Oracle Solaris Third-Party Patch Update : samba (cve_2012_2111_access_controls)
2015-01-19T00:00:00
ID SOLARIS11_SAMBA_20120807.NASL Type nessus Reporter This script is Copyright (C) 2015-2021 Tenable Network Security, Inc. Modified 2015-01-19T00:00:00
Description
The remote Solaris system is missing necessary patches to address
security updates :
The (1) CreateAccount, (2) OpenAccount, (3)
AddAccountRights, and (4) RemoveAccountRights LSA RPC
procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x
before 3.5.15, and 3.6.x before 3.6.5 do not properly
restrict modifications to the privileges database, which
allows remote authenticated users to obtain the 'take
ownership' privilege via an LSA connection.
(CVE-2012-2111)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Oracle Third Party software advisories.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(80761);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2012-2111");
script_name(english:"Oracle Solaris Third-Party Patch Update : samba (cve_2012_2111_access_controls)");
script_summary(english:"Check for the 'entire' version.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Solaris system is missing a security patch for third-party
software."
);
script_set_attribute(
attribute:"description",
value:
"The remote Solaris system is missing necessary patches to address
security updates :
- The (1) CreateAccount, (2) OpenAccount, (3)
AddAccountRights, and (4) RemoveAccountRights LSA RPC
procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x
before 3.5.15, and 3.6.x before 3.6.5 do not properly
restrict modifications to the privileges database, which
allows remote authenticated users to obtain the 'take
ownership' privilege via an LSA connection.
(CVE-2012-2111)"
);
# https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?4a913f44"
);
# https://blogs.oracle.com/sunsecurity/cve-2012-2111-access-controls-vulnerability-in-samba
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?a354c62f"
);
script_set_attribute(attribute:"solution", value:"Upgrade to Solaris 11/11 SRU 8.5.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:samba");
script_set_attribute(attribute:"patch_publication_date", value:"2012/08/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"Solaris Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("solaris.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Solaris11/release");
if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
pkg_list = solaris_pkg_list_leaves();
if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages");
if (empty_or_null(egrep(string:pkg_list, pattern:"^samba$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "samba");
flag = 0;
if (solaris_check_release(release:"0.5.11-0.175.0.8.0.5.0", sru:"SRU 8.5") > 0) flag++;
if (flag)
{
error_extra = 'Affected package : samba\n' + solaris_get_report2();
error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra);
if (report_verbosity > 0) security_warning(port:0, extra:error_extra);
else security_warning(0);
exit(0);
}
else audit(AUDIT_PACKAGE_NOT_AFFECTED, "samba");
{"id": "SOLARIS11_SAMBA_20120807.NASL", "bulletinFamily": "scanner", "title": "Oracle Solaris Third-Party Patch Update : samba (cve_2012_2111_access_controls)", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The (1) CreateAccount, (2) OpenAccount, (3)\n AddAccountRights, and (4) RemoveAccountRights LSA RPC\n procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x\n before 3.5.15, and 3.6.x before 3.6.5 do not properly\n restrict modifications to the privileges database, which\n allows remote authenticated users to obtain the 'take\n ownership' privilege via an LSA connection.\n (CVE-2012-2111)", "published": "2015-01-19T00:00:00", "modified": "2015-01-19T00:00:00", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/80761", "reporter": "This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.", "references": ["http://www.nessus.org/u?a354c62f", "http://www.nessus.org/u?4a913f44"], "cvelist": ["CVE-2012-2111"], "type": "nessus", "lastseen": "2021-01-17T14:01:12", "edition": 25, "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-2111"]}, {"type": "ubuntu", "idList": ["USN-1434-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12370", "SECURITYVULNS:DOC:28058", "SECURITYVULNS:VULN:13198"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2463-1:BA1BB"]}, {"type": "suse", "idList": ["SUSE-SU-2012:0591-1", "SUSE-SU-2012:0573-1", "OPENSUSE-SU-2012:0583-1", "SUSE-SU-2012:0575-1"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0533"]}, {"type": "samba", "idList": ["SAMBA:CVE-2012-2111"]}, {"type": "redhat", "idList": ["RHSA-2012:0533"]}, {"type": "freebsd", "idList": ["0FA15E08-92EC-11E1-A94A-00215C6A37BB"]}, {"type": "centos", "idList": ["CESA-2012:0533"]}, {"type": "fedora", "idList": ["FEDORA:79D7720B02", "FEDORA:F2208202F0", "FEDORA:095C220955", "FEDORA:D3501201B6", "FEDORA:079FE20704", "FEDORA:E9118202AA", "FEDORA:0B63020AE6"]}, {"type": "nessus", "idList": ["FEDORA_2012-6999.NASL", "SAMBA_3_6_5.NASL", "MANDRIVA_MDVSA-2012-067.NASL", "DEBIAN_DSA-2463.NASL", "FEDORA_2012-7317.NASL", "FREEBSD_PKG_0FA15E0892EC11E1A94A00215C6A37BB.NASL", "FEDORA_2012-6981.NASL", "CENTOS_RHSA-2012-0533.NASL", "ORACLELINUX_ELSA-2012-0533.NASL", "REDHAT-RHSA-2012-0533.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310850252", "OPENVAS:1361412562310864406", "OPENVAS:831570", "OPENVAS:864406", "OPENVAS:136141256231071266", "OPENVAS:1361412562310840998", "OPENVAS:881060", "OPENVAS:850252", "OPENVAS:1361412562310881081", "OPENVAS:840998"]}, {"type": "gentoo", "idList": ["GLSA-201206-22"]}], "modified": "2021-01-17T14:01:12", "rev": 2}, "score": {"value": 6.7, "vector": "NONE", "modified": "2021-01-17T14:01:12", "rev": 2}, "vulnersScore": 6.7}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80761);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2111\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : samba (cve_2012_2111_access_controls)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The (1) CreateAccount, (2) OpenAccount, (3)\n AddAccountRights, and (4) RemoveAccountRights LSA RPC\n procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x\n before 3.5.15, and 3.6.x before 3.6.5 do not properly\n restrict modifications to the privileges database, which\n allows remote authenticated users to obtain the 'take\n ownership' privilege via an LSA connection.\n (CVE-2012-2111)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2012-2111-access-controls-vulnerability-in-samba\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a354c62f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11/11 SRU 8.5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:samba\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^samba$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.0.8.0.5.0\", sru:\"SRU 8.5\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : samba\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"samba\");\n", "naslFamily": "Solaris Local Security Checks", "pluginID": "80761", "cpe": ["cpe:/o:oracle:solaris:11.0", "p-cpe:/a:oracle:solaris:samba"], "scheme": null}
{"cve": [{"lastseen": "2020-10-03T12:06:03", "description": "The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the \"take ownership\" privilege via an LSA connection.", "edition": 3, "cvss3": {}, "published": "2012-04-30T14:55:00", "title": "CVE-2012-2111", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2111"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/a:samba:samba:3.5.5", "cpe:/a:samba:samba:3.4.1", "cpe:/a:samba:samba:3.4.0", "cpe:/a:samba:samba:3.5.8", "cpe:/a:samba:samba:3.5.11", "cpe:/a:samba:samba:3.5.13", "cpe:/a:samba:samba:3.5.12", "cpe:/a:samba:samba:3.4.9", "cpe:/a:samba:samba:3.4.16", "cpe:/a:samba:samba:3.4.12", "cpe:/a:samba:samba:3.4.14", "cpe:/a:samba:samba:3.4.15", "cpe:/a:samba:samba:3.4.5", "cpe:/a:samba:samba:3.4.8", "cpe:/a:samba:samba:3.4.13", "cpe:/a:samba:samba:3.6.2", "cpe:/a:samba:samba:3.5.2", "cpe:/a:samba:samba:3.5.6", "cpe:/a:samba:samba:3.4.10", "cpe:/a:samba:samba:3.4.6", "cpe:/a:samba:samba:3.6.0", "cpe:/a:samba:samba:3.4.3", "cpe:/a:samba:samba:3.5.14", "cpe:/a:samba:samba:3.4.4", "cpe:/a:samba:samba:3.6.1", "cpe:/a:samba:samba:3.6.3", "cpe:/a:samba:samba:3.5.10", "cpe:/a:samba:samba:3.5.7", "cpe:/a:samba:samba:3.6.4", "cpe:/a:samba:samba:3.5.3", "cpe:/a:samba:samba:3.5.0", "cpe:/a:samba:samba:3.5.4", "cpe:/a:samba:samba:3.4.7", "cpe:/a:samba:samba:3.4.11", "cpe:/a:samba:samba:3.5.9", "cpe:/a:samba:samba:3.5.1", "cpe:/a:samba:samba:3.4.2"], "id": "CVE-2012-2111", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2111", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:samba:samba:3.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.12:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.14:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.13:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.5.3:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-02T11:39:57", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "Ivano Cristofolini discovered that Samba incorrectly handled some Local \nSecurity Authority (LSA) remote procedure calls (RPC). A remote, authenticated \nattacker could exploit this to grant administrative privileges to arbitrary \nusers. The administrative privileges could be used to bypass permission checks \nperformed by the Samba server.", "edition": 5, "modified": "2012-05-01T00:00:00", "published": "2012-05-01T00:00:00", "id": "USN-1434-1", "href": "https://ubuntu.com/security/notices/USN-1434-1", "title": "Samba vulnerability", "type": "ubuntu", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:44", "bulletinFamily": "software", "cvelist": ["CVE-2012-2111"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:067\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : samba\r\n Date : May 1, 2012\r\n Affected: 2010.1, 2011.\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in samba:\r\n \r\n Security checks were incorrectly applied to the Local Security\r\n Authority (LSA) remote proceedure calls (RPC) CreateAccount,\r\n OpenAccount, AddAccountRights and RemoveAccountRights allowing any\r\n authenticated user to modify the privileges database (CVE-2012-2111).\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111\r\n http://www.samba.org/samba/security/CVE-2012-2111\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2010.1:\r\n b0c16888573af1114e9ad0bfde46808b 2010.1/i586/libnetapi0-3.5.3-3.6mdv2010.2.i586.rpm\r\n 7c98470fb3a8c4081ebaf10f0c1332bb 2010.1/i586/libnetapi-devel-3.5.3-3.6mdv2010.2.i586.rpm\r\n fb64c34589ac83010bc471489911fb2f 2010.1/i586/libsmbclient0-3.5.3-3.6mdv2010.2.i586.rpm\r\n ea8dee1fc52bad7595724def30a6fd69 2010.1/i586/libsmbclient0-devel-3.5.3-3.6mdv2010.2.i586.rpm\r\n 986549d1f25d8c5c870eaf87b9e7cf08 2010.1/i586/libsmbclient0-static-devel-3.5.3-3.6mdv2010.2.i586.rpm\r\n 19b33f2132413cf36031f8d7d0f6f5c4 2010.1/i586/libsmbsharemodes0-3.5.3-3.6mdv2010.2.i586.rpm\r\n 145adf5071677e950fc071e894e45bd9 2010.1/i586/libsmbsharemodes-devel-3.5.3-3.6mdv2010.2.i586.rpm\r\n ca052c237ab25c02f7366888ed6bde33 2010.1/i586/libwbclient0-3.5.3-3.6mdv2010.2.i586.rpm\r\n b401a4c10ad4ff5b1b6209c43d0369fe 2010.1/i586/libwbclient-devel-3.5.3-3.6mdv2010.2.i586.rpm\r\n e7f118657fea080c43a0a6377eb02d10 2010.1/i586/mount-cifs-3.5.3-3.6mdv2010.2.i586.rpm\r\n cfb25b984affc20ff7b32245558a86bd 2010.1/i586/nss_wins-3.5.3-3.6mdv2010.2.i586.rpm\r\n 58b2405220ad8f461968d9213167b25c 2010.1/i586/samba-client-3.5.3-3.6mdv2010.2.i586.rpm\r\n f790e91505f6e5b7cb7905a82ec37ab1 2010.1/i586/samba-common-3.5.3-3.6mdv2010.2.i586.rpm\r\n 73ad8d9bc99d605e7a3cf1e862b5acb7 2010.1/i586/samba-doc-3.5.3-3.6mdv2010.2.i586.rpm\r\n 72efce39b1ecf4f1fce38bbfb5d52a73 2010.1/i586/samba-domainjoin-gui-3.5.3-3.6mdv2010.2.i586.rpm\r\n 2a912520751bd6ee71cd3d7a2bcd652a 2010.1/i586/samba-server-3.5.3-3.6mdv2010.2.i586.rpm\r\n f900b32e99a90b0e4b02f78739aec352 2010.1/i586/samba-swat-3.5.3-3.6mdv2010.2.i586.rpm\r\n 3416b4b6a0b581cee20ca92135cb81a9 2010.1/i586/samba-winbind-3.5.3-3.6mdv2010.2.i586.rpm \r\n aa719946518e4cde4a7e246707447037 2010.1/SRPMS/samba-3.5.3-3.6mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n 4555cdf1cf1e309adf310020a0c2bacd 2010.1/x86_64/lib64netapi0-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 4324676ed91aff0cc726b5b1c9699914 2010.1/x86_64/lib64netapi-devel-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 6cad4c5c96ecf4aff1535461321381da 2010.1/x86_64/lib64smbclient0-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 89a56321c42cc94b4a8748d33d20b3cd 2010.1/x86_64/lib64smbclient0-devel-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n e2ab03c50e2daa90011cb12a7b3260e6 2010.1/x86_64/lib64smbclient0-static-devel-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n a1f6db735b484608a9adb6d71b2c6bf9 2010.1/x86_64/lib64smbsharemodes0-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 2316afe1be6ac09e8985447f906d78d1 2010.1/x86_64/lib64smbsharemodes-devel-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 