/a:novell:opensuse:python3-sss-murmur", "p-cpe:/a:novell:opensuse:python3-sss_nss_idmap", "p-cpe:/a:novell:opensuse:python3-sssd-config", "p-cpe:/a:novell:opensuse:python3-talloc", "p-cpe:/a:novell:opensuse:python3-talloc-32bit", "p-cpe:/a:novell:opensuse:python3-talloc-devel", "p-cpe:/a:novell:opensuse:python3-tdb", "p-cpe:/a:novell:opensuse:python3-tdb-32bit", "p-cpe:/a:novell:opensuse:python3-tevent", "p-cpe:/a:novell:opensuse:python3-tevent-32bit", "p-cpe:/a:novell:opensuse:ruby-apparmor", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:samba-ad-dc", "p-cpe:/a:novell:opensuse:samba-ad-dc-libs", "p-cpe:/a:novell:opensuse:samba-ad-dc-libs-32bit", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:samba-client-64bit", "p-cpe:/a:novell:opensuse:samba-client-libs", "p-cpe:/a:novell:opensuse:samba-client-libs-32bit", "p-cpe:/a:novell:opensuse:samba-devel", "p-cpe:/a:novell:opensuse:samba-devel-32bit", "p-cpe:/a:novell:opensuse:samba-dsdb-modules", "p-cpe:/a:novell:opensuse:samba-gpupdate", "p-cpe:/a:novell:opensuse:samba-ldb-ldap", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:samba-libs-64bit", "p-cpe:/a:novell:opensuse:samba-libs-python3", "p-cpe:/a:novell:opensuse:samba-libs-python3-32bit", "p-cpe:/a:novell:opensuse:samba-libs-python3-64bit", "p-cpe:/a:novell:opensuse:samba-python3", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:samba-tool", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:samba-winbind-libs", "p-cpe:/a:novell:opensuse:samba-winbind-libs-32bit", "p-cpe:/a:novell:opensuse:sssd", "p-cpe:/a:novell:opensuse:sssd-ad", "p-cpe:/a:novell:opensuse:sssd-common", "p-cpe:/a:novell:opensuse:sssd-dbus", "p-cpe:/a:novell:opensuse:sssd-ipa", "p-cpe:/a:novell:opensuse:sssd-krb5", "p-cpe:/a:novell:opensuse:sssd-krb5-common", "p-cpe:/a:novell:opensuse:sssd-ldap", "p-cpe:/a:novell:opensuse:sssd-proxy", "p-cpe:/a:novell:opensuse:sssd-tools", "p-cpe:/a:novell:opensuse:sssd-wbclient", "p-cpe:/a:novell:opensuse:sssd-wbclient-devel", "p-cpe:/a:novell:opensuse:sssd-winbind-idmap", "p-cpe:/a:novell:opensuse:talloc-man", "p-cpe:/a:novell:opensuse:tdb-tools", "p-cpe:/a:novell:opensuse:tevent-man", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0283-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157325", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0283-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157325);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/08\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\",\n \"CVE-2021-20316\",\n \"CVE-2021-36222\",\n \"CVE-2021-43566\",\n \"CVE-2021-44141\",\n \"CVE-2021-44142\",\n \"CVE-2022-0336\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0487\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n script_xref(name:\"IAVB\", value:\"2021-B-0054-S\");\n\n script_name(english:\"openSUSE 15 Security Update : samba (openSUSE-SU-2022:0283-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0283-1 advisory.\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to\n an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The\n highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\n - ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before\n 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon\n crash. This occurs because a return value is not properly managed in a certain situation. (CVE-2021-36222)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Clients that\n have write access to the exported part of the file system under a share via SMB1 unix extensions or via\n NFS can create symlinks that point to arbitrary files or directories on the server filesystem. Clients can\n then use SMB1 unix extension information queries to determine if the target of the symlink exists or not\n by examining error codes returned from the smbd server. There is no ability to access these files or\n directories, only to determine if they exist or not. If SMB1 is turned off and only SMB2 is used, or unix\n extensions are not enabled then there is no way to discover if a symlink points to a valid target or not\n via SMB2. For this reason, even if symlinks are created via NFS, if the Samba server does not allow SMB1\n with unix extensions there is no way to exploit this bug. Finding out what files or directories exist on a\n file server can help attackers guess system user names or the exact operating system release and\n applications running on the server hosting Samba which may help mount further attacks. SMB1 has been\n disabled on Samba since version 4.11.0 and onwards. Exploitation of this bug has not been seen in the\n wild. (CVE-2021-44141)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution\n (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that\n SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an\n account modification re-adds an SPN that was previously present on that account, such as one added when a\n computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to\n perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an\n attacker who can intercept traffic can impersonate existing services, resulting in a loss of\n confidentiality and integrity. (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1139519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183574\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1188571\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194859\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195048\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/72ZRNFZ3DE3TJA7HFCVV476YJN6I4B5M/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dafccda9\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27840\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20277\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-36222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-43566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0336\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-abstractions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-parser-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-profiles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-utils-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-otp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-spake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapparmor-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapparmor1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapparmor1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipa_hbac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipa_hbac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnfsidmap-sss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-64bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_certmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_certmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_nss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_nss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_simpleifp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_simpleifp0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam_apparmor-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ipa_hbac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-sss-murmur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-sss_nss_idmap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-sssd-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-talloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-talloc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-talloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tdb-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tevent-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-64bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-gpupdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ldb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-64bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-64bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-ad\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-ipa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-krb5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-wbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-wbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-winbind-idmap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:talloc-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tdb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tevent-man\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'apache2-mod_apparmor-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-abstractions-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-parser-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-parser-lang-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-profiles-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-utils-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-utils-lang-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-pcp-pmda-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-32bit-1.19.2-150300.8.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-client-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-devel-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-devel-32bit-1.19.2-150300.8.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-mini-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-mini-devel-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-plugin-kdb-ldap-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-plugin-preauth-otp-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-plugin-preauth-pkinit-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-plugin-preauth-spake-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-server-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ldb-tools-2.4.1-150300.3.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libapparmor-devel-2.13.6-150300.3.11.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libapparmor1-2.13.6-150300.3.11.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libapparmor1-32bit-2.13.6-150300.3.11.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libipa_hbac-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libipa_hbac0-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libldb-devel-2.4.1-150300.3.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libldb2-2.4.1-150300.3.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libldb2-32bit-2.4.1-150300.3.10.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnfsidmap-sss-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsamba-policy-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsamba-policy-python3-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsamba-policy0-python3-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsamba-policy0-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsamba-policy0-python3-64bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'aarch64_ilp32', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_certmap-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_certmap0-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_idmap-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_idmap0-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_nss_idmap-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_nss_idmap0-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_simpleifp-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_simpleifp0-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtalloc-devel-2.3.3-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtalloc2-2.3.3-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtalloc2-32bit-2.3.3-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtdb-devel-1.4.4-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtdb1-1.4.4-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtdb1-32bit-1.4.4-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtevent-devel-0.11.0-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtevent0-0.11.0-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtevent0-32bit-0.11.0-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pam_apparmor-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pam_apparmor-32bit-2.13.6-150300.3.11.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-apparmor-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-apparmor-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-ipa_hbac-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-ldb-2.4.1-150300.3.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-ldb-32bit-2.4.1-150300.3.10.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-ldb-devel-2.4.1-150300.3.