Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.SLACKWARE_SSA_2023-334-01.NASLHistoryNov 30, 2023 - 12:00 a.m.
Slackware Linux 15.0 / current samba Vulnerability (SSA:2023-334-01)
2023-11-3000:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
samba
ldap
information leak
vulnerability
slackware linux
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.8%
The version of samba installed on the remote host is prior to 4.18.9 / 4.19.3. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-334-01 advisory.
- An information leak vulnerability was discovered in Samba’s LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. (CVE-2018-14628)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
#
# The descriptive text and package checks in this plugin were
# extracted from Slackware Security Advisory SSA:2023-334-01. The text
# itself is copyright (C) Slackware Linux, Inc.
##
include('compat.inc');
if (description)
{
script_id(186492);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/30");
script_cve_id("CVE-2018-14628");
script_name(english:"Slackware Linux 15.0 / current samba Vulnerability (SSA:2023-334-01)");
script_set_attribute(attribute:"synopsis", value:
"The remote Slackware Linux host is missing a security update to samba.");
script_set_attribute(attribute:"description", value:
"The version of samba installed on the remote host is prior to 4.18.9 / 4.19.3. It is, therefore, affected by a
vulnerability as referenced in the SSA:2023-334-01 advisory.
- An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control
checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of
deleted objects in the LDAP store. (CVE-2018-14628)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.395566
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3c8d52cf");
script_set_attribute(attribute:"solution", value:
"Upgrade the affected samba package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-14628");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/01/17");
script_set_attribute(attribute:"patch_publication_date", value:"2023/11/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:samba");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:15.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Slackware Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
exit(0);
}
include("slackware.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
var flag = 0;
var constraints = [
{ 'fixed_version' : '4.18.9', 'product' : 'samba', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'i586' },
{ 'fixed_version' : '4.18.9', 'product' : 'samba', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'x86_64' },
{ 'fixed_version' : '4.19.3', 'product' : 'samba', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'i586' },
{ 'fixed_version' : '4.19.3', 'product' : 'samba', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'x86_64' }
];
foreach var constraint (constraints) {
var pkg_arch = constraint['arch'];
var arch = NULL;
if (pkg_arch == "x86_64") {
arch = pkg_arch;
}
if (slackware_check(osver:constraint['os_version'],
arch:arch,
pkgname:constraint['product'],
pkgver:constraint['fixed_version'],
pkgarch:pkg_arch,
pkgnum:constraint['service_pack'])) flag++;
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : slackware_report_get()
);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| slackware | slackware_linux | samba | p-cpe:/a:slackware:slackware_linux:samba |
| slackware | slackware_linux | cpe:/o:slackware:slackware_linux | |
| slackware | slackware_linux | 15.0 | cpe:/o:slackware:slackware_linux:15.0 |
Related
openvas
openvas
Samba Information Leak Vulnerability (CVE-2018-14628)
2023-01-27 00:00:00
Fedora: Security Advisory for samba (FEDORA-2023-9adeb354af)
2023-12-05 00:00:00
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2024-1496)
2024-04-08 00:00:00
prion
prion
Information disclosure
2023-01-17 18:15:00
alpinelinux
alpinelinux
CVE-2018-14628
2023-01-17 18:15:10
cvelist
cvelist
CVE-2018-14628
2023-01-17 00:00:00
slackware
slackware
[slackware-security] samba
2023-11-30 21:22:23
nessus
nessus
Fedora 38 : samba (2023-9adeb354af)
2023-12-03 00:00:00
EulerOS 2.0 SP9 : samba (EulerOS-SA-2024-1496)
2024-04-08 00:00:00
Fedora 39 : samba (2023-4e69bf4c59)
2023-12-01 00:00:00
veracode
veracode
Missing Authorization
2023-11-30 11:52:41
nvd
nvd
CVE-2018-14628
2023-01-17 18:15:10
osv
osv
CVE-2018-14628
2023-01-17 18:15:10
cve
cve
CVE-2018-14628
2023-01-17 18:15:10
ubuntucve
ubuntucve
CVE-2018-14628
2023-01-17 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: samba-4.18.9-1.fc38
2023-12-04 01:51:29
[SECURITY] Fedora 39 Update: samba-4.19.3-1.fc39
2023-12-02 01:25:30
redhatcve
redhatcve
CVE-2018-14628
2023-01-13 18:35:07
debiancve
debiancve
CVE-2018-14628
2023-01-17 18:15:10
cbl_mariner
cbl_mariner
CVE-2018-14628 affecting package samba 4.12.5-6
2024-07-05 03:08:39
gentoo
gentoo
Samba: Multiple Vulnerabilities
2024-02-19 00:00:00
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.8%
Related for SLACKWARE_SSA_2023-334-01.NASL