7e20f319a9fbbf7eeb251adfc103bb22 2010.1/x86_64/lib64wbclient0-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 49604738194c0f13c268c79acfa3ed96 2010.1/x86_64/lib64wbclient-devel-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n e02391b2c8676786ea21268380e0c267 2010.1/x86_64/mount-cifs-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n c0bf73ba14ce610beeb84340d3dc3ff7 2010.1/x86_64/nss_wins-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n e091ae55c4018bb218dfeafcc57620a3 2010.1/x86_64/samba-client-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 79d7d55c5413db0c5143d3aadaed9498 2010.1/x86_64/samba-common-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 5164c31f03228f112ea76d2abbbe1cc6 2010.1/x86_64/samba-doc-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 92cd364fa5d300b86484eb967b960bc3 2010.1/x86_64/samba-domainjoin-gui-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 8e928172bb0b614635e01c52d05f96a9 2010.1/x86_64/samba-server-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n c2615e1db28f1eefb713c115e82e8ba8 2010.1/x86_64/samba-swat-3.5.3-3.6mdv2010.2.x86_64.rpm\r\n 25a7e8cad30bf78f9ea217cc68e27a1a 2010.1/x86_64/samba-winbind-3.5.3-3.6mdv2010.2.x86_64.rpm \r\n aa719946518e4cde4a7e246707447037 2010.1/SRPMS/samba-3.5.3-3.6mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2011:\r\n cff0ff110611aa92de13e1e6d21047d1 2011/i586/libnetapi0-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 089dc3e2e37fe8ee0a3ad0385ae03e6b 2011/i586/libnetapi-devel-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 04954a46b3938198545553a644bf01f0 2011/i586/libsmbclient0-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 89d114cddad50da83a4d53d513441e47 2011/i586/libsmbclient0-devel-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 3909db914cdbbf99edf58c6795b5dff8 2011/i586/libsmbclient0-static-devel-3.5.10-1.3-mdv2011.0.i586.rpm\r\n cec79a0acd368786713468870122f4f3 2011/i586/libsmbsharemodes0-3.5.10-1.3-mdv2011.0.i586.rpm\r\n d3c78587799b381737b0feb00e50f287 2011/i586/libsmbsharemodes-devel-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 994f5c96f6c4d87b66d77efe9aededd0 2011/i586/libwbclient0-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 9250693ddfb45284676f1fe1f037791f 2011/i586/libwbclient-devel-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 88a93a320f0785258f3b3915589bd7d2 2011/i586/mount-cifs-3.5.10-1.3-mdv2011.0.i586.rpm\r\n b568d3cac9ee0dbe647e86b1e5579d3f 2011/i586/nss_wins-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 4b62e10c477f054e1b1108f1de52e9ba 2011/i586/samba-client-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 15e3ab4b525a3e09c5e81724e53d16da 2011/i586/samba-common-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 7e6028bcd35c577ef1921ac2569690b9 2011/i586/samba-doc-3.5.10-1.3-mdv2011.0.noarch.rpm\r\n 0dc103d9ee84e0f249cc89344e278143 2011/i586/samba-domainjoin-gui-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 66c78b0f067f3fd2209ab7e1b970c68e 2011/i586/samba-server-3.5.10-1.3-mdv2011.0.i586.rpm\r\n f302f1867604fafbf74d74e09604a71b 2011/i586/samba-swat-3.5.10-1.3-mdv2011.0.i586.rpm\r\n 0d0d8649d3d426c5f8cc50c31c76f8c8 2011/i586/samba-winbind-3.5.10-1.3-mdv2011.0.i586.rpm \r\n be1dff8504d05199b02576691f5ae86b 2011/SRPMS/samba-3.5.10-1.3.src.rpm\r\n\r\n Mandriva Linux 2011/X86_64:\r\n 1a851b2f20ee67453467a23727a2424a 2011/x86_64/lib64netapi0-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n 44603aa8df1c8307a3deccf291e42f7b 2011/x86_64/lib64netapi-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n 556104aef89a4b9ebd9bb66a833236d0 2011/x86_64/lib64smbclient0-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n 0d5dc0adf88bd341f7218585e7e33228 2011/x86_64/lib64smbclient0-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n 38ea7589c0013ffada677dfe2def0e98 2011/x86_64/lib64smbclient0-static-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n b04f159a984c3b693ff89b7cc179136d 2011/x86_64/lib64smbsharemodes0-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n 50ea8303bebbc5c751ab911d539b8535 2011/x86_64/lib64smbsharemodes-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n 8d80e36d55a5609504bdd0bfca353b5c 2011/x86_64/lib64wbclient0-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n e8ac81e9b840ffc2449af46e8824156b 2011/x86_64/lib64wbclient-devel-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n 0904a4afc0df9a00839b90a5bf92f2e0 2011/x86_64/mount-cifs-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n 0e60aefdd6f434a0889013246f1471a0 2011/x86_64/nss_wins-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n 8ecb1369ad46eae88cf8d273b0cbad07 2011/x86_64/samba-client-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n e4b3cc6e3a32b33012c36a17f7ab4b1d 2011/x86_64/samba-common-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n b6511465523ffd89ff81f7f528eb3335 2011/x86_64/samba-doc-3.5.10-1.3-mdv2011.0.noarch.rpm\r\n 34abf2242369315d0346d26509b6efbf 2011/x86_64/samba-domainjoin-gui-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n f412fafe8607022394bb6ec927f966b0 2011/x86_64/samba-server-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n f896be75e59f63a3e207ab66f5c5a870 2011/x86_64/samba-swat-3.5.10-1.3-mdv2011.0.x86_64.rpm\r\n 01821aace53b923c7ad4a1bc096fd456 2011/x86_64/samba-winbind-3.5.10-1.3-mdv2011.0.x86_64.rpm \r\n be1dff8504d05199b02576691f5ae86b 2011/SRPMS/samba-3.5.10-1.3.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niD8DBQFPn5QSmqjQ0CJFipgRAimcAKDL/VVweXcfXSX5OfXwJhvzBnpoUgCfT7Ny\r\nIkCl21bp34aGCX78vKk8a0E=\r\n=Gfjg\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-05-10T00:00:00", "published": "2012-05-10T00:00:00", "id": "SECURITYVULNS:DOC:28058", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28058", "title": "[ MDVSA-2012:067 ] samba", "type": "securityvulns", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:47", "bulletinFamily": "software", "cvelist": ["CVE-2012-2111"], "description": "Unprivileged user can execute privileged RPC calls to modify accounts database.", "edition": 1, "modified": "2012-05-10T00:00:00", "published": "2012-05-10T00:00:00", "id": "SECURITYVULNS:VULN:12370", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12370", "title": "Samba privilege escalation", "type": "securityvulns", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:52", "bulletinFamily": "software", "cvelist": ["CVE-2012-2311", "CVE-2012-2336", "CVE-2012-2111", "CVE-2013-2357", "CVE-2012-2335", "CVE-2012-0883", "CVE-2012-5217", "CVE-2011-3389", "CVE-2013-2361", "CVE-2013-2358", "CVE-2013-2355", "CVE-2013-2359", "CVE-2013-2362", "CVE-2012-2110", "CVE-2013-2363", "CVE-2013-2356", "CVE-2013-2364", "CVE-2012-2329", "CVE-2013-2360"], "description": "Code execution, unauthorized access, DoS.", "edition": 1, "modified": "2013-07-19T00:00:00", "published": "2013-07-19T00:00:00", "id": "SECURITYVULNS:VULN:13198", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13198", "title": "HP System Management Homepage multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:21:38", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2463-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMay 02, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : samba\nVulnerability : missing permission checks\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-2111\n\nIvano Cristofolini discovered that insufficient security checks in\nSamba's handling of LSA RPC calls could lead to privilege escalation\nby gaining the "take ownership" privilege.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.5.6~dfsg-3squeeze8.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.6.5-1.\n\nWe recommend that you upgrade your samba packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2012-05-02T15:33:30", "published": "2012-05-02T15:33:30", "id": "DEBIAN:DSA-2463-1:BA1BB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00095.html", "title": "[SECURITY] [DSA 2463-1] samba security update", "type": "debian", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T11:46:48", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "- docs-xml: fix default name resolve order; (bso#7564).\n - s3-aio-fork: Fix a segfault in vfs_aio_fork; (bso#8836).\n - docs: remove whitespace in example samba.ldif; (bso#8789).\n - s3-smbd: move print_backend_init() behind\n init_system_info(); (bso#8845).\n - s3-docs: Prepend '/' to filename argument; (bso#8826).\n - Restrict self granting privileges where security=ads for\n Samba post-3.3.16; CVE-2012-2111; (bnc#757576).\n\n", "edition": 1, "modified": "2012-05-04T15:08:17", "published": "2012-05-04T15:08:17", "id": "OPENSUSE-SU-2012:0583-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00001.html", "type": "suse", "title": "update for samba (important)", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:27:16", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "This update of Samba fixes the following security issue:\n\n * CVE-2012-2111: Ensure that users cannot hand out\n their own privileges to everyone, only administrators are\n allowed to do that.\n", "edition": 1, "modified": "2012-05-07T17:08:21", "published": "2012-05-07T17:08:21", "id": "SUSE-SU-2012:0591-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00003.html", "title": "Security update for Samba (important)", "type": "suse", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:37:04", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "This update of Samba fixes one security issue and several\n bugs.\n\n The security fix is:\n\n * Ensure that users cannot hand out their own\n privileges to everyone, only administrators are allowed to\n do that. (CVE-2012-2111\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111</a>\n > )\n\n The non-security bug fixes merged from upstream Samba are:\n\n * Fix default name resolve order. (docs-xml, bso#7564).\n * Fix a segfault in vfs_aio_fork. (s3-aio-fork,\n bso#8836).\n * Remove whitespace in example samba.ldif. (docs,\n bso#8789)\n * Move print_backend_init() behind init_system_info().\n (s3-smbd, bso#8845)\n * Prepend '/' to filename argument. (s3-docs, bso#8826)\n\n", "edition": 1, "modified": "2012-05-01T00:08:25", "published": "2012-05-01T00:08:25", "id": "SUSE-SU-2012:0573-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00023.html", "title": "Security update for Samba (important)", "type": "suse", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:54:52", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111", "CVE-2012-1568", "CVE-2012-1586"], "description": "This update of Samba includes the following fixes for two\n security issues:\n\n * Ensure that users cannot hand out their own\n privileges to everyone, only administrators are allowed to\n do that. (CVE-2012-2111\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111</a>\n > )\n * mount.cifs no longer allows unprivileged users to\n mount onto dirs that are not accessible to them.\n (CVE-2012-1568\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1586\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1586</a>\n > )\n", "edition": 1, "modified": "2012-05-01T01:08:20", "published": "2012-05-01T01:08:20", "id": "SUSE-SU-2012:0575-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00024.html", "title": "Security update for Samba (important)", "type": "suse", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:40", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "[3.5.10-116]\n- Security Release, fixes CVE-2012-2111\n- resolves: #815688", "edition": 4, "modified": "2012-04-30T00:00:00", "published": "2012-04-30T00:00:00", "id": "ELSA-2012-0533", "href": "http://linux.oracle.com/errata/ELSA-2012-0533.html", "title": "samba and samba3x security update", "type": "oraclelinux", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "samba": [{"lastseen": "2020-12-24T13:21:00", "bulletinFamily": "software", "cvelist": ["CVE-2012-2111"], "description": "Samba versions 3.4.x to 3.6.4 inclusive are affected by a vulnerability that allows arbitrary users to modify privileges on a file server.\nSecurity checks were incorrectly applied to the Local Security Authority (LSA) remote proceedure calls (RPC) CreateAccount, OpenAccount, AddAccountRights and RemoveAccountRights allowing any authenticated user to modify the privileges database.\nThis is a serious error, as it means that authenticated users can connect to the LSA and grant themselves the \"take ownership\" privilege. This privilege is used by the smbd file server to grant the ability to change ownership of a file or directory which means users could take ownership of files or directories they do not own.", "edition": 5, "modified": "2012-04-30T00:00:00", "published": "2012-04-30T00:00:00", "id": "SAMBA:CVE-2012-2111", "href": "https://www.samba.org/samba/security/CVE-2012-2111.html", "title": "Incorrect permission checks when granting/removing privileges can compromise file server security. ", "type": "samba", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:24", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "Samba is an open-source implementation of the Server Message Block (SMB) or\nCommon Internet File System (CIFS) protocol, which allows PC-compatible\nmachines to share files, printers, and other information.