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sss-murmur-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sss_nss_idmap-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sssd-config-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-talloc-2.3.3-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-talloc-32bit-2.3.3-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-talloc-devel-2.3.3-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tdb-1.4.4-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tdb-32bit-1.4.4-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tevent-0.11.0-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tevent-32bit-0.11.0-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-apparmor-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ad-dc-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ad-dc-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ad-dc-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-64bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'aarch64_ilp32', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dsdb-modules-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-gpupdate-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ldb-ldap-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-64bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'aarch64_ilp32', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-python3-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-python3-64bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'aarch64_ilp32', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-tool-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-ad-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-common-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-dbus-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-ipa-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-krb5-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-krb5-common-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-ldap-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-proxy-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-tools-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-wbclient-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-wbclient-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-winbind-idmap-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'talloc-man-2.3.3-150300.3.3.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tdb-tools-1.4.4-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tevent-man-0.11.0-150300.3.3.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2-mod_apparmor / apparmor-abstractions / apparmor-parser / etc');\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-01-10T19:16:05", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0283-1 advisory.\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\n - ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. (CVE-2021-36222)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Clients that have write access to the exported part of the file system under a share via SMB1 unix extensions or via NFS can create symlinks that point to arbitrary files or directories on the server filesystem. Clients can then use SMB1 unix extension information queries to determine if the target of the symlink exists or not by examining error codes returned from the smbd server. There is no ability to access these files or directories, only to determine if they exist or not. If SMB1 is turned off and only SMB2 is used, or unix extensions are not enabled then there is no way to discover if a symlink points to a valid target or not via SMB2. For this reason, even if symlinks are created via NFS, if the Samba server does not allow SMB1 with unix extensions there is no way to exploit this bug. Finding out what files or directories exist on a file server can help attackers guess system user names or the exact operating system release and applications running on the server hosting Samba which may help mount further attacks. SMB1 has been disabled on Samba since version 4.11.0 and onwards. Exploitation of this bug has not been seen in the wild. (CVE-2021-44141)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2022:0283-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277", "CVE-2021-20316", "CVE-2021-36222", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-11-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_apparmor", "p-cpe:/a:novell:suse_linux:apparmor-abstractions", "p-cpe:/a:novell:suse_linux:apparmor-docs", "p-cpe:/a:novell:suse_linux:apparmor-parser", "p-cpe:/a:novell:suse_linux:apparmor-parser-lang", "p-cpe:/a:novell:suse_linux:apparmor-profiles", "p-cpe:/a:novell:suse_linux:apparmor-utils", "p-cpe:/a:novell:suse_linux:apparmor-utils-lang", "p-cpe:/a:novell:suse_linux:ctdb", "p-cpe:/a:novell:suse_linux:krb5", "p-cpe:/a:novell:suse_linux:krb5-32bit", "p-cpe:/a:novell:suse_linux:krb5-client", "p-cpe:/a:novell:suse_linux:krb5-devel", "p-cpe:/a:novell:suse_linux:krb5-plugin-kdb-ldap", "p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-otp", "p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-pkinit", "p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-spake", "p-cpe:/a:novell:suse_linux:krb5-server", "p-cpe:/a:novell:suse_linux:ldb-tools", "p-cpe:/a:novell:suse_linux:libapparmor-devel", "p-cpe:/a:novell:suse_linux:libapparmor1", "p-cpe:/a:novell:suse_linux:libapparmor1-32bit", "p-cpe:/a:novell:suse_linux:libipa_hbac-devel", "p-cpe:/a:novell:suse_linux:libipa_hbac0", "p-cpe:/a:novell:suse_linux:libldb-devel", "p-cpe:/a:novell:suse_linux:libldb2", "p-cpe:/a:novell:suse_linux:libldb2-32bit", "p-cpe:/a:novell:suse_linux:libsamba-policy-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy0-python3", "p-cpe:/a:novell:suse_linux:libsss_certmap-devel", "p-cpe:/a:novell:suse_linux:libsss_certmap0", "p-cpe:/a:novell:suse_linux:libsss_idmap-devel", "p-cpe:/a:novell:suse_linux:libsss_idmap0", "p-cpe:/a:novell:suse_linux:libsss_nss_idmap-devel", "p-cpe:/a:novell:suse_linux:libsss_nss_idmap0", "p-cpe:/a:novell:suse_linux:libsss_simpleifp-devel", "p-cpe:/a:novell:suse_linux:libsss_simpleifp0", "p-cpe:/a:novell:suse_linux:libtalloc-devel", "p-cpe:/a:novell:suse_linux:libtalloc2", "p-cpe:/a:novell:suse_linux:libtalloc2-32bit", "p-cpe:/a:novell:suse_linux:libtdb-devel", "p-cpe:/a:novell:suse_linux:libtdb1", "p-cpe:/a:novell:suse_linux:libtdb1-32bit", "p-cpe:/a:novell:suse_linux:libtevent-devel", "p-cpe:/a:novell:suse_linux:libtevent0", "p-cpe:/a:novell:suse_linux:libtevent0-32bit", "p-cpe:/a:novell:suse_linux:pam_apparmor", "p-cpe:/a:novell:suse_linux:pam_apparmor-32bit", "p-cpe:/a:novell:suse_linux:perl-apparmor", "p-cpe:/a:novell:suse_linux:python3-apparmor", "p-cpe:/a:novell:suse_linux:python3-ldb", "p-cpe:/a:novell:suse_linux:python3-ldb-devel", "p-cpe:/a:novell:suse_linux:python3-sssd-config", "p-cpe:/a:novell:suse_linux:python3-talloc", "p-cpe:/a:novell:suse_linux:python3-talloc-devel", "p-cpe:/a:novell:suse_linux:python3-tdb", "p-cpe:/a:novell:suse_linux:python3-tevent", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-ad-dc", "p-cpe:/a:novell:suse_linux:samba-ad-dc-libs", "p-cpe:/a:novell:suse_linux:samba-ad-dc-libs-32bit", "p-cpe:/a:novell:suse_linux:samba-ceph", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-32bit", "p-cpe:/a:novell:suse_linux:samba-client-libs", "p-cpe:/a:novell:suse_linux:samba-client-libs-32bit", "p-cpe:/a:novell:suse_linux:samba-devel", "p-cpe:/a:novell:suse_linux:samba-devel-32bit", "p-cpe:/a:novell:suse_linux:samba-dsdb-modules", "p-cpe:/a:novell:suse_linux:samba-gpupdate", "p-cpe:/a:novell:suse_linux:samba-ldb-ldap", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-32bit", "p-cpe:/a:novell:suse_linux:samba-libs-python3", "p-cpe:/a:novell:suse_linux:samba-python3", "p-cpe:/a:novell:suse_linux:samba-tool", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-libs", "p-cpe:/a:novell:suse_linux:samba-winbind-libs-32bit", "p-cpe:/a:novell:suse_linux:sssd", "p-cpe:/a:novell:suse_linux:sssd-ad", "p-cpe:/a:novell:suse_linux:sssd-common", "p-cpe:/a:novell:suse_linux:sssd-dbus", "p-cpe:/a:novell:suse_linux:sssd-ipa", "p-cpe:/a:novell:suse_linux:sssd-krb5", "p-cpe:/a:novell:suse_linux:sssd-krb5-common", "p-cpe:/a:novell:suse_linux:sssd-ldap", "p-cpe:/a:novell:suse_linux:sssd-proxy", "p-cpe:/a:novell:suse_linux:sssd-tools", "p-cpe:/a:novell:suse_linux:sssd-winbind-idmap", "p-cpe:/a:novell:suse_linux:talloc-man", "p-cpe:/a:novell:suse_linux:tdb-tools", "p-cpe:/a:novell:suse_linux:tevent-man", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0283-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157307", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0283-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157307);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/08\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\",\n \"CVE-2021-20316\",\n \"CVE-2021-36222\",\n \"CVE-2021-43566\",\n \"CVE-2021-44141\",\n \"CVE-2021-44142\",\n \"CVE-2022-0336\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0283-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0487\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n script_xref(name:\"IAVB\", value:\"2021-B-0054-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2022:0283-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0283-1 advisory.\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to\n an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The\n highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\n - ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before\n 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon\n crash. This occurs because a return value is not properly managed in a certain situation. (CVE-2021-36222)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Clients that\n have write access to the exported part of the file system under a share via SMB1 unix extensions or via\n NFS can create symlinks that point to arbitrary files or directories on the server filesystem. Clients can\n then use SMB1 unix extension information queries to determine if the target of the symlink exists or not\n by examining error codes returned from the smbd server. There is no ability to access these files or\n directories, only to determine if they exist or not. If SMB1 is turned off and only SMB2 is used, or unix\n extensions are not enabled then there is no way to discover if a symlink points to a valid target or not\n via SMB2. For this reason, even if symlinks are created via NFS, if the Samba server does not allow SMB1\n with unix extensions there is no way to exploit this bug. Finding out what files or directories exist on a\n file server can help attackers guess system user names or the exact operating system release and\n applications running on the server hosting Samba which may help mount further attacks. SMB1 has been\n disabled on Samba since version 4.11.0 and onwards. Exploitation of this bug has not been seen in the\n wild. (CVE-2021-44141)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution\n (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that\n SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an\n account modification re-adds an SPN that was previously present on that account, such as one added when a\n computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to\n perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an\n attacker who can intercept traffic can impersonate existing services, resulting in a loss of\n confidentiality and integrity. (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1139519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183574\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1188571\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194859\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195048\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010164.