\n\nA flaw was found in the way Samba handled certain Local Security Authority\n(LSA) Remote Procedure Calls (RPC). An authenticated user could use this\nflaw to issue an RPC call that would modify the privileges database on the\nSamba server, allowing them to steal the ownership of files and directories\nthat are being shared by the Samba server, and create, delete, and modify\nuser accounts, as well as other Samba server administration tasks.\n(CVE-2012-2111)\n\nRed Hat would like to thank the Samba project for reporting this issue.\nUpstream acknowledges Ivano Cristofolini as the original reporter.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing this\nupdate, the smb service will be restarted automatically.\n", "modified": "2018-06-06T20:24:21", "published": "2012-04-30T04:00:00", "id": "RHSA-2012:0533", "href": "https://access.redhat.com/errata/RHSA-2012:0533", "type": "redhat", "title": "(RHSA-2012:0533) Important: samba and samba3x security update", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "\nThe Samba project reports:\n\nSamba versions 3.4.x to 3.6.4 inclusive are affected\n\t by a vulnerability that allows arbitrary users to modify\n\t privileges on a file server.\nSecurity checks were incorrectly applied to the Local\n\t Security Authority (LSA) remote proceedure calls (RPC)\n\t CreateAccount, OpenAccount, AddAccountRights and\n\t RemoveAccountRights allowing any authenticated user\n\t to modify the privileges database.\nThis is a serious error, as it means that authenticated\n\t users can connect to the LSA and grant themselves the\n\t \"take ownership\" privilege. This privilege is used by the\n\t smbd file server to grant the ability to change ownership\n\t of a file or directory which means users could take ownership\n\t of files or directories they do not own.\n\n", "edition": 4, "modified": "2012-04-30T00:00:00", "published": "2012-04-30T00:00:00", "id": "0FA15E08-92EC-11E1-A94A-00215C6A37BB", "href": "https://vuxml.freebsd.org/freebsd/0fa15e08-92ec-11e1-a94a-00215c6a37bb.html", "title": "samba -- incorrect permission checks vulnerability", "type": "freebsd", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-12-08T03:33:59", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "**CentOS Errata and Security Advisory** CESA-2012:0533\n\n\nSamba is an open-source implementation of the Server Message Block (SMB) or\nCommon Internet File System (CIFS) protocol, which allows PC-compatible\nmachines to share files, printers, and other information.\n\nA flaw was found in the way Samba handled certain Local Security Authority\n(LSA) Remote Procedure Calls (RPC). An authenticated user could use this\nflaw to issue an RPC call that would modify the privileges database on the\nSamba server, allowing them to steal the ownership of files and directories\nthat are being shared by the Samba server, and create, delete, and modify\nuser accounts, as well as other Samba server administration tasks.\n(CVE-2012-2111)\n\nRed Hat would like to thank the Samba project for reporting this issue.\nUpstream acknowledges Ivano Cristofolini as the original reporter.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing this\nupdate, the smb service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-April/030644.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-April/030646.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-May/030646.html\n\n**Affected packages:**\nlibsmbclient\nlibsmbclient-devel\nsamba\nsamba-client\nsamba-common\nsamba-doc\nsamba-domainjoin-gui\nsamba-swat\nsamba-winbind\nsamba-winbind-clients\nsamba-winbind-devel\nsamba-winbind-krb5-locator\nsamba3x\nsamba3x-client\nsamba3x-common\nsamba3x-doc\nsamba3x-domainjoin-gui\nsamba3x-swat\nsamba3x-winbind\nsamba3x-winbind-devel\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2012-0533.html", "edition": 4, "modified": "2012-05-01T03:24:40", "published": "2012-04-30T22:24:11", "href": "http://lists.centos.org/pipermail/centos-announce/2012-April/030644.html", "id": "CESA-2012:0533", "title": "libsmbclient, samba, samba3x security update", "type": "centos", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "OpenChange provides libraries to access Microsoft Exchange servers using native protocols. ", "modified": "2012-05-08T04:16:26", "published": "2012-05-08T04:16:26", "id": "FEDORA:079FE20704", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: openchange-1.0-6.fc17", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": " Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB/CIFS server that can be used to provide network services to SMB/CIFS clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol. ", "modified": "2012-05-02T20:57:30", "published": "2012-05-02T20:57:30", "id": "FEDORA:0B63020AE6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: samba-3.6.5-85.fc17.1", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "This package allows Evolution to interact with MS Exchange 2007 servers. ", "modified": "2012-05-08T04:16:26", "published": "2012-05-08T04:16:26", "id": "FEDORA:F2208202F0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: evolution-mapi-3.4.1-3.fc17", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2111"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2012-05-08T04:16:26", "published": "2012-05-08T04:16:26", "id": "FEDORA:E9118202AA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: samba4-4.0.0-47alpha18.fc17", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0817", "CVE-2012-1182", "CVE-2012-2111"], "description": " Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB/CIFS server that can be used to provide network services to SMB/CIFS clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol. ", "modified": "2012-05-03T07:23:54", "published": "2012-05-03T07:23:54", "id": "FEDORA:79D7720B02", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: samba-3.6.5-85.fc16", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2522", "CVE-2011-2694", "CVE-2012-1182", "CVE-2012-2111"], "description": " Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB/CIFS server that can be used to provide network services to SMB/CIFS clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol. ", "modified": "2012-05-03T07:21:11", "published": "2012-05-03T07:21:11", "id": "FEDORA:D3501201B6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: samba-3.5.15-74.fc15.1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0817", "CVE-2012-1182", "CVE-2012-2111", "CVE-2013-0213", "CVE-2013-0214"], "description": " Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB/CIFS server that can be used to provide network services to SMB/CIFS clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol. ", "modified": "2013-02-12T05:03:06", "published": "2013-02-12T05:03:06", "id": "FEDORA:095C220955", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: samba-3.6.12-1.fc16", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2018-01-02T10:57:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "description": "Check for the Version of samba3x", "modified": "2017-12-29T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881060", "href": "http://plugins.openvas.org/nasl.php?oid=881060", "type": "openvas", "title": "CentOS Update for samba3x CESA-2012:0533 centos5 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba3x CESA-2012:0533 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Samba is an open-source implementation of the Server Message Block (SMB) or\n Common Internet File System (CIFS) protocol, which allows PC-compatible\n machines to share files, printers, and other information.\n\n A flaw was found in the way Samba handled certain Local Security Authority\n (LSA) Remote Procedure Calls (RPC). An authenticated user could use this\n flaw to issue an RPC call that would modify the privileges database on the\n Samba server, allowing them to steal the ownership of files and directories\n that are being shared by the Samba server, and create, delete, and modify\n user accounts, as well as other Samba server administration tasks.\n (CVE-2012-2111)\n \n Red Hat would like to thank the Samba project for reporting this issue.\n Upstream acknowledges Ivano Cristofolini as the original reporter.\n \n Users of Samba are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue. After installing this\n update, the smb service will be restarted automatically.\";\n\ntag_affected = \"samba3x on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-April/018606.html\");\n script_id(881060);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 15:59:15 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-2111\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0533\");\n script_name(\"CentOS Update for samba3x CESA-2012:0533 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of samba3x\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba3x\", rpm:\"samba3x~3.5.10~0.109.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-client\", rpm:\"samba3x-client~3.5.10~0.109.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-common\", rpm:\"samba3x-common~3.5.10~0.109.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-doc\", rpm:\"samba3x-doc~3.5.10~0.109.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-domainjoin-gui\", rpm:\"samba3x-domainjoin-gui~3.5.10~0.109.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-swat\", rpm:\"samba3x-swat~3.5.10~0.109.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-winbind\", rpm:\"samba3x-winbind~3.5.10~0.109.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-winbind-devel\", rpm:\"samba3x-winbind-devel~3.5.10~0.109.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2012-08-03T00:00:00", "id": "OPENVAS:1361412562310831570", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831570", "type": "openvas", "title": "Mandriva Update for samba MDVSA-2012:067 (samba)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for samba MDVSA-2012:067 (samba)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:067\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831570\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 09:49:43 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2012-2111\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:067\");\n script_name(\"Mandriva Update for samba MDVSA-2012:067 (samba)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2011\\.0|2010\\.1)\");\n script_tag(name:\"affected\", value:\"samba on Mandriva Linux 2011.0,\n Mandriva Linux 2010.1\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A vulnerability has been found and corrected in samba:\n\n Security checks were incorrectly applied to the Local Security\n Authority (LSA) remote procedure calls (RPC) CreateAccount,\n OpenAccount, AddAccountRights and RemoveAccountRights allowing any\n authenticated user to modify the privileges database (CVE-2012-2111).\n\n The updated packages have been patched to correct this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbsharemodes0\", rpm:\"libsmbsharemodes0~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbsharemodes-devel\", rpm:\"libsmbsharemodes-devel~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-domainjoin-gui\", rpm:\"samba-domainjoin-gui~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64netapi0\", rpm:\"lib64netapi0~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64netapi-devel\", rpm:\"lib64netapi-devel~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbsharemodes0\", rpm:\"lib64smbsharemodes0~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbsharemodes-devel\", rpm:\"lib64smbsharemodes-devel~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wbclient0\", rpm:\"lib64wbclient0~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wbclient-devel\", rpm:\"lib64wbclient-devel~3.5.10~1.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbsharemodes0\", rpm:\"libsmbsharemodes0~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbsharemodes-devel\", rpm:\"libsmbsharemodes-devel~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-domainjoin-gui\", rpm:\"samba-domainjoin-gui~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64netapi0\", rpm:\"lib64netapi0~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64netapi-devel\", rpm:\"lib64netapi-devel~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbsharemodes0\", rpm:\"lib64smbsharemodes0~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smbsharemodes-devel\", rpm:\"lib64smbsharemodes-devel~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wbclient0\", rpm:\"lib64wbclient0~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wbclient-devel\", rpm:\"lib64wbclient-devel~3.5.3~3.6mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "description": "Check for the Version of libsmbclient", "modified": "2017-12-26T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881081", "href": "http://plugins.openvas.org/nasl.php?oid=881081", "type": "openvas", "title": "CentOS Update for libsmbclient CESA-2012:0533 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmbclient CESA-2012:0533 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Samba is an open-source implementation of the Server Message Block (SMB) or\n Common Internet File System (CIFS) protocol, which allows PC-compatible\n machines to share files, printers, and other information.\n\n A flaw was found in the way Samba handled certain Local Security Authority\n (LSA) Remote Procedure Calls (RPC). An authenticated user could use this\n flaw to issue an RPC call that would modify the privileges database on the\n Samba server, allowing them to steal the ownership of files and directories\n that are being shared by the Samba server, and create, delete, and modify\n user accounts, as well as other Samba server administration tasks.\n (CVE-2012-2111)\n \n Red Hat would like to thank the Samba project for reporting this issue.\n Upstream acknowledges Ivano Cristofolini as the original reporter.\n \n Users of Samba are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue. After installing this\n update, the smb service will be restarted automatically.\";\n\ntag_affected = \"libsmbclient on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-April/018608.html\");\n script_id(881081);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:02:02 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-2111\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0533\");\n script_name(\"CentOS Update for libsmbclient CESA-2012:0533 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libsmbclient\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-domainjoin-gui\", rpm:\"samba-domainjoin-gui~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-devel\", rpm:\"samba-winbind-devel~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-krb5-locator\", rpm:\"samba-winbind-krb5-locator~3.5.10~116.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-01-31T18:41:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2012-12-13T00:00:00", "id": "OPENVAS:1361412562310850252", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850252", "type": "openvas", "title": "openSUSE: Security Advisory for update (openSUSE-SU-2012:0583-1)", "sourceData": "# Copyright (C) 2012 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850252\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-12-13 17:02:02 +0530 (Thu, 13 Dec 2012)\");\n script_cve_id(\"CVE-2012-2111\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name:\"openSUSE-SU\", value:\"2012:0583-1\");\n script_name(\"openSUSE: Security Advisory for update (openSUSE-SU-2012:0583-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'update'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE11\\.4|openSUSE12\\.1)\");\n\n script_tag(name:\"affected\", value:\"update on openSUSE 12.1, openSUSE 11.4\");\n\n script_tag(name:\"insight\", value:\"- docs-xml: fix default name resolve order (bso#7564).\n\n - s3-aio-fork: Fix a segfault in vfs_aio_fork (bso#8836).\n\n - docs: remove whitespace in example samba.ldif (bso#8789).\n\n - s3-smbd: move print_backend_init() behind\n init_system_info() (bso#8845).\n\n - s3-docs: Prepend '/' to filename argument (bso#8826).\n\n - Restrict self granting privileges where security=ads for\n Samba post-3.3.16, CVE-2012-2111 (bnc#757576).\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"ldapsmb\", rpm:\"ldapsmb~1.34b~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb-devel\", rpm:\"libldb-devel~1.0.2~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1\", rpm:\"libldb1~1.0.2~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1-debuginfo\", rpm:\"libldb1-debuginfo~1.0.2~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-debuginfo\", rpm:\"libnetapi0-debuginfo~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo\", rpm:\"libsmbclient0-debuginfo~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbsharemodes-devel\", rpm:\"libsmbsharemodes-devel~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbsharemodes0\", rpm:\"libsmbsharemodes0~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbsharemodes0-debuginfo\", rpm:\"libsmbsharemodes0-debuginfo~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc-devel\", rpm:\"libtalloc-devel~2.0.5~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2\", rpm:\"libtalloc2~2.0.5~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2-debuginfo\", rpm:\"libtalloc2-debuginfo~2.0.5~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb-devel\", rpm:\"libtdb-devel~1.2.9~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1\", rpm:\"libtdb1~1.2.9~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1-debuginfo\", rpm:\"libtdb1-debuginfo~1.2.9~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-devel\", rpm:\"libtevent-devel~0.9.11~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0\", rpm:\"libtevent0~0.9.11~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0-debuginfo\", rpm:\"libtevent0-debuginfo~0.9.11~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo\", rpm:\"libwbclient0-debuginfo~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo\", rpm:\"samba-client-debuginfo~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debugsource\", rpm:\"samba-debugsource~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-devel\", rpm:\"samba-devel~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-krb-printing\", rpm:\"samba-krb-printing~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-krb-printing-debuginfo\", rpm:\"samba-krb-printing-debuginfo~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo\", rpm:\"samba-winbind-debuginfo~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1-32bit\", rpm:\"libldb1-32bit~1.0.2~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1-debuginfo-32bit\", rpm:\"libldb1-debuginfo-32bit~1.0.2~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-32bit\", rpm:\"libsmbclient0-32bit~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo-32bit\", rpm:\"libsmbclient0-debuginfo-32bit~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2-32bit\", rpm:\"libtalloc2-32bit~2.0.5~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2-debuginfo-32bit\", rpm:\"libtalloc2-debuginfo-32bit~2.0.5~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1-32bit\", rpm:\"libtdb1-32bit~1.2.9~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1-debuginfo-32bit\", rpm:\"libtdb1-debuginfo-32bit~1.2.9~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0-32bit\", rpm:\"libtevent0-32bit~0.9.11~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0-debuginfo-32bit\", rpm:\"libtevent0-debuginfo-32bit~0.9.11~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-32bit\", rpm:\"libwbclient0-32bit~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo-32bit\", rpm:\"libwbclient0-debuginfo-32bit~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-32bit\", rpm:\"samba-32bit~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo-32bit\", rpm:\"samba-client-debuginfo-32bit~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debuginfo-32bit\", rpm:\"samba-debuginfo-32bit~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo-32bit\", rpm:\"samba-winbind-debuginfo-32bit~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1-debuginfo-x86\", rpm:\"libldb1-debuginfo-x86~1.0.2~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1-x86\", rpm:\"libldb1-x86~1.0.2~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo-x86\", rpm:\"libsmbclient0-debuginfo-x86~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-x86\", rpm:\"libsmbclient0-x86~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2-debuginfo-x86\", rpm:\"libtalloc2-debuginfo-x86~2.0.5~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2-x86\", rpm:\"libtalloc2-x86~2.0.5~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1-debuginfo-x86\", rpm:\"libtdb1-debuginfo-x86~1.2.9~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1-x86\", rpm:\"libtdb1-x86~1.2.9~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0-debuginfo-x86\", rpm:\"libtevent0-debuginfo-x86~0.9.11~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0-x86\", rpm:\"libtevent0-x86~0.9.11~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo-x86\", rpm:\"libwbclient0-debuginfo-x86~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-x86\", rpm:\"libwbclient0-x86~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo-x86\", rpm:\"samba-client-debuginfo-x86~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-x86\", rpm:\"samba-client-x86~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debuginfo-x86\", rpm:\"samba-debuginfo-x86~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo-x86\", rpm:\"samba-winbind-debuginfo-x86~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-x86\", rpm:\"samba-winbind-x86~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-x86\", rpm:\"samba-x86~3.6.3~115.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE12.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"ldapsmb\", rpm:\"ldapsmb~1.34b~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb-devel\", rpm:\"libldb-devel~1.0.2~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1\", rpm:\"libldb1~1.0.2~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1-debuginfo\", rpm:\"libldb1-debuginfo~1.0.2~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-debuginfo\", rpm:\"libnetapi0-debuginfo~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo\", rpm:\"libsmbclient0-debuginfo~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbsharemodes-devel\", rpm:\"libsmbsharemodes-devel~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbsharemodes0\", rpm:\"libsmbsharemodes0~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbsharemodes0-debuginfo\", rpm:\"libsmbsharemodes0-debuginfo~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc-devel\", rpm:\"libtalloc-devel~2.0.5~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2\", rpm:\"libtalloc2~2.0.5~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2-debuginfo\", rpm:\"libtalloc2-debuginfo~2.0.5~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb-devel\", rpm:\"libtdb-devel~1.2.9~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1\", rpm:\"libtdb1~1.2.9~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1-debuginfo\", rpm:\"libtdb1-debuginfo~1.2.9~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-devel\", rpm:\"libtevent-devel~0.9.11~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0\", rpm:\"libtevent0~0.9.11~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0-debuginfo\", rpm:\"libtevent0-debuginfo~0.9.11~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo\", rpm:\"libwbclient0-debuginfo~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo\", rpm:\"samba-client-debuginfo~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debugsource\", rpm:\"samba-debugsource~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-devel\", rpm:\"samba-devel~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-krb-printing\", rpm:\"samba-krb-printing~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-krb-printing-debuginfo\", rpm:\"samba-krb-printing-debuginfo~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo\", rpm:\"samba-winbind-debuginfo~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1-32bit\", rpm:\"libldb1-32bit~1.0.2~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1-debuginfo-32bit\", rpm:\"libldb1-debuginfo-32bit~1.0.2~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-32bit\", rpm:\"libsmbclient0-32bit~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo-32bit\", rpm:\"libsmbclient0-debuginfo-32bit~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2-32bit\", rpm:\"libtalloc2-32bit~2.0.5~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2-debuginfo-32bit\", rpm:\"libtalloc2-debuginfo-32bit~2.0.5~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1-32bit\", rpm:\"libtdb1-32bit~1.2.9~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1-debuginfo-32bit\", rpm:\"libtdb1-debuginfo-32bit~1.2.9~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0-32bit\", rpm:\"libtevent0-32bit~0.9.11~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0-debuginfo-32bit\", rpm:\"libtevent0-debuginfo-32bit~0.9.11~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-32bit\", rpm:\"libwbclient0-32bit~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo-32bit\", rpm:\"libwbclient0-debuginfo-32bit~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-32bit\", rpm:\"samba-32bit~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo-32bit\", rpm:\"samba-client-debuginfo-32bit~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debuginfo-32bit\", rpm:\"samba-debuginfo-32bit~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo-32bit\", rpm:\"samba-winbind-debuginfo-32bit~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1-debuginfo-x86\", rpm:\"libldb1-debuginfo-x86~1.0.2~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libldb1-x86\", rpm:\"libldb1-x86~1.0.2~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo-x86\", rpm:\"libsmbclient0-debuginfo-x86~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-x86\", rpm:\"libsmbclient0-x86~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2-debuginfo-x86\", rpm:\"libtalloc2-debuginfo-x86~2.0.5~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtalloc2-x86\", rpm:\"libtalloc2-x86~2.0.5~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1-debuginfo-x86\", rpm:\"libtdb1-debuginfo-x86~1.2.9~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtdb1-x86\", rpm:\"libtdb1-x86~1.2.9~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0-debuginfo-x86\", rpm:\"libtevent0-debuginfo-x86~0.9.11~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent0-x86\", rpm:\"libtevent0-x86~0.9.11~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo-x86\", rpm:\"libwbclient0-debuginfo-x86~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-x86\", rpm:\"libwbclient0-x86~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo-x86\", rpm:\"samba-client-debuginfo-x86~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-x86\", rpm:\"samba-client-x86~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debuginfo-x86\", rpm:\"samba-debuginfo-x86~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo-x86\", rpm:\"samba-winbind-debuginfo-x86~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-x86\", rpm:\"samba-winbind-x86~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-x86\", rpm:\"samba-x86~3.6.3~34.12.