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?105ef610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27840\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20277\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-36222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-43566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0336\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-abstractions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-parser-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-profiles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-utils-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-plugin-kdb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-otp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-spake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libipa_hbac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libipa_hbac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_certmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_certmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_nss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_nss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_simpleifp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_simpleifp0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtalloc2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtalloc2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtdb1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pam_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pam_apparmor-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-sssd-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-talloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-talloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-tdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-tevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ad-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ad-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ad-dc-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-gpupdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ldb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ad\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ipa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-krb5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-winbind-idmap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:talloc-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tdb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tevent-man\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'ctdb-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-ha-release-15.3'},\n {'reference':'apparmor-abstractions-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-abstractions-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-docs-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-docs-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-parser-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-parser-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-parser-lang-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-parser-lang-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-profiles-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-profiles-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-utils-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-utils-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-utils-lang-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-utils-lang-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-32bit-1.19.2-150300.8.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-32bit-1.19.2-150300.8.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-client-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-client-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-devel-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-devel-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-otp-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-otp-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-pkinit-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-pkinit-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-spake-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-spake-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'ldb-tools-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'ldb-tools-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor-devel-2.13.6-150300.3.11.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor-devel-2.13.6-150300.3.11.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor1-2.13.6-150300.3.11.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor1-2.13.6-150300.3.11.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor1-32bit-2.13.6-150300.3.11.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor1-32bit-2.13.6-150300.3.11.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libipa_hbac-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libipa_hbac-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libipa_hbac0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libipa_hbac0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb-devel-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb-devel-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb2-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb2-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb2-32bit-2.4.1-150300.3.10.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb2-32bit-2.4.1-150300.3.10.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy-python3-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy-python3-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy0-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy0-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_certmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_certmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_certmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_certmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_idmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_idmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_idmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_idmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_nss_idmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_nss_idmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_simpleifp-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_simpleifp-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_simpleifp0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_simpleifp0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc-devel-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc-devel-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc2-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc2-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc2-32bit-2.3.3-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc2-32bit-2.3.3-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb-devel-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb-devel-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb1-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb1-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb1-32bit-1.4.4-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb1-32bit-1.4.4-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent-devel-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent-devel-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent0-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent0-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent0-32bit-0.11.0-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent0-32bit-0.11.0-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'pam_apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'pam_apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'pam_apparmor-32bit-2.13.6-150300.3.11.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'pam_apparmor-32bit-2.13.6-150300.3.11.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'perl-apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'perl-apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-ldb-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-ldb-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-ldb-devel-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-ldb-devel-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-sssd-config-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-sssd-config-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-talloc-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-talloc-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-talloc-devel-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-talloc-devel-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-tdb-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-tdb-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-tevent-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-tevent-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ad-dc-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ad-dc-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ad-dc-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ad-dc-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-devel-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-devel-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-dsdb-modules-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-dsdb-modules-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-gpupdate-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-gpupdate-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ldb-ldap-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ldb-ldap-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-tool-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-tool-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ad-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ad-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-common-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-common-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-dbus-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-dbus-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ipa-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ipa-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-krb5-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-krb5-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-krb5-common-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-krb5-common-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ldap-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ldap-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-proxy-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-proxy-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-tools-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-tools-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-winbind-idmap-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-winbind-idmap-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'talloc-man-2.3.3-150300.3.3.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'talloc-man-2.3.3-150300.3.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'tdb-tools-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'tdb-tools-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'tevent-man-0.11.0-150300.3.3.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'tevent-man-0.11.0-150300.3.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ad-dc-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-python2-release-15.3'},\n {'reference':'samba-ad-dc-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-python2-release-15.3'},\n {'reference':'apache2-mod_apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'krb5-plugin-kdb-ldap-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'krb5-server-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2-mod_apparmor / apparmor-abstractions / apparmor-docs / etc');\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-01-10T18:59:26", "description": "The version of Samba running on the remote host is 4.0.x prior to 4.13.17, 4.14.x prior to 4.14.12, or 4.15.x prior to 4.15.5. It is, therefore, affected by multiple vulnerabilities:\n\n - Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution. (CVE-2021-44142)\n\n - Information leak via symlinks of existence of\tfiles or directories outside of the exported share. (CVE-2021-44141)\n\n - Samba AD users with permission to write to an account can impersonate arbitrary services. (CVE-2022-0336)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-03T00:00:00", "type": "nessus", "title": "Samba 4.0.x < 4.13.17 / 4.14.x < 4.14.12 / 4.15.x < 4.15.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-11-08T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_4_15_5.NASL", "href": "https://www.tenable.com/plugins/nessus/157360", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157360);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/08\");\n\n script_cve_id(\"CVE-2021-44141\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"Samba 4.0.x < 4.13.17 / 4.14.x < 4.14.12 / 4.15.x < 4.15.