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2018-10-05T00:00:00", "published": "2012-04-30T00:00:00", "id": "OPENVAS:136141256231071266", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071266", "type": "openvas", "title": "FreeBSD Ports: samba34", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_samba341.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 0fa15e08-92ec-11e1-a94a-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71266\");\n script_cve_id(\"CVE-2012-2111\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:26 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"FreeBSD Ports: samba34\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n samba34\n samba35\n samba36\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"samba34\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.4\")>0 && revcomp(a:bver, b:\"3.4.17\")<0) {\n txt += \"Package samba34 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"samba35\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.5\")>0 && revcomp(a:bver, b:\"3.5.15\")<0) {\n txt += \"Package samba35 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"samba36\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.6\")>0 && revcomp(a:bver, b:\"3.6.5\")<0) {\n txt += \"Package samba36 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "description": "Check for the Version of samba4", "modified": "2018-01-02T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:864398", "href": "http://plugins.openvas.org/nasl.php?oid=864398", "type": "openvas", "title": "Fedora Update for samba4 FEDORA-2012-7317", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for samba4 FEDORA-2012-7317\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"samba4 on Fedora 17\";\ntag_insight = \"Samba is the standard Windows interoperability suite of programs for Linux and Unix.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080117.html\");\n script_id(864398);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:07:48 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2111\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-7317\");\n script_name(\"Fedora Update for samba4 FEDORA-2012-7317\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of samba4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba4\", rpm:\"samba4~4.0.0~47alpha18.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "description": "The remote host is missing an update to samba\nannounced via advisory DSA 2463-1.", "modified": "2017-07-07T00:00:00", "published": "2012-05-31T00:00:00", "id": "OPENVAS:71340", "href": "http://plugins.openvas.org/nasl.php?oid=71340", "type": "openvas", "title": "Debian Security Advisory DSA 2463-1 (samba)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2463_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2463-1 (samba)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ivano Cristofolini discovered that insufficient security checks in\nSamba's handling of LSA RPC calls could lead to privilege escalation\nby gaining the take ownership privilege.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.5.6~dfsg-3squeeze8.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.6.5-1.\n\nWe recommend that you upgrade your samba packages.\";\ntag_summary = \"The remote host is missing an update to samba\nannounced via advisory DSA 2463-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202463-1\";\n\nif(description)\n{\n script_id(71340);\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2012-2111\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-31 11:42:39 -0400 (Thu, 31 May 2012)\");\n script_name(\"Debian Security Advisory DSA 2463-1 (samba)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-tools\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"swat\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"winbind\", ver:\"2:3.5.6~dfsg-3squeeze8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "description": "Oracle Linux Local Security Checks ELSA-2012-0533", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123927", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123927", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0533", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0533.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123927\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:24 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0533\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0533 - samba and samba3x security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0533\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0533.html\");\n script_cve_id(\"CVE-2012-2111\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"samba3x\", rpm:\"samba3x~3.5.10~0.109.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-client\", rpm:\"samba3x-client~3.5.10~0.109.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-common\", rpm:\"samba3x-common~3.5.10~0.109.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-doc\", rpm:\"samba3x-doc~3.5.10~0.109.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-domainjoin-gui\", rpm:\"samba3x-domainjoin-gui~3.5.10~0.109.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-swat\", rpm:\"samba3x-swat~3.5.10~0.109.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-winbind\", rpm:\"samba3x-winbind~3.5.10~0.109.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-winbind-devel\", rpm:\"samba3x-winbind-devel~3.5.10~0.109.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-domainjoin-gui\", rpm:\"samba-domainjoin-gui~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind-devel\", rpm:\"samba-winbind-devel~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind-krb5-locator\", rpm:\"samba-winbind-krb5-locator~3.5.10~116.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:1361412562310864406", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864406", "type": "openvas", "title": "Fedora Update for samba FEDORA-2012-6981", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for samba FEDORA-2012-6981\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079662.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864406\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:08:31 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2111\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-6981\");\n script_name(\"Fedora Update for samba FEDORA-2012-6981\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"samba on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.6.5~85.fc17.1\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-05-04T00:00:00", "id": "OPENVAS:1361412562310870590", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870590", "type": "openvas", "title": "RedHat Update for samba and samba3x RHSA-2012:0533-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for samba and samba3x RHSA-2012:0533-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-April/msg00029.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870590\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-04 10:47:07 +0530 (Fri, 04 May 2012)\");\n script_cve_id(\"CVE-2012-2111\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:0533-01\");\n script_name(\"RedHat Update for samba and samba3x RHSA-2012:0533-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba and samba3x'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"samba and samba3x on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Samba is an open-source implementation of the Server Message Block (SMB) or\n Common Internet File System (CIFS) protocol, which allows PC-compatible\n machines to share files, printers, and other information.\n\n A flaw was found in the way Samba handled certain Local Security Authority\n (LSA) Remote Procedure Calls (RPC). An authenticated user could use this\n flaw to issue an RPC call that would modify the privileges database on the\n Samba server, allowing them to steal the ownership of files and directories\n that are being shared by the Samba server, and create, delete, and modify\n user accounts, as well as other Samba server administration tasks.\n (CVE-2012-2111)\n\n Red Hat would like to thank the Samba project for reporting this issue.\n Upstream acknowledges Ivano Cristofolini as the original reporter.\n\n Users of Samba are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue. After installing this\n update, the smb service will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba3x\", rpm:\"samba3x~3.5.10~0.109.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-client\", rpm:\"samba3x-client~3.5.10~0.109.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-common\", rpm:\"samba3x-common~3.5.10~0.109.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-debuginfo\", rpm:\"samba3x-debuginfo~3.5.10~0.109.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-doc\", rpm:\"samba3x-doc~3.5.10~0.109.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-domainjoin-gui\", rpm:\"samba3x-domainjoin-gui~3.5.10~0.109.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-swat\", rpm:\"samba3x-swat~3.5.10~0.109.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-winbind\", rpm:\"samba3x-winbind~3.5.10~0.109.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-winbind-devel\", rpm:\"samba3x-winbind-devel~3.5.10~0.109.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-01T05:31:39", "description": "According to its banner, the version of Samba 3.x running on the\nremote host is earlier than 3.4.17 / 3.5.15 / 3.6.5, and as such, is\npotentially affected by a security bypass vulnerability. \n\nAuthenticated users are able to modify ownership of files and\ndirectories that the user does not own. Improper security checking\nrelated to the Local Security Authority (LSA) remote procedure calls\n(RPC) 'CreateAccount', 'OpenAccount', 'AddAccountRights' and\n'RemoveAccountRights' can allow users these improper permissions. \n\nNote that Nessus has not actually tried to exploit this issue or\notherwise determine if the patch or workaround has been applied.", "edition": 26, "published": "2012-05-01T00:00:00", "title": "Samba 3.x < 3.4.17 / 3.5.15 / 3.6.5 Security Bypass", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_3_6_5.NASL", "href": "https://www.tenable.com/plugins/nessus/58949", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(58949);\n script_version (\"1.11\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\"CVE-2012-2111\");\n script_bugtraq_id(53307);\n\n script_name(english:\"Samba 3.x < 3.4.17 / 3.5.15 / 3.6.5 Security Bypass\");\n script_summary(english:\"Checks version of Samba\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is affected by a security bypass\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Samba 3.x running on the\nremote host is earlier than 3.4.17 / 3.5.15 / 3.6.5, and as such, is\npotentially affected by a security bypass vulnerability. \n\nAuthenticated users are able to modify ownership of files and\ndirectories that the user does not own. Improper security checking\nrelated to the Local Security Authority (LSA) remote procedure calls\n(RPC) 'CreateAccount', 'OpenAccount', 'AddAccountRights' and\n'RemoveAccountRights' can allow users these improper permissions. \n\nNote that Nessus has not actually tried to exploit this issue or\notherwise determine if the patch or workaround has been applied.