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is potentially affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Samba running on the remote host is 4.0.x prior to 4.13.17, 4.14.x prior to 4.14.12, or 4.15.x prior\nto 4.15.5. It is, therefore, affected by multiple vulnerabilities:\n\n - Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution. (CVE-2021-44142)\n\n - Information leak via symlinks of existence of\tfiles or directories outside of the exported share. (CVE-2021-44141)\n\n - Samba AD users with permission to write to an account can impersonate arbitrary services. (CVE-2022-0336)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/security.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-44141.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-44142.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2022-0336.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Samba version 4.13.17, 4.14.12, or 4.15.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/03\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar app_info = vcf::samba::get_app_info();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [\n {'min_version':'4.0.0', 'fixed_version':'4.13.17'},\n {'min_version':'4.14.0', 'fixed_version':'4.14.12'},\n {'min_version':'4.15.0', 'fixed_version':'4.15.5'}\n];\n\nvcf::check_version_and_report(app_info: app_info, constraints: constraints, severity: SECURITY_HOLE);\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-01-10T19:18:50", "description": "The version of QNAP QTS or QuTS hero on the remote host is affected by multiple vulnerabilities in the Samba component, as follows:\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\n - Samba AD users able to write to an account can impersonate existing services, intercept traffic, and cause a denial of service (DoS). (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-05T00:00:00", "type": "nessus", "title": "QNAP QTS / QuTS hero Multiple Vulnerabilities in Samba (QSA-22-03)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-08-12T00:00:00", "cpe": ["cpe:/a:qnap:qts", "cpe:/o:qnap:qts", "cpe:/o:qnap:quts_hero"], "id": "QNAP_QTS_QUTS_HERO_QSA-22-03.NASL", "href": "https://www.tenable.com/plugins/nessus/159504", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159504);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/08/12\");\n\n script_cve_id(\"CVE-2021-44141\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n\n script_name(english:\"QNAP QTS / QuTS hero Multiple Vulnerabilities in Samba (QSA-22-03)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of QNAP QTS or QuTS hero on the remote host is affected by multiple vulnerabilities in the Samba component,\nas follows:\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\n - Samba AD users able to write to an account can impersonate existing services, intercept traffic, and cause\n a denial of service (DoS). (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.qnap.com/en/security-advisory/qsa-22-03\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the workaround and upgrade to the relevant fixed version referenced in the QSA-22-03 advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:qnap:qts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:qnap:qts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:qnap:quts_hero\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"qnap_qts_quts_hero_web_detect.nbin\", \"qnap_qts_installed.nbin\");\n script_require_ports(\"installed_sw/QNAP QTS\", \"installed_sw/QNAP QuTS hero\");\n\n exit(0);\n}\n\ninclude('vcf_extras_qnap.inc');\n\nvar app_info = vcf::qnap::get_app_info();\n\nvar constraints = [\n{'product':'QTS', 'min_version':'4.3', 'max_version':'4.3.3', 'Number':'1945', 'Build':'20220303', 'fixed_display':'QTS 4.3.3.1945 build 20220303'},\n{'product':'QTS', 'min_version':'4.3.4', 'max_version':'4.3.4', 'Number':'1976', 'Build':'20220303', 'fixed_display':'QTS 4.3.4.1976 build 20220303'},\n{'product':'QTS', 'min_version':'4.3.6', 'max_version':'4.3.6', 'Number':'1965', 'Build':'20220302', 'fixed_display':'QTS 4.3.6.1965 build 20220302 '},\n{'product':'QTS', 'min_version':'4.5.4', 'max_version':'4.5.4', 'Number':'1931', 'Build':'20220128', 'fixed_display':'QTS 4.5.4.1931 build 20220128'},\n{'product':'QTS', 'min_version':'5.0', 'max_version':'5.0.0', 'Number':'1932', 'Build':'20220129', 'fixed_display':'QTS 5.0.0.1932 build 20220129'},\n{'product':'QuTS hero', 'min_version':'0.0', 'max_version':'4.5.4', 'Number':'1951', 'Build':'20220218', 'fixed_display':'QuTS hero h4.5.4.1951 build 20220218'},\n{'product':'QuTS hero', 'min_version':'5.0', 'max_version':'5.0.0', 'Number':'1949', 'Build':'20220215', 'fixed_display':'QuTS hero h5.0.0.1949 build 20220215'}\n];\n\nvcf::qnap::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-01-10T19:16:05", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 8579074c-839f-11ec-a3b2-005056a311d1 advisory.\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide ...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-02T00:00:00", "type": "nessus", "title": "FreeBSD : samba -- Multiple Vulnerabilities (8579074c-839f-11ec-a3b2-005056a311d1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-11-08T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:samba413", "p-cpe:/a:freebsd:freebsd:samba414", "p-cpe:/a:freebsd:freebsd:samba415", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_8579074C839F11ECA3B2005056A311D1.NASL", "href": "https://www.tenable.com/plugins/nessus/157319", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157319);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/08\");\n\n script_cve_id(\n \"CVE-2021-43566\",\n \"CVE-2021-44141\",\n \"CVE-2021-44142\",\n \"CVE-2022-0336\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n\n script_name(english:\"FreeBSD : samba -- Multiple Vulnerabilities (8579074c-839f-11ec-a3b2-005056a311d1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 8579074c-839f-11ec-a3b2-005056a311d1 advisory.\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide ...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-43566.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-44141.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-44142.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2022-0336.html\");\n # https://vuxml.freebsd.org/freebsd/8579074c-839f-11ec-a3b2-005056a311d1.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fb46416f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba413\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba414\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba415\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"III\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'samba413<4.13.17',\n 'samba414<4.14.12',\n 'samba415<4.15.5'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-01-10T19:40:04", "description": "The version of samba installed on the remote host is prior to 4.16.2-0. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-224 advisory.\n\n - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.\n (CVE-2016-2124)\n\n - A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. (CVE-2020-25717)\n\n - A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller). This would allow an RODC to print administrator tickets. (CVE-2020-25718)\n\n - A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name- based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise. (CVE-2020-25719)\n\n - Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.\n (CVE-2020-25721)\n\n - Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise. (CVE-2020-25722)\n\n - A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share. (CVE-2021-20316)\n\n - A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements. (CVE-2021-23192)\n\n - In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only pointed at, and when one connection within that association group ended, the database would be left pointing at an invalid 'struct session_info'. The most likely outcome here is a crash, but it is possible that the use- after-free could instead allow different user state to be pointed at and this might allow more privileged access. (CVE-2021-3738)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide ...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. (CVE-2022-0336)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-12-10T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : samba (ALAS2022-2022-224)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2124", "CVE-2020-25717", "CVE-2020-25718", "CVE-2020-25719", "CVE-2020-25721", "CVE-2020-25722", "CVE-2021-20316", "CVE-2021-23192", "CVE-2021-3738", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-12-29T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ctdb", "p-cpe:/a:amazon:linux:ctdb-debuginfo", "p-cpe:/a:amazon:linux:libsmbclient", "p-cpe:/a:amazon:linux:libsmbclient-debuginfo", "p-cpe:/a:amazon:linux:libsmbclient-devel", "p-cpe:/a:amazon:linux:libwbclient", "p-cpe:/a:amazon:linux:libwbclient-debuginfo", "p-cpe:/a:amazon:linux:libwbclient-devel", "p-cpe:/a:amazon:linux:python3-samba", "p-cpe:/a:amazon:linux:python3-samba-dc", "p-cpe:/a:amazon:linux:python3-samba-dc-debuginfo", "p-cpe:/a:amazon:linux:python3-samba-debuginfo", "p-cpe:/a:amazon:linux:python3-samba-devel", "p-cpe:/a:amazon:linux:python3-samba-test", "p-cpe:/a:amazon:linux:samba", "p-cpe:/a:amazon:linux:samba-client", "p-cpe:/a:amazon:linux:samba-client-debuginfo", "p-cpe:/a:amazon:linux:samba-client-libs", "p-cpe:/a:amazon:linux:samba-client-libs-debuginfo", "p-cpe:/a:amazon:linux:samba-common", "p-cpe:/a:amazon:linux:samba-common-libs", "p-cpe:/a:amazon:linux:samba-common-libs-debuginfo", "p-cpe:/a:amazon:linux:samba-common-tools", "p-cpe:/a:amazon:linux:samba-common-tools-debuginfo", "p-cpe:/a:amazon:linux:samba-dc", "p-cpe:/a:amazon:linux:samba-dc-bind-dlz", "p-cpe:/a:amazon:linux:samba-dc-bind-dlz-debuginfo", "p-cpe:/a:amazon:linux:samba-dc-debuginfo", "p-cpe:/a:amazon:linux:samba-dc-libs", "p-cpe:/a:amazon:linux:samba-dc-libs-debuginfo", "p-cpe:/a:amazon:linux:samba-dc-provision", "p-cpe:/a:amazon:linux:samba-debuginfo", "p-cpe:/a:amazon:linux:samba-debugsource", "p-cpe:/a:amazon:linux:samba-devel", "p-cpe:/a:amazon:linux:samba-krb5-printing", "p-cpe:/a:amazon:linux:samba-krb5-printing-debuginfo", "p-cpe:/a:amazon:linux:samba-libs", "p-cpe:/a:amazon:linux:samba-libs-debuginfo", "p-cpe:/a:amazon:linux:samba-pidl", "p-cpe:/a:amazon:linux:samba-test", "p-cpe:/a:amazon:linux:samba-test-debuginfo", "p-cpe:/a:amazon:linux:samba-test-libs", "p-cpe:/a:amazon:linux:samba-test-libs-debuginfo", "p-cpe:/a:amazon:linux:samba-vfs-iouring", "p-cpe:/a:amazon:linux:samba-vfs-iouring-debuginfo", "p-cpe:/a:amazon:linux:samba-winbind", "p-cpe:/a:amazon:linux:samba-winbind-clients", "p-cpe:/a:amazon:linux:samba-winbind-clients-debuginfo", "p-cpe:/a:amazon:linux:samba-winbind-debuginfo", "p-cpe:/a:amazon:linux:samba-winbind-krb5-locator", "p-cpe:/a:amazon:linux:samba-winbind-krb5-locator-debuginfo", "p-cpe:/a:amazon:linux:samba-winbind-modules", "p-cpe:/a:amazon:linux:samba-winbind-modules-debuginfo", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-224.NASL", "href": "https://www.tenable.com/plugins/nessus/168583", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-224.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168583);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/29\");\n\n script_cve_id(\n \"CVE-2016-2124\",\n \"CVE-2020-25717\",\n \"CVE-2020-25718\",\n \"CVE-2020-25719\",\n \"CVE-2020-25721\",\n \"CVE-2020-25722\",\n \"CVE-2021-3738\",\n \"CVE-2021-20316\",\n \"CVE-2021-23192\",\n \"CVE-2021-44141\",\n \"CVE-2021-44142\",\n \"CVE-2022-0336\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0554-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"Amazon Linux 2022 : samba (ALAS2022-2022-224)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of samba installed on the remote host is prior to 4.16.2-0. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2022-2022-224 advisory.\n\n - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to\n retrieve the plaintext password sent over the wire even if Kerberos authentication was required.\n (CVE-2016-2124)\n\n - A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use\n this flaw to cause possible privilege escalation. (CVE-2020-25717)\n\n - A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC\n (read-only domain controller). This would allow an RODC to print administrator tickets. (CVE-2020-25718)\n\n - A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-\n based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did\n not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total\n domain compromise. (CVE-2020-25719)\n\n - Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now\n provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.