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Either install the patch referenced in the project's advisory or\nupgrade to 3.4.17 / 3.5.15 / 3.6.5 or later. \n\nAs a temporary workaround, set the 'enable privileges = no' parameter\nin the [global] section of the smb.conf.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2012-2111.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-3.4.17.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-3.5.15.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-3.6.5.html\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/01\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n\nport = get_kb_item(\"SMB/transport\");\n\n\nlanman = get_kb_item_or_exit(\"SMB/NativeLanManager\");\nif (\"Samba \" >!< lanman) audit(AUDIT_NOT_LISTEN, \"Samba\", port);\nif (lanman =~ '^Samba 3(\\\\.[456])?$') exit(1, \"The version, \"+lanman+\", of the SMB service listening on port \"+port+\" is not granular enough to make a determination.\");\n\nversion = lanman - 'Samba ';\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n ver[0] == 3 &&\n (\n # 3.4\n (ver[1] == 4 && ver[2] < 17) ||\n # 3.5\n (ver[1] == 5 && ver[2] < 15) ||\n # 3.6\n (ver[1] == 6 && ver[2] < 5)\n )\n)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Installed version : ' + version + \n '\\n Fixed version : 3.4.17 / 3.5.15 / 3.6.5\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Samba\", port, version);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:39:51", "description": "The Samba project reports :\n\nSamba versions 3.4.x to 3.6.4 inclusive are affected by a\nvulnerability that allows arbitrary users to modify privileges on a\nfile server.\n\nSecurity checks were incorrectly applied to the Local Security\nAuthority (LSA) remote proceedure calls (RPC) CreateAccount,\nOpenAccount, AddAccountRights and RemoveAccountRights allowing any\nauthenticated user to modify the privileges database.\n\nThis is a serious error, as it means that authenticated users can\nconnect to the LSA and grant themselves the 'take ownership'\nprivilege. This privilege is used by the smbd file server to grant the\nability to change ownership of a file or directory which means users\ncould take ownership of files or directories they do not own.", "edition": 23, "published": "2012-05-01T00:00:00", "title": "FreeBSD : samba -- incorrect permission checks vulnerability (0fa15e08-92ec-11e1-a94a-00215c6a37bb)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "modified": "2012-05-01T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:samba36", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:samba34", "p-cpe:/a:freebsd:freebsd:samba35"], "id": "FREEBSD_PKG_0FA15E0892EC11E1A94A00215C6A37BB.NASL", "href": "https://www.tenable.com/plugins/nessus/58937", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58937);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2111\");\n script_bugtraq_id(53307);\n\n script_name(english:\"FreeBSD : samba -- incorrect permission checks vulnerability (0fa15e08-92ec-11e1-a94a-00215c6a37bb)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Samba project reports :\n\nSamba versions 3.4.x to 3.6.4 inclusive are affected by a\nvulnerability that allows arbitrary users to modify privileges on a\nfile server.\n\nSecurity checks were incorrectly applied to the Local Security\nAuthority (LSA) remote proceedure calls (RPC) CreateAccount,\nOpenAccount, AddAccountRights and RemoveAccountRights allowing any\nauthenticated user to modify the privileges database.\n\nThis is a serious error, as it means that authenticated users can\nconnect to the LSA and grant themselves the 'take ownership'\nprivilege. This privilege is used by the smbd file server to grant the\nability to change ownership of a file or directory which means users\ncould take ownership of files or directories they do not own.\"\n );\n # https://vuxml.freebsd.org/freebsd/0fa15e08-92ec-11e1-a94a-00215c6a37bb.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?077e772f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba34\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba36\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"samba34>3.4.*<3.4.17\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba35>3.5.*<3.5.15\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba36>3.6.*<3.6.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:10:42", "description": "Updated samba3x and samba packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA flaw was found in the way Samba handled certain Local Security\nAuthority (LSA) Remote Procedure Calls (RPC). An authenticated user\ncould use this flaw to issue an RPC call that would modify the\nprivileges database on the Samba server, allowing them to steal the\nownership of files and directories that are being shared by the Samba\nserver, and create, delete, and modify user accounts, as well as other\nSamba server administration tasks. (CVE-2012-2111)\n\nRed Hat would like to thank the Samba project for reporting this\nissue. Upstream acknowledges Ivano Cristofolini as the original\nreporter.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing\nthis update, the smb service will be restarted automatically.", "edition": 25, "published": "2012-05-01T00:00:00", "title": "RHEL 5 / 6 : samba and samba3x (RHSA-2012:0533)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "modified": "2012-05-01T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:samba3x-winbind", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-devel", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:samba3x-domainjoin-gui", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba3x-common", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba3x-doc", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba3x-swat", "p-cpe:/a:redhat:enterprise_linux:samba3x-client", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-debuginfo", "cpe:/o:redhat:enterprise_linux:6.2", "p-cpe:/a:redhat:enterprise_linux:samba3x", "p-cpe:/a:redhat:enterprise_linux:samba-domainjoin-gui", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:samba3x-winbind-devel", "p-cpe:/a:redhat:enterprise_linux:samba-swat", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-doc"], "id": "REDHAT-RHSA-2012-0533.NASL", "href": "https://www.tenable.com/plugins/nessus/58940", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0533. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58940);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2111\");\n script_bugtraq_id(53307);\n script_xref(name:\"RHSA\", value:\"2012:0533\");\n\n script_name(english:\"RHEL 5 / 6 : samba and samba3x (RHSA-2012:0533)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba3x and samba packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA flaw was found in the way Samba handled certain Local Security\nAuthority (LSA) Remote Procedure Calls (RPC). An authenticated user\ncould use this flaw to issue an RPC call that would modify the\nprivileges database on the Samba server, allowing them to steal the\nownership of files and directories that are being shared by the Samba\nserver, and create, delete, and modify user accounts, as well as other\nSamba server administration tasks. (CVE-2012-2111)\n\nRed Hat would like to thank the Samba project for reporting this\nissue. Upstream acknowledges Ivano Cristofolini as the original\nreporter.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing\nthis update, the smb service will be restarted automatically.\"\n );\n # http://www.samba.org/samba/security/CVE-2012-2111\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2012-2111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2111\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0533\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-client-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-client-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-client-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-common-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-common-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-common-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-doc-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-doc-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-doc-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-domainjoin-gui-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-domainjoin-gui-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-domainjoin-gui-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-swat-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-swat-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-swat-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"samba3x-winbind-3.5.10-0.109.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"samba3x-winbind-devel-3.5.10-0.109.el5_8\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"libsmbclient-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libsmbclient-devel-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-client-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-client-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-client-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"samba-common-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"samba-debuginfo-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-doc-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-doc-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-doc-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-domainjoin-gui-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-domainjoin-gui-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-domainjoin-gui-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-swat-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-swat-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-swat-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-winbind-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-winbind-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"samba-winbind-clients-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"samba-winbind-devel-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-winbind-krb5-locator-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-winbind-krb5-locator-3.5.10-116.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-3.5.10-116.el6_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n }\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:47:26", "description": "Ivano Cristofolini discovered that insufficient security checks in\nSamba's handling of LSA RPC calls could lead to privilege escalation\nby gaining the 'take ownership' privilege.", "edition": 17, "published": "2012-05-03T00:00:00", "title": "Debian DSA-2463-1 : samba - missing permission checks", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "modified": "2012-05-03T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:samba"], "id": "DEBIAN_DSA-2463.NASL", "href": "https://www.tenable.com/plugins/nessus/58969", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2463. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58969);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2111\");\n script_bugtraq_id(53307);\n script_xref(name:\"DSA\", value:\"2463\");\n\n script_name(english:\"Debian DSA-2463-1 : samba - missing permission checks\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ivano Cristofolini discovered that insufficient security checks in\nSamba's handling of LSA RPC calls could lead to privilege escalation\nby gaining the 'take ownership' privilege.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/samba\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2463\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the samba packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.5.6~dfsg-3squeeze8.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libpam-smbpass\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libsmbclient\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libsmbclient-dev\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libwbclient0\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"samba\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"samba-common\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"samba-common-bin\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"samba-dbg\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"samba-doc\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"samba-doc-pdf\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"samba-tools\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"smbclient\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"swat\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"winbind\", reference:\"3.5.6~dfsg-3squeeze8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:53:39", "description": "A vulnerability has been found and corrected in samba :\n\nSecurity checks were incorrectly applied to the Local Security\nAuthority (LSA) remote proceedure calls (RPC) CreateAccount,\nOpenAccount, AddAccountRights and RemoveAccountRights allowing any\nauthenticated user to modify the privileges database (CVE-2012-2111).