\n (CVE-2020-25721)\n\n - Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored\n data. An attacker could use this flaw to cause total domain compromise. (CVE-2020-25722)\n\n - A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated\n attacker with permissions to read or modify share metadata, to perform this operation outside of the\n share. (CVE-2021-20316)\n\n - A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large\n DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data,\n bypassing the signature requirements. (CVE-2021-23192)\n\n - In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections\n via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb\n database. However while the database was correctly shared, the user credentials state was only pointed at,\n and when one connection within that association group ended, the database would be left pointing at an\n invalid 'struct session_info'. The most likely outcome here is a crash, but it is possible that the use-\n after-free could instead allow different user state to be pointed at and this might allow more privileged\n access. (CVE-2021-3738)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide ...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that\n SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an\n account modification re-adds an SPN that was previously present on that account, such as one added when a\n computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to\n perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an\n attacker who can intercept traffic can impersonate existing services, resulting in a loss of\n confidentiality and integrity. (CVE-2022-0336)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-224.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2016-2124.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-25717.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-25718.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-25719.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-25721.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-25722.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-20316.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-23192.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3738.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-44141.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-44142.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0336.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update samba' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-samba-dc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc-bind-dlz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc-bind-dlz-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc-provision\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-krb5-printing-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-vfs-iouring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-clients-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-krb5-locator-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'ctdb-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-dc-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-dc-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-dc-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-dc-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-dc-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-dc-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-devel-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-devel-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-devel-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.16.2-0.amzn2022.0.2', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-bind-dlz-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-bind-dlz-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-bind-dlz-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-bind-dlz-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-bind-dlz-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-bind-dlz-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-libs-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-libs-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-libs-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dc-provision-4.16.2-0.amzn2022.0.2', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debugsource-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debugsource-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debugsource-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.16.2-0.amzn2022.0.2', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-debuginfo-4.16.2-0.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-debuginfo / libsmbclient / etc\");\n}", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "rocky": [{"lastseen": "2022-08-26T20:43:10", "description": "An update for samba is now available for Rocky Linux 8.\nRocky Linux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\nSamba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\nThe following packages have been upgraded to a later upstream version: samba (4.15.5). (BZ#2013596)\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\nAdditional Changes:\nFor detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-18T19:44:08", "type": "rocky", "title": "samba security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-05-18T19:44:08", "id": "RLSA-2022:2074", "href": "https://errata.rockylinux.org/RLSA-2022:2074", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "mageia": [{"lastseen": "2022-04-18T11:19:35", "description": "For CVE-2021-20316 and CVE-2021-44141, there is only a workaround and mitigation: All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Clients that have write access to the exported part of the file system under a share via SMB1 unix extensions or via NFS can create symlinks that point to arbitrary files or directories on the server filesystem. Clients can then use SMB1 unix extension information queries to determine if the target of the symlink exists or not by examining error codes returned from the smbd server. There is no ability to access these files or directories, only to determine if they exist or not. If SMB1 is turned off and only SMB2 is used, or unix extensions are not enabled then there is no way to discover if a symlink points to a valid target or not via SMB2. For this reason, even if symlinks are created via NFS, if the Samba server does not allow SMB1 with unix extensions there is no way to exploit this bug. Finding out what files or directories exist on a file server can help attackers guess system user names or the exact operating system release and applications running on the server hosting Samba which may help mount further attacks. SMB1 has been disabled on Samba since version 4.11.0 and onwards. Exploitation of this bug has not been seen in the wild. For CVE-2021-44142, All versions of Samba prior to 4.13.17 are vulnerable to an out-of-bounds heap read write vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit. The specific flaw exists within the parsing of EA metadata when opening files in smbd. Access as a user that has write access to a file's extended attributes is required to exploit this vulnerability. Note that this could be a guest or unauthenticated user if such users are allowed write access to file extended attributes. The problem in vfs_fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file. If both options are set to different settings than the default values, the system is not affected by the security issue. For CVE-2022-0336, The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-09T20:46:00", "type": "mageia", "title": "Updated samba packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-02-09T20:46:00", "id": "MGASA-2022-0054", "href": "https://advisories.mageia.org/MGASA-2022-0054.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2022-02-23T17:38:26", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-02T01:26:36", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: samba-4.15.5-0.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-02-02T01:26:36", "id": "FEDORA:49AF8312EC07", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/C7Z6WQXBTZ2IQJ2IOEARLCY3GKPDQRZ2/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-02-23T17:38:26", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-03T01:12:33", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: samba-4.14.12-0.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-02-03T01:12:33", "id": "FEDORA:E133C304C758", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HUM2MJYEBEIJHLBNK6LORYWBHRWYYYJO/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "veracode": [{"lastseen": "2022-08-27T00:48:01", "description": "samba is vulnerable to privilege escalation. The vulnerability exists due to a symlink race to allow filesystem metadata to be accessed in an area of the server file system not exported under the share definition.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-04-13T17:46:06", "type": "veracode", "title": "Privilege Escalation", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-20316"], "modified": "2022-08-26T20:14:43", "id": "VERACODE:35092", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-35092/summary", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-07-17T13:02:41", "description": "samba is vulnerable to information disclosure.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-02-03T11:21:55", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141"], "modified": "2022-02-23T17:25:57", "id": "VERACODE:33993", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33993/summary", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2022-08-27T13:09:21", "description": "A flaw was found in the way Samba handled file/directory metadata. This\nflaw allows an authenticated attacker with permissions to read or modify\nshare metadata, to perform this operation outside of the share.\n\n#### Bugs\n\n * <https://bugzilla.samba.org/show_bug.cgi?id=14842>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | per upstream, fixing this required a whole rewrite of the VFS layer and there is no reasonable way to fix this in older versions. Marking this CVE as ignored for older releases.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-08-23T00:00:00", "type": "ubuntucve", "title": "CVE-2021-20316", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-20316"], "modified": "2022-08-23T00:00:00", "id": "UB:CVE-2021-20316", "href": "https://ubuntu.com/security/CVE-2021-20316", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-04T13:12:18", "description": "All versions of Samba prior to 4.15.5 are vulnerable to a malicious client\nusing a server symlink to determine if a file or directory exists in an\narea of the server file system not exported under the share definition.\nSMB1 with unix extensions has to be enabled in order for this attack to\nsucceed.\n\n#### Bugs\n\n * <https://bugzilla.samba.org/show_bug.cgi?id=14911>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | per upstream, fixing this required a whole rewrite of the VFS layer and there is no reasonable way to fix this in versions older than 4.15.x. Marking this CVE as ignored for older releases.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-01-31T00:00:00", "type": "ubuntucve", "title": "CVE-2021-44141", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141"], "modified": "2022-01-31T00:00:00", "id": "UB:CVE-2021-44141", "href": "https://ubuntu.com/security/CVE-2021-44141", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "redhatcve": [{"lastseen": "2022-12-06T20:09:44", "description": "A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.