\n\nThe updated packages have been patched to correct this issue.", "edition": 25, "published": "2012-05-01T00:00:00", "title": "Mandriva Linux Security Advisory : samba (MDVSA-2012:067)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "modified": "2012-05-01T00:00:00", "cpe": ["cpe:/o:mandriva:linux:2011", "p-cpe:/a:mandriva:linux:lib64smbsharemodes-devel", "p-cpe:/a:mandriva:linux:libsmbclient0-devel", "p-cpe:/a:mandriva:linux:lib64wbclient0", "p-cpe:/a:mandriva:linux:samba-doc", "p-cpe:/a:mandriva:linux:lib64wbclient-devel", "p-cpe:/a:mandriva:linux:nss_wins", "p-cpe:/a:mandriva:linux:libnetapi0", "p-cpe:/a:mandriva:linux:libsmbclient0-static-devel", "p-cpe:/a:mandriva:linux:libsmbsharemodes-devel", "p-cpe:/a:mandriva:linux:lib64smbsharemodes0", "p-cpe:/a:mandriva:linux:lib64netapi-devel", "p-cpe:/a:mandriva:linux:libwbclient0", "p-cpe:/a:mandriva:linux:samba-common", "p-cpe:/a:mandriva:linux:samba-swat", "p-cpe:/a:mandriva:linux:lib64smbclient0-static-devel", "p-cpe:/a:mandriva:linux:lib64netapi0", "p-cpe:/a:mandriva:linux:samba-client", "p-cpe:/a:mandriva:linux:samba-server", "cpe:/o:mandriva:linux:2010.1", "p-cpe:/a:mandriva:linux:mount-cifs", "p-cpe:/a:mandriva:linux:lib64smbclient0-devel", "p-cpe:/a:mandriva:linux:lib64smbclient0", "p-cpe:/a:mandriva:linux:samba-domainjoin-gui", "p-cpe:/a:mandriva:linux:libwbclient-devel", "p-cpe:/a:mandriva:linux:libnetapi-devel", "p-cpe:/a:mandriva:linux:samba-winbind", "p-cpe:/a:mandriva:linux:libsmbclient0", "p-cpe:/a:mandriva:linux:libsmbsharemodes0"], "id": "MANDRIVA_MDVSA-2012-067.NASL", "href": "https://www.tenable.com/plugins/nessus/58939", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:067. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58939);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2111\");\n script_bugtraq_id(53307);\n script_xref(name:\"MDVSA\", value:\"2012:067\");\n\n script_name(english:\"Mandriva Linux Security Advisory : samba (MDVSA-2012:067)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in samba :\n\nSecurity checks were incorrectly applied to the Local Security\nAuthority (LSA) remote proceedure calls (RPC) CreateAccount,\nOpenAccount, AddAccountRights and RemoveAccountRights allowing any\nauthenticated user to modify the privileges database (CVE-2012-2111).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.samba.org/samba/security/CVE-2012-2111\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64netapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64netapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbsharemodes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbclient0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbclient0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbsharemodes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mount-cifs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nss_wins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64netapi-devel-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64netapi0-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-devel-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-static-devel-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64smbsharemodes-devel-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64smbsharemodes0-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wbclient-devel-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wbclient0-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libnetapi-devel-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libnetapi0-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libsmbclient0-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libsmbclient0-devel-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libsmbclient0-static-devel-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libsmbsharemodes-devel-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libsmbsharemodes0-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwbclient-devel-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwbclient0-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mount-cifs-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"nss_wins-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"samba-client-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"samba-common-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"samba-doc-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"samba-domainjoin-gui-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"samba-server-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"samba-swat-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"samba-winbind-3.5.3-3.6mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64netapi-devel-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64netapi0-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64smbclient0-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64smbclient0-devel-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64smbclient0-static-devel-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64smbsharemodes-devel-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64smbsharemodes0-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64wbclient-devel-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64wbclient0-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libnetapi-devel-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libnetapi0-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libsmbclient0-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libsmbclient0-devel-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libsmbclient0-static-devel-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libsmbsharemodes-devel-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libsmbsharemodes0-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libwbclient-devel-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libwbclient0-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mount-cifs-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"nss_wins-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"samba-client-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"samba-common-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"samba-doc-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"samba-domainjoin-gui-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"samba-server-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"samba-swat-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"samba-winbind-3.5.10-1.3-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:46:34", "description": "Samba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA flaw was found in the way Samba handled certain Local Security\nAuthority (LSA) Remote Procedure Calls (RPC). An authenticated user\ncould use this flaw to issue an RPC call that would modify the\nprivileges database on the Samba server, allowing them to steal the\nownership of files and directories that are being shared by the Samba\nserver, and create, delete, and modify user accounts, as well as other\nSamba server administration tasks. (CVE-2012-2111)\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing\nthis update, the smb service will be restarted automatically.", "edition": 14, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : samba and samba3x on SL5.x, SL6.x i386/x86_64 (20120430)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "modified": "2012-08-01T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:samba3x-doc", "p-cpe:/a:fermilab:scientific_linux:samba-domainjoin-gui", "p-cpe:/a:fermilab:scientific_linux:samba3x-domainjoin-gui", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-krb5-locator", "p-cpe:/a:fermilab:scientific_linux:samba3x-winbind", "p-cpe:/a:fermilab:scientific_linux:samba3x-debuginfo", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-devel", "p-cpe:/a:fermilab:scientific_linux:libsmbclient-devel", "p-cpe:/a:fermilab:scientific_linux:samba-common", "p-cpe:/a:fermilab:scientific_linux:samba3x-common", "p-cpe:/a:fermilab:scientific_linux:samba-client", "p-cpe:/a:fermilab:scientific_linux:samba3x-swat", "p-cpe:/a:fermilab:scientific_linux:samba3x", "p-cpe:/a:fermilab:scientific_linux:samba-swat", "p-cpe:/a:fermilab:scientific_linux:samba-winbind", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-clients", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:samba3x-winbind-devel", "p-cpe:/a:fermilab:scientific_linux:samba-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libsmbclient", "p-cpe:/a:fermilab:scientific_linux:samba", "p-cpe:/a:fermilab:scientific_linux:samba-doc", "p-cpe:/a:fermilab:scientific_linux:samba3x-client"], "id": "SL_20120430_SAMBA_AND_SAMBA3X_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61308", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61308);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2111\");\n\n script_name(english:\"Scientific Linux Security Update : samba and samba3x on SL5.x, SL6.x i386/x86_64 (20120430)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Samba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA flaw was found in the way Samba handled certain Local Security\nAuthority (LSA) Remote Procedure Calls (RPC). An authenticated user\ncould use this flaw to issue an RPC call that would modify the\nprivileges database on the Samba server, allowing them to steal the\nownership of files and directories that are being shared by the Samba\nserver, and create, delete, and modify user accounts, as well as other\nSamba server administration tasks. (CVE-2012-2111)\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing\nthis update, the smb service will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1204&L=scientific-linux-errata&T=0&P=2540\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?15f88f35\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-client-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-common-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-debuginfo-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-doc-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-domainjoin-gui-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-swat-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-winbind-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-winbind-devel-3.5.10-0.109.el5_8\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"libsmbclient-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libsmbclient-devel-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-client-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-common-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-debuginfo-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-doc-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-domainjoin-gui-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-swat-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-winbind-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-winbind-clients-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-winbind-devel-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-winbind-krb5-locator-3.5.10-116.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:46:54", "description": "From Red Hat Security Advisory 2012:0533 :\n\nUpdated samba3x and samba packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA flaw was found in the way Samba handled certain Local Security\nAuthority (LSA) Remote Procedure Calls (RPC). An authenticated user\ncould use this flaw to issue an RPC call that would modify the\nprivileges database on the Samba server, allowing them to steal the\nownership of files and directories that are being shared by the Samba\nserver, and create, delete, and modify user accounts, as well as other\nSamba server administration tasks. (CVE-2012-2111)\n\nRed Hat would like to thank the Samba project for reporting this\nissue. Upstream acknowledges Ivano Cristofolini as the original\nreporter.