\n#### Mitigation\n\nDo not enable SMB1 (please note SMB1 is disabled by default in Samba from version 4.11.0 and onwards). This prevents the creation of symbolic links via SMB1. If SMB1 must be enabled for backward compatibility then add the parameter: \n\n\nunix extensions = no \n\n\nto the [global] section of your smb.conf and restart smbd. This prevents SMB1 clients from creating symlinks on the exported file system. \n\n\nHowever, if the same region of the file system is also exported using NFS, NFS clients can create symlinks that potentially can also hit the race condition. For non-patched versions of Samba, we recommend only exporting areas of the file system by either SMB2 or NFS, not both. \n\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-01-10T18:55:25", "type": "redhatcve", "title": "CVE-2021-20316", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-20316"], "modified": "2022-12-06T19:43:30", "id": "RH:CVE-2021-20316", "href": "https://access.redhat.com/security/cve/cve-2021-20316", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-23T21:13:16", "description": "All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n#### Mitigation\n\nDo not enable SMB1 (please note SMB1 is disabled by default in Samba from version 4.11.0 and onwards). This prevents the creation or querying of symbolic links via SMB1. If SMB1 must be enabled for backwards compatibility then add the parameter: \n\n \n \n unix extensions = no \n \n\nto the [global] section of your smb.conf and restart smbd. This prevents SMB1 clients from creating or reading symlinks on the exported file system. \n\n\nHowever, if the same region of the file system is also exported allowing write access via NFS, NFS clients can create symlinks that allow SMB1 with unix extensions clients to discover the existance of the NFS created symlink targets. For non-patched versions of Samba we recommend only exporting areas of the file system by either SMB2 or NFS, not both. \n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-01-31T15:06:29", "type": "redhatcve", "title": "CVE-2021-44141", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141"], "modified": "2022-09-23T20:18:59", "id": "RH:CVE-2021-44141", "href": "https://access.redhat.com/security/cve/cve-2021-44141", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-08-26T20:21:42", "description": "A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-08-23T16:15:00", "type": "cve", "title": "CVE-2021-20316", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2021-20316"], "modified": "2022-08-26T18:05:00", "cpe": ["cpe:/o:redhat:enterprise_linux_eus:8.6", "cpe:/o:debian:debian_linux:11.0", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:redhat:enterprise_linux_tus:8.6", "cpe:/o:redhat:enterprise_linux:8.0", "cpe:/a:redhat:virtualization_host:4.0", "cpe:/o:redhat:enterprise_linux_aus:8.6"], "id": "CVE-2021-20316", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20316", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:48:46", "description": "All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-02-21T18:15:00", "type": "cve", "title": "CVE-2021-44141", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141"], "modified": "2022-02-23T15:17:00", "cpe": ["cpe:/a:redhat:storage:3.0", "cpe:/o:fedoraproject:fedora:34", "cpe:/o:fedoraproject:fedora:35"], "id": "CVE-2021-44141", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44141", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"]}], "alpinelinux": [{"lastseen": "2022-10-31T22:11:28", "description": "A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-08-23T16:15:00", "type": "alpinelinux", "title": "CVE-2021-20316", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2021-20316"], "modified": "2022-08-26T18:05:00", "id": "ALPINE:CVE-2021-20316", "href": "https://security.alpinelinux.org/vuln/CVE-2021-20316", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-31T22:11:28", "description": "All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-02-21T18:15:00", "type": "alpinelinux", "title": "CVE-2021-44141", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141"], "modified": "2022-02-23T15:17:00", "id": "ALPINE:CVE-2021-44141", "href": "https://security.alpinelinux.org/vuln/CVE-2021-44141", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2023-01-13T18:08:36", "description": "A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-08-23T16:15:00", "type": "debiancve", "title": "CVE-2021-20316", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-20316"], "modified": "2022-08-23T16:15:00", "id": "DEBIANCVE:CVE-2021-20316", "href": "https://security-tracker.debian.org/tracker/CVE-2021-20316", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-13T18:08:36", "description": "All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-02-21T18:15:00", "type": "debiancve", "title": "CVE-2021-44141", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141"], "modified": "2022-02-21T18:15:00", "id": "DEBIANCVE:CVE-2021-44141", "href": "https://security-tracker.debian.org/tracker/CVE-2021-44141", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "samba": [{"lastseen": "2022-02-23T19:31:50", "description": "## Description\n\nAll versions of Samba prior to 4.15.5 are vulnerable to a malicious\nclient using a server symlink to determine if a file or directory\nexists in an area of the server file system not exported under the\nshare definition. SMB1 with unix extensions has to be enabled in order\nfor this attack to succeed.\n\nClients that have write access to the exported part of the file system\nunder a share via SMB1 unix extensions or via NFS can create symlinks\nthat point to arbitrary files or directories on the server filesystem.\n\nClients can then use SMB1 unix extension information queries to\ndetermine if the target of the symlink exists or not by examining\nerror codes returned from the smbd server. There is no ability to\naccess these files or directories, only to determine if they exist or\nnot.\n\nIf SMB1 is turned off and only SMB2 is used, or unix extensions are\nnot enabled then there is no way to discover if a symlink points to a\nvalid target or not via SMB2. For this reason, even if symlinks are\ncreated via NFS, if the Samba server does not allow SMB1 with unix\nextensions there is no way to exploit this bug.\n\nFinding out what files or directories exist on a file server can help\nattackers guess system user names or the exact operating system\nrelease and applications running on the server hosting Samba which may\nhelp mount further attacks.\n\nSMB1 has been disabled on Samba since version 4.11.0 and\nonwards. Exploitation of this bug has not been seen in the wild.\n## Patch Availability\n\nPatches addressing this issue has been posted to:\n\n https://www.samba.org/samba/security/\n\nSamba version 4.15.5 has been issued as a security release to correct\nthe defect. Samba administrators are advised to upgrade to this\nrelease as soon as possible. Due to the complexity of the fixes needed\nfor this problem, back ports to earlier Samba versions have not been\nprovided. For users of earlier Samba versions, please see the\n\"Workaround and mitigating factors\" section of this document.\n## CVSSv3.1 calculation\n\nCVSS:AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C/CR:L/IR:L/AR:L/MAV:N/MAC:L/MPR:L/MUI:N/MS:U/MC:H/MI:N/MA:N\n\nbase score of 4.2\n## Workaround and mitigating factors\n\nDo not enable SMB1 (please note SMB1 is disabled by default in Samba\nfrom version 4.11.0 and onwards). This prevents the creation or\nquerying of symbolic links via SMB1. If SMB1 must be enabled for\nbackwards compatibility then add the parameter:\n\nunix extensions = no\n\nto the [global] section of your smb.conf and restart smbd. This\nprevents SMB1 clients from creating or reading symlinks on the\nexported file system.\n\nHowever, if the same region of the file system is also exported\nallowing write access via NFS, NFS clients can create symlinks that\nallow SMB1 with unix extensions clients to discover the existance of\nthe NFS created symlink targets. For non-patched versions of Samba we\nrecommend only exporting areas of the file system by either SMB2 or\nNFS, not both.\n## Credits\n\nReported by Stefan Behrens of <sbehrens@giantdisaster.de>\nJeremy Allison of Google and the Samba Team provided the fix.\n\n== Our Code, Our Bugs, Our Responsibility.\n== The Samba Team", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-01-31T00:00:00", "type": "samba", "title": "Information leak via symlinks of existance of", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141"], "modified": "2022-01-31T00:00:00", "id": "SAMBA:CVE-2021-44141", "href": "https://www.samba.org/samba/security/CVE-2021-44141.html", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "kaspersky": [{"lastseen": "2022-02-23T21:32:07", "description": "### *Detect date*:\n01/31/2022\n\n### *Severity*:\nWarning\n\n### *Description*:\nInformation disclosure vulnerability was found in Samba. Malicious users can exploit this vulnerability to obtain sensitive information.\n\n### *Affected products*:\nSamba earlier than 4.15.5\n\n### *Solution*:\nUpdate to the latest version \n[Download Samba](<https://www.samba.org/samba/download/>)\n\n### *Original advisories*:\n[CVE-2021-44141](<https://www.samba.org/samba/security/CVE-2021-44141.html>) \n\n\n### *Impacts*:\nOSI", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-01-31T00:00:00", "type": "kaspersky", "title": "KLA12440 OSI vulnerability in Samba", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141"], "modified": "2022-02-03T00:00:00", "id": "KLA12440", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12440/", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "f5": [{"lastseen": "2022-03-02T02:13:05", "description": "All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. ([CVE-2021-44141](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141>))\n\nImpact\n\nThere is no impact; F5 products are not affected by this vulnerability.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-02-11T16:56:00", "type": "f5", "title": "Samba vulnerability CVE-2021-44141", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141"], "modified": "2022-03-01T23:09:00", "id": "F5:K45752041", "href": "https://support.f5.com/csp/article/K45752041", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "redos": [{"lastseen": "2023-01-07T04:18:22", "description": "A vulnerability in the Samba network file system, related to insecure link hopping. Exploitation of the vulnerability could allow an intruder acting remotely to create a symbolic link to determine whether a file or directory exists in a server file system area", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-07T07:18:22", "type": "redos", "title": "ROS-20220208-01", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141"], "modified": "2023-01-07T07:18:22", "id": "ROS-20220208-01", "href": "https://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-setevoy-faylovoy-sistemy-samba-cve-2021-44141-cve-2021-44142-cve-2022-0336/", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "ibm": [{"lastseen": "2022-10-01T01:42:15", "description": "## Summary\n\nSamba is available on IBM i to provide file system access. Samba is vulnerable to the issues described in the vulnerability details section. IBM i has addressed the applicable CVEs in the Samba implementation by providing a fix.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-43566](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43566>) \n** DESCRIPTION: **Samba could allow a remote authenticated attacker to bypass security restrictions, caused by a symlink race error. By using a specially-crafted SMB1 or NFS symlink, an attacker could exploit this vulnerability to create a directory in a part of the server file system not exported under the share definition. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217058](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217058>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-44141](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141>) \n** DESCRIPTION: **Samba could allow a remote authenticated attacker to obtain sensitive information. By querying a symlink inside the exported share using SMB1 with unix extensions turned on, an attacker could exploit this vulnerability to discover if a named or directory exists on the filesystem outside of the exported share. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/218468](<https://exchange.xforce.ibmcloud.com/vulnerabilities/218468>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM i| 7.4 \nIBM i| 7.3 \n \n \n\n\n## Remediation/Fixes\n\nThe issues can be fixed by applying a PTF to IBM i. Releases 7.4 and 7.3 of IBM i will be fixed.\n\nThe IBM i PTF numbers containing the fix for the CVEs are: \n\nRelease 7.4 - SI78680 \nRelease 7.3 - SI78679 \n \n\n\n[https://www.ibm.com/support/fixcentral](<https://www.ibm.com/support/fixcentral/>)\n\n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n28 Feb 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Product\":{\"code\":\"SS9QQS\",\"label\":\"IBM i 7.4\"},\"Component\":\"N\\/A\",\"Platform\":[{\"code\":\"PF012\",\"label\":\"IBM i\"}],\"Version\":\"7.4\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB57\",\"label\":\"Power\"}},{\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Product\":{\"code\":\"SWG60\",\"label\":\"IBM i\"},\"Component\":\"N\\/A\",\"Platform\":[{\"code\":\"PF012\",\"label\":\"IBM i\"}],\"Version\":\"7.4,7.3,7.2\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB57\",\"label\":\"Power\"}},{\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Product\":{\"code\":\"SSTS2D\",\"label\":\"IBM i 7.3\"},\"Component\":\"N\\/A\",\"Platform\":[{\"code\":\"PF012\",\"label\":\"IBM i\"}],\"Version\":\"7.3\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}},{\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Product\":{\"code\":\"SSC5L9\",\"label\":\"IBM i 7.2\"},\"Component\":\"N\\/A\",\"Platform\":[{\"code\":\"PF012\",\"label\":\"IBM i\"}],\"Version\":\"7.2\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-03-02T14:24:21", "type": "ibm", "title": "Security Bulletin: IBM i is vulnerable to bypass security restrictions due to Samba SMB1 (CVE-2021-43566 and CVE-2021-44141)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44141"], "modified": "2022-03-02T14:24:21", "id": "34CC9D7721C963B056C83F77396BEE1AE82A312286A43B241F322E84A8E5C203", "href": "https://www.ibm.com/support/pages/node/6560396", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "suse": [{"lastseen": "2022-11-06T12:08:42", "description": "An update that solves 8 vulnerabilities, contains one\n feature and has two fixes is now available.\n\nDescription:\n\n\n\n - CVE-2021-44141: Information leak via symlinks of existance of files or\n directories outside of the exported share; (bso#14911); (bsc#1193690);\n - CVE-2021-44142: Out-of-bounds heap read/write vulnerability in VFS\n module vfs_fruit allows code execution; (bso#14914); (bsc#1194859);\n - CVE-2022-0336: Samba AD users with permission to write to an account can\n impersonate arbitrary services; (bso#14950); (bsc#1195048);\n\n samba was updated to 4.15.4 (jsc#SLE-23329);\n\n * Duplicate SMB file_ids leading to Windows client cache poisoning;\n (bso#14928);\n * Failed to parse NTLMv2_RESPONSE length 95 - Buffer Size Error -\n NT_STATUS_BUFFER_TOO_SMALL; (bso#14932);\n * kill_tcp_connections does not work; (bso#14934);\n * Can't connect to Windows shares not requiring authentication using\n KDE/Gnome; (bso#14935);\n * smbclient -L doesn't set \"client max protocol\" to NT1 before calling the\n \"Reconnecting with SMB1 for workgroup listing\" path; (bso#14939);\n * Cross device copy of the crossrename module always fails; (bso#14940);\n * symlinkat function from VFS cap module always fails with an error;\n (bso#14941);\n * Fix possible fsp pointer deference; (bso#14942);\n * Missing pop_sec_ctx() in error path inside close_directory();\n (bso#14944);\n * \"smbd --build-options\" no longer works without an smb.conf file;\n (bso#14945);\n\n Samba was updated to version 4.15.3\n\n + CVE-2021-43566: Symlink race error can allow directory creation\n outside of the exported share; (bsc#1139519);\n + CVE-2021-20316: Symlink race error can allow metadata read and modify\n outside of the exported share; (bsc#1191227);\n - Reorganize libs packages. Split samba-libs into samba-client-libs,\n samba-libs, samba-winbind-libs and samba-ad-dc-libs, merging samba\n public libraries depending on internal samba libraries into these\n packages as there were dependency problems everytime one of these public\n libraries changed its version (bsc#1192684). The devel packages are\n merged into samba-devel.\n - Rename package samba-core-devel to samba-devel\n - Update the symlink create by samba-dsdb-modules to private samba ldb\n modules following libldb2 changes from /usr/lib64/ldb/samba to\n /usr/lib64/ldb2/modules/ldb/samba\n\n krb5 was updated to 1.16.3 to 1.19.2\n\n * Fix a denial of service attack against the KDC encrypted challenge code;\n (CVE-2021-36222);\n * Fix a memory leak when gss_inquire_cred() is called without a credential\n handle.\n\n Changes from 1.19.1:\n\n * Fix a linking issue with Samba.\n * Better support multiple pkinit_identities values by checking whether\n certificates can be loaded for each value.\n\n Changes from 1.19\n\n Administrator experience\n * When a client keytab is present, the GSSAPI krb5 mech will refresh\n credentials even if the current credentials were acquired manually.\n * It is now harder to accidentally delete the K/M entry from a KDB.\n Developer experience\n * gss_acquire_cred_from() now supports the \"password\" and \"verify\"\n options, allowing credentials to be acquired via password and verified\n using a keytab key.\n * When an application accepts a GSS security context, the new\n GSS_C_CHANNEL_BOUND_FLAG will be set if the initiator and acceptor\n both provided matching channel bindings.\n * Added the GSS_KRB5_NT_X509_CERT name type, allowing S4U2Self requests\n to identify the desired client principal by certificate.\n * PKINIT certauth modules can now cause the hw-authent flag to be set in\n issued tickets.\n * The krb5_init_creds_step() API will now issue the same password\n expiration warnings as krb5_get_init_creds_password(). Protocol\n evolution\n * Added client and KDC support for Microsoft's Resource-Based\n Constrained Delegation, which allows cross-realm S4U2Proxy requests. A\n third-party database module is required for KDC support.\n * kadmin/admin is now the preferred server principal name for kadmin\n connections, and the host-based form is no longer created by default.\n The client will still try the host-based form as a fallback.\n * Added client and server support for Microsoft's KERB_AP_OPTIONS_CBT\n extension, which causes channel bindings to be required for the\n initiator if the acceptor provided them. The client will send this\n option if the client_aware_gss_bindings profile option is set. User\n experience\n * kinit will now issue a warning if the des3-cbc-sha1 encryption type is\n used in the reply. This encryption type will be deprecated and removed\n in future releases.\n * Added kvno flags --out-cache, --no-store, and --cached-only (inspired\n by Heimdal's kgetcred).\n\n Changes from 1.18.3\n * Fix a denial of service vulnerability when decoding Kerberos protocol\n messages.\n * Fix a locking issue with the LMDB KDB module which could cause KDC and\n kadmind processes to lose access to the database.\n * Fix an assertion failure when libgssapi_krb5 is repeatedly loaded and\n unloaded while libkrb5support remains loaded.\n\n Changes from 1.18.2\n * Fix a SPNEGO regression where an acceptor using the default credential\n would improperly filter mechanisms, causing a negotiation failure.\n * Fix a bug where the KDC would fail to issue tickets if the local krbtgt\n principal's first key has a single-DES enctype.\n * Add stub functions to allow old versions of OpenSSL libcrypto to link\n against libkrb5.\n * Fix a NegoEx bug where the client name and delegated credential might\n not be reported.\n\n Changes from 1.18.1\n * Fix a crash when qualifying short hostnames when the system has no\n primary DNS domain.\n * Fix a regression when an application imports \"service@\" as a GSS\n host-based name for its acceptor credential handle.\n * Fix KDC enforcement of auth indicators when they are modified by the KDB\n module.\n * Fix removal of require_auth string attributes when the LDAP KDB module\n is used.\n * Fix a compile error when building with musl libc on Linux.\n * Fix a compile error when building with gcc 4.x.\n * Change the KDC constrained delegation precedence order for consistency\n with Windows KDCs.\n\n Changes from 1.18 Administrator experience:\n * Remove support for single-DES encryption types.\n * Change the replay cache format to be more efficient and robust. Replay\n cache filenames using the new format end with \".rcache2\" by default.\n * setuid programs will automatically ignore environment variables that\n normally affect krb5 API functions, even if the caller does not use\n krb5_init_secure_context().\n * Add an \"enforce_ok_as_delegate\" krb5.conf relation to disable\n credential forwarding during GSSAPI authentication unless the KDC sets\n the ok-as-delegate bit in the service ticket.\n * Use the permitted_enctypes krb5.conf setting as the default value for\n default_tkt_enctypes and default_tgs_enctypes. Developer experience:\n * Implement krb5_cc_remove_cred() for all credential cache types.\n * Add the krb5_pac_get_client_info() API to get the client account name\n from a PAC. Protocol evolution:\n * Add KDC support for S4U2Self requests where the user is identified by\n X.509 certificate. (Requires support for certificate lookup from a\n third-party KDB module.)\n * Remove support for an old (\"draft 9\") variant of PKINIT.\n * Add support for Microsoft NegoEx. (Requires one or more third-party\n GSS modules implementing NegoEx mechanisms.) User experience:\n * Add support for \"dns_canonicalize_hostname=fallback\", causing\n host-based principal names to be tried first without DNS\n canonicalization, and again with DNS canonicalization if the\n un-canonicalized server is not found.\n * Expand single-component hostnames in host-based principal names when\n DNS canonicalization is not used, adding the system's first DNS search\n path as a suffix. Add a \"qualify_shortname\" krb5.conf relation to\n override this suffix or disable expansion.\n * Honor the transited-policy-checked ticket flag on application servers,\n eliminating the requirement to configure capaths on servers in some\n scenarios. Code quality:\n * The libkrb5 serialization code (used to export and import krb5 GSS\n security contexts) has been simplified and made type-safe.\n * The libkrb5 code for creating KRB-PRIV, KRB-SAFE, and KRB-CRED\n messages has been revised to conform to current coding practices.\n * The test suite has been modified to work with macOS System Integrity\n Protection enabled.\n * The test suite incorporates soft-pkcs11 so that PKINIT PKCS11 support\n can always be tested.\n\n Changes from 1.17.1\n * Fix a bug preventing \"addprinc -randkey -kvno\" from working in kadmin.\n * Fix a bug preventing time skew correction from working when a KCM\n credential cache is used.\n\n Changes from 1.17: Administrator experience:\n * A new Kerberos database module using the Lightning Memory-Mapped\n Database library (LMDB) has been added. The LMDB KDB module should be\n more performant and more robust than the DB2 module, and may become the\n default module for new databases in a future release.\n * \"kdb5_util dump\" will no longer dump policy entries when specific\n principal names are requested. Developer experience:\n * The new krb5_get_etype_info() API can be used to retrieve enctype, salt,\n and string-to-key parameters from the KDC for a client principal.\n * The new GSS_KRB5_NT_ENTERPRISE_NAME name type allows enterprise\n principal names to be used with GSS-API functions.\n * KDC and kadmind modules which call com_err() will now write to the log\n file in a format more consistent with other log messages.\n * Programs which use large numbers of memory credential caches should\n perform better. Protocol evolution:\n * The SPAKE pre-authentication mechanism is now supported. This mechanism\n protects against password dictionary attacks without requiring any\n additional infrastructure such as certificates. SPAKE is enabled by\n default on clients, but must be manually enabled on the KDC for this\n release.\n * PKINIT freshness tokens are now supported. Freshness tokens can protect\n against scenarios where an attacker uses temporary access to a smart\n card to generate authentication requests for the future.\n * Password change operations now prefer TCP over UDP, to avoid spurious\n error messages about replays when a response packet is dropped.\n * The KDC now supports cross-realm S4U2Self requests when used with a\n third-party KDB module such as Samba's. The client code for cross-realm\n S4U2Self requests is also now more robust. User experience:\n * The new ktutil addent -f flag can be used to fetch salt information from\n the KDC for password-based keys.\n * The new kdestroy -p option can be used to destroy a credential cache\n within a collection by client principal name.\n * The Kerberos man page has been restored, and documents the environment\n variables that affect programs using the Kerberos library. Code quality:\n * Python test scripts now use Python 3.\n * Python test scripts now display markers in verbose output, making it\n easier to find where a failure occurred within the scripts.\n * The Windows build system has been simplified and updated to work with\n more recent versions of Visual Studio. A large volume of unused\n Windows-specific code has been removed. Visual Studio 2013\n or later is now required.