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing\nthis update, the smb service will be restarted automatically.", "edition": 21, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : samba / samba3x (ELSA-2012-0533)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:samba3x-common", "p-cpe:/a:oracle:linux:samba-common", "p-cpe:/a:oracle:linux:samba3x-domainjoin-gui", "p-cpe:/a:oracle:linux:samba-doc", "p-cpe:/a:oracle:linux:samba3x-winbind-devel", "p-cpe:/a:oracle:linux:samba3x-doc", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:samba-domainjoin-gui", "p-cpe:/a:oracle:linux:libsmbclient", "p-cpe:/a:oracle:linux:samba-winbind", "p-cpe:/a:oracle:linux:samba-winbind-krb5-locator", "p-cpe:/a:oracle:linux:samba3x", "p-cpe:/a:oracle:linux:samba-client", "p-cpe:/a:oracle:linux:samba3x-winbind", "p-cpe:/a:oracle:linux:samba", "p-cpe:/a:oracle:linux:samba3x-swat", "p-cpe:/a:oracle:linux:samba-swat", "p-cpe:/a:oracle:linux:samba-winbind-clients", "p-cpe:/a:oracle:linux:libsmbclient-devel", "p-cpe:/a:oracle:linux:samba-winbind-devel", "p-cpe:/a:oracle:linux:samba3x-client"], "id": "ORACLELINUX_ELSA-2012-0533.NASL", "href": "https://www.tenable.com/plugins/nessus/68521", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0533 and \n# Oracle Linux Security Advisory ELSA-2012-0533 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68521);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2111\");\n script_bugtraq_id(53307);\n script_xref(name:\"RHSA\", value:\"2012:0533\");\n\n script_name(english:\"Oracle Linux 5 / 6 : samba / samba3x (ELSA-2012-0533)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0533 :\n\nUpdated samba3x and samba packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA flaw was found in the way Samba handled certain Local Security\nAuthority (LSA) Remote Procedure Calls (RPC). An authenticated user\ncould use this flaw to issue an RPC call that would modify the\nprivileges database on the Samba server, allowing them to steal the\nownership of files and directories that are being shared by the Samba\nserver, and create, delete, and modify user accounts, as well as other\nSamba server administration tasks. (CVE-2012-2111)\n\nRed Hat would like to thank the Samba project for reporting this\nissue. Upstream acknowledges Ivano Cristofolini as the original\nreporter.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing\nthis update, the smb service will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002783.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002784.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba and / or samba3x packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-client-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-common-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-doc-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-domainjoin-gui-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-swat-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-winbind-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-winbind-devel-3.5.10-0.109.el5_8\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"libsmbclient-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libsmbclient-devel-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-client-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-common-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-doc-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-domainjoin-gui-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-swat-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-winbind-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-winbind-clients-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-winbind-devel-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-winbind-krb5-locator-3.5.10-116.el6_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:10:37", "description": "Bump Epoch to match Samba3 Epoch number for updates.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-05-08T00:00:00", "title": "Fedora 17 : evolution-mapi-3.4.1-3.fc17 / openchange-1.0-6.fc17 / samba4-4.0.0-47alpha18.fc17 (2012-7317)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "modified": "2012-05-08T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:samba4", "p-cpe:/a:fedoraproject:fedora:openchange", "p-cpe:/a:fedoraproject:fedora:evolution-mapi"], "id": "FEDORA_2012-7317.NASL", "href": "https://www.tenable.com/plugins/nessus/59024", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-7317.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59024);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2111\");\n script_xref(name:\"FEDORA\", value:\"2012-7317\");\n\n script_name(english:\"Fedora 17 : evolution-mapi-3.4.1-3.fc17 / openchange-1.0-6.fc17 / samba4-4.0.0-47alpha18.fc17 (2012-7317)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Bump Epoch to match Samba3 Epoch number for updates.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=817551\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080115.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?82026d5f\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080116.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?153660d6\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080117.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?59903602\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected evolution-mapi, openchange and / or samba4\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:evolution-mapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openchange\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:samba4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"evolution-mapi-3.4.1-3.fc17\")) flag++;\nif (rpm_check(release:\"FC17\", reference:\"openchange-1.0-6.fc17\")) flag++;\nif (rpm_check(release:\"FC17\", reference:\"samba4-4.0.0-47alpha18.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evolution-mapi / openchange / samba4\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:37:50", "description": "Ivano Cristofolini discovered that Samba incorrectly handled some\nLocal Security Authority (LSA) remote procedure calls (RPC). A remote,\nauthenticated attacker could exploit this to grant administrative\nprivileges to arbitrary users. The administrative privileges could be\nused to bypass permission checks performed by the Samba server.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2012-05-01T00:00:00", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : samba vulnerability (USN-1434-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "p-cpe:/a:canonical:ubuntu_linux:samba", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1434-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58948", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1434-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58948);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-2111\");\n script_bugtraq_id(53307);\n script_xref(name:\"USN\", value:\"1434-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : samba vulnerability (USN-1434-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ivano Cristofolini discovered that Samba incorrectly handled some\nLocal Security Authority (LSA) remote procedure calls (RPC). A remote,\nauthenticated attacker could exploit this to grant administrative\nprivileges to arbitrary users. The administrative privileges could be\nused to bypass permission checks performed by the Samba server.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1434-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected samba package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"samba\", pkgver:\"2:3.4.7~dfsg-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"samba\", pkgver:\"2:3.5.8~dfsg-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"samba\", pkgver:\"2:3.5.11~dfsg-1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"samba\", pkgver:\"2:3.6.3-2ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:27:41", "description": "Updated samba3x and samba packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA flaw was found in the way Samba handled certain Local Security\nAuthority (LSA) Remote Procedure Calls (RPC). An authenticated user\ncould use this flaw to issue an RPC call that would modify the\nprivileges database on the Samba server, allowing them to steal the\nownership of files and directories that are being shared by the Samba\nserver, and create, delete, and modify user accounts, as well as other\nSamba server administration tasks. (CVE-2012-2111)\n\nRed Hat would like to thank the Samba project for reporting this\nissue. Upstream acknowledges Ivano Cristofolini as the original\nreporter.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing\nthis update, the smb service will be restarted automatically.", "edition": 24, "published": "2013-06-29T00:00:00", "title": "CentOS 5 / 6 : samba / samba3x (CESA-2012:0533)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2111"], "modified": "2013-06-29T00:00:00", "cpe": ["p-cpe:/a:centos:centos:samba-swat", "p-cpe:/a:centos:centos:samba-domainjoin-gui", "p-cpe:/a:centos:centos:samba-winbind-krb5-locator", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:samba-winbind", "p-cpe:/a:centos:centos:samba-doc", "p-cpe:/a:centos:centos:samba-common", "p-cpe:/a:centos:centos:samba3x-doc", "p-cpe:/a:centos:centos:samba-winbind-clients", "p-cpe:/a:centos:centos:samba3x-client", "p-cpe:/a:centos:centos:samba3x-swat", "p-cpe:/a:centos:centos:samba-client", "p-cpe:/a:centos:centos:samba", "p-cpe:/a:centos:centos:samba3x-common", "p-cpe:/a:centos:centos:samba3x-winbind", "p-cpe:/a:centos:centos:samba3x", "p-cpe:/a:centos:centos:samba3x-winbind-devel", "p-cpe:/a:centos:centos:samba3x-domainjoin-gui", "p-cpe:/a:centos:centos:libsmbclient", "p-cpe:/a:centos:centos:libsmbclient-devel", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:samba-winbind-devel"], "id": "CENTOS_RHSA-2012-0533.NASL", "href": "https://www.tenable.com/plugins/nessus/67088", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0533 and \n# CentOS Errata and Security Advisory 2012:0533 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67088);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-2111\");\n script_xref(name:\"RHSA\", value:\"2012:0533\");\n\n script_name(english:\"CentOS 5 / 6 : samba / samba3x (CESA-2012:0533)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba3x and samba packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA flaw was found in the way Samba handled certain Local Security\nAuthority (LSA) Remote Procedure Calls (RPC). An authenticated user\ncould use this flaw to issue an RPC call that would modify the\nprivileges database on the Samba server, allowing them to steal the\nownership of files and directories that are being shared by the Samba\nserver, and create, delete, and modify user accounts, as well as other\nSamba server administration tasks. (CVE-2012-2111)\n\nRed Hat would like to thank the Samba project for reporting this\nissue. Upstream acknowledges Ivano Cristofolini as the original\nreporter.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing\nthis update, the smb service will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-April/018606.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?723fa6fc\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-April/018608.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78e1b6b9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba and / or samba3x packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2111\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-client-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-common-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-doc-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-domainjoin-gui-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-swat-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-winbind-3.5.10-0.109.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-winbind-devel-3.5.10-0.109.el5_8\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"libsmbclient-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libsmbclient-devel-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-client-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-common-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-doc-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-domainjoin-gui-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-swat-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-winbind-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-winbind-clients-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-winbind-devel-3.5.10-116.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-winbind-krb5-locator-3.5.10-116.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:08", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2906", "CVE-2012-2111", "CVE-2011-1678", "CVE-2011-0719", "CVE-2010-1642", "CVE-2010-0728", "CVE-2011-2724", "CVE-2010-2063", "CVE-2012-1182", "CVE-2012-0870", "CVE-2009-2948", "CVE-2010-1635", "CVE-2010-3069"], "description": "### Background\n\nSamba is a suite of SMB and CIFS client/server programs.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with root privileges, cause a Denial of Service condition, take ownership of shared files, or bypass file permissions. Furthermore, a local attacker may be able to cause a Denial of Service condition or obtain sensitive information in a Samba credentials file. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Samba users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-fs/samba-3.5.15\"", "edition": 1, "modified": "2012-06-24T00:00:00", "published": "2012-06-24T00:00:00", "id": "GLSA-201206-22", "href": "https://security.gentoo.org/glsa/201206-22", "type": "gentoo", "title": "Samba: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