\n\n - Build with full Cyrus SASL support. Negotiating SASL credentials with an\n EXTERNAL bind mechanism requires interaction. Kerberos provides its\n own interaction function that skips all interaction, thus preventing the\n mechanism from working. ldb was updated to version 2.4.1\n (jsc#SLE-23329);\n\n - Release 2.4.1\n\n + Corrected python behaviour for 'in' for LDAP attributes contained as\n part of ldb.Message; (bso#14845);\n + Fix memory handling in ldb.msg_diff; (bso#14836);\n\n - Release 2.4.0\n\n + pyldb: Fix Message.items() for a message containing elements\n + pyldb: Add test for Message.items()\n + tests: Use ldbsearch '--scope instead of '-s'\n + Change page size of guidindexpackv1.ldb\n + Use a 1MiB lmdb so the test also passes on aarch64 CentOS stream\n + attrib_handler casefold: simplify space dropping\n + fix ldb_comparison_fold off-by-one overrun\n + CVE-2020-27840: pytests: move Dn.validate test to ldb\n + CVE-2020-27840 ldb_dn: avoid head corruption in ldb_dn_explode\n + CVE-2021-20277 ldb/attrib_handlers casefold: stay in bounds\n + CVE-2021-20277 ldb tests: ldb_match tests with extra spaces\n + improve comments for ldb_module_connect_backend()\n + test/ldb_tdb: correct introductory comments\n + ldb.h: remove undefined async_ctx function signatures\n + correct comments in attrib_handers val_to_int64\n + dn tests use cmocka print functions\n + ldb_match: remove redundant check\n + add tests for ldb_wildcard_compare\n + ldb_match: trailing chunk must match end of string\n + pyldb: catch potential overflow error in py_timestring\n + ldb: remove some 'if PY3's in tests\n\n talloc was updated to 2.3.3:\n\n + various bugfixes\n + python: Ensure reference counts are properly incremented\n + Change pytalloc source to LGPL\n + Upgrade waf to 2.0.18 to fix a cross-compilation issue; (bso#13846).\n\n tdb was updated to version 1.4.4:\n\n + various bugfixes\n\n tevent was updated to version 0.11.0:\n\n + Add custom tag to events\n + Add event trace api\n\n sssd was updated to:\n\n - Fix tests test_copy_ccache & test_copy_keytab for later versions of krb5\n - Update the private ldb modules installation following libldb2 changes\n from /usr/lib64/ldb/samba to /usr/lib64/ldb2/modules/ldb/samba\n\n apparmor was updated to:\n\n - Cater for changes to ldb packaging to allow parallel installation with\n libldb (bsc#1192684).\n - add profile for samba-bgqd (bsc#1191532).\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-283=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-01T00:00:00", "type": "suse", "title": "Security update for samba (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277", "CVE-2021-20316", "CVE-2021-36222", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-02-01T00:00:00", "id": "OPENSUSE-SU-2022:0283-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/72ZRNFZ3DE3TJA7HFCVV476YJN6I4B5M/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "malwarebytes": [{"lastseen": "2022-02-10T00:00:00", "description": "Samba developers have [patched a vulnerability](<https://www.samba.org/samba/security/CVE-2021-44142.html>) that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit.\n\nSamba is a free software re-implementation of the [SMB](<https://blog.malwarebytes.com/glossary/server-message-block-smb/>) networking protocol that provides file and print services for various Microsoft Windows clients and can integrate with a Microsoft Windows Server domain.\n\nThe vfs_fruit module provides enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Netatalk is a freely-available Open Source AFP fileserver. A UNIX, Linux or BSD system running Netatalk is capable of serving many Macintosh clients simultaneously as an AppleShare file server (AFP).\n\n## The vulnerability\n\nPublicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). The vulnerability in Samba that received a [CVSS score](<https://blog.malwarebytes.com/malwarebytes-news/2020/05/how-cvss-works-characterizing-and-scoring-vulnerabilities/>) of 9.9 out of 10 has been assigned [CVE-2021-44142](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142>).\n\nThe vulnerability is described as an out-of-bounds heap read/write vulnerability. The heap is the name for the part of the system\u2019s memory that is allocated for the use of programs. If a flaw in a program allows it to read or write outside of the bounds set for the program, it is possible to manipulate other parts of the memory which are allocated to more critical functions. This can allow an attacker to write code to a part of the memory where it will be executed with permissions that the program and user should not have. In this case as root, which is the user name or account that by default has access to **all commands and files** on a Linux or other Unix-like operating system.\n\nThe problem in vfs_fruit exists in the default configuration of the fruit VFS module using **fruit:metadata=netatalk** or **fruit:resource=file**. If both options are set to different settings than the default values, the system is not affected by the security issue.\n\n## The patch\n\nThe patch for this vulnerability was included in a [security update](<https://www.samba.org/samba/history/security.html>) that also patches some other issues:\n\n * [CVE-2021-44141](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141>) (CVSS score: 4.2) - Information leak via symlinks of existence of files or directories outside of the exported share. All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Symlink is a term for any file that contains a reference to another file or directory in the form of an absolute or relative path and that affects pathname resolution.\n * [CVE-2022-0336](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336>) (CVSS score: 3.1) - Samba AD users with permission to write to an account can impersonate arbitrary services. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding any service principals names (SPN) that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity.\n\n## Mitigation\n\nSamba administrators should upgrade to these releases or apply the patch as soon as possible to mitigate the defect and thwart any potential attacks exploiting the vulnerability. But, as a workaround it is possible to remove the &quot;fruit&quot; VFS module from the list of configured VFS objects in any **vfs objects** line in the Samba configuration file **smb.conf**.\n\nPlease note that changing the VFS module settings **fruit:metadata** or **fruit:resource** to use the unaffected setting causes all stored information to be inaccessible and will make it appear to macOS clients as if the information is lost.\n\nStay safe, everyone!\n\nThe post [Samba patches critical vulnerability that allows remote code execution as root](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/02/samba-patches-critical-vulnerability-that-allows-remote-code-execution-as-root/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "cvss3": {}, "published": "2022-02-01T15:22:52", "type": "malwarebytes", "title": "Samba patches critical vulnerability that allows remote code execution as root", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-02-01T15:22:52", "id": "MALWAREBYTES:353332AFBB6514EFED7F5F38820FFD50", "href": "https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/02/samba-patches-critical-vulnerability-that-allows-remote-code-execution-as-root/", "cvss": {"score": 0.0, "vector": "NONE"}}], "cisa": [{"lastseen": "2022-02-24T11:34:36", "description": "The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.\n\nCISA encourages users and administrators to review the following Samba security announcements as well as [CERT/CC Vulnerability Note VU #119678](<https://www.kb.cert.org/vuls/id/119678>) and apply the necessary updates and workarounds.\n\n * [CVE-2021-44141](<https://www.samba.org/samba/security/CVE-2021-44141.html>)\n * [CVE-2021-44142](<https://www.samba.org/samba/security/CVE-2021-44142.html>)\n * [CVE-2022-0336](<https://www.samba.org/samba/security/CVE-2022-0336.html>)\n\nThis product is provided subject to this Notification and this [Privacy &amp; Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2022/02/01/samba-releases-security-updates>); we'd welcome your feedback.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-01T00:00:00", "type": "cisa", "title": "Samba Releases Security Updates", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-02-01T00:00:00", "id": "CISA:07D5CC40C9E66F413405DC92522747C5", "href": "https://us-cert.cisa.gov/ncas/current-activity/2022/02/01/samba-releases-security-updates", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "thn": [{"lastseen": "2022-05-09T12:37:37", "description": "[](<https://thehackernews.com/new-images/img/a/AVvXsEho39PqCOAsbjM7lomETfADN_5E4Hd-mRFBKdVr5uQ6jA_g-wv5FdmLLB7hvSWMaRqHIaYcvBbjX4wth1sV1SC-diDJC9Kc8bFNRuTSHpst6Wk9SpKjFiac2ACefKKqDQcYeZIJHx7F5LseFv8ULheLemDAd57OphbMVXZ-d1TyzrWNJMlh-rfxx3d3>)\n\nSamba has issued [software updates](<https://www.samba.org/samba/history/security.html>) to address multiple security vulnerabilities that, if successfully exploited, could allow remote attackers to execute arbitrary code with the highest privileges on affected installations.\n\nChief among them is [CVE-2021-44142](<https://www.samba.org/samba/security/CVE-2021-44142.html>), which [impacts](<https://bugzilla.samba.org/show_bug.cgi?id=14914>) all versions of Samba before 4.13.17 and concerns an [out-of-bounds](<https://cwe.mitre.org/data/definitions/787.html>) heap read/write vulnerability in the VFS module \"[vfs_fruit](<https://www.samba.org/samba/docs/current/man-html/vfs_fruit.8.html>)\" that provides compatibility with Apple SMB clients.\n\n[Samba](<https://en.wikipedia.org/wiki/Samba_\\(software\\)>) is a popular freeware implementation of the Server Message Block (SMB) protocol that allows users to access files, printers, and other commonly shared resources over a network.\n\n\"All versions of Samba prior to 4.13.17 are vulnerable to an out-of-bounds heap read write vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit,\" the maintainers said in an advisory published on January 31.\n\nAccording to the CERT Coordination Center ([CERT/CC](<https://kb.cert.org/vuls/id/119678>)), the flaw also affects widely used Linux distributions such as [Red Hat](<https://access.redhat.com/security/cve/CVE-2021-44142>), SUSE Linux, and Ubuntu.\n\n\"The specific flaw exists within the parsing of EA metadata in the Samba server daemon (smbd) when opening a file,\" the Zero Day Initiative [said](<https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin>) in an independent write-up. \"An attacker can leverage this vulnerability to execute code in the context of root.\"\n\nThe vulnerability, rated 9.9 on the CVSS scale, has been credited to security researcher Orange Tsai from DEVCORE, who last year [disclosed](<https://thehackernews.com/2021/03/microsoft-exchange-cyber-attack-what-do.html>) the widely-exploited flaws in Microsoft Exchange Server. Additionally, the fix has been issued in Samba versions 4.14.12 and 4.15.5.\n\nAlso addressed by Samba are two separate flaws \u2014\n\n * [CVE-2021-44141](<https://www.samba.org/samba/security/CVE-2021-44141.html>) (CVSS score: 4.2) - Information leak via symlinks of existence of files or directories outside of the exported share (Fixed in Samba version 4.15.5)\n * [CVE-2022-0336](<https://www.samba.org/samba/security/CVE-2022-0336.html>) (CVSS score: 3.1) - Samba AD users with permission to write to an account can impersonate arbitrary services (Fixed in Samba versions 4.13.17, 4.14.12, and 4.15.4)\n\nSamba administrators are recommended to upgrade to these releases or apply the patch as soon as possible to mitigate the defect and thwart any potential attacks exploiting the vulnerability.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-01T04:16:00", "type": "thn", "title": "New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-02-02T03:56:37", "id": "THN:61909FFAAC80372942BFAE32AACCD487", "href": "https://thehackernews.com/2022/01/new-samba-bug-allows-remote-attackers.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2022-02-23T17:44:14", "description": "\n\nThe Samba Team reports:\n\n\nCVE-2021-43566: Malicious client using an SMB1 or NFS race to allow\n\t a directory to be created in an area of the server file system not\n\t exported under the share definition.\nCVE-2021-44141: Information leak via symlinks of existance of files\n\t or directories outside of the exported share.\nCVE-2021-44142: Out-of-bounds heap read/write vulnerability\n\t in VFS module vfs_fruit allows code execution.\nCVE-2022-0336: Samba AD users with permission to write to\n\t an account can impersonate arbitrary services.\n\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-31T00:00:00", "type": "freebsd", "title": "samba -- Multiple Vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-01-31T00:00:00", "id": "8579074C-839F-11EC-A3B2-005056A311D1", "href": "https://vuxml.freebsd.org/freebsd/8579074c-839f-11ec-a3b2-005056a311d1.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}]}