Mandriva Update for openssh MDVA-2010:090 (openssh)
2010-03-12T00:00:00
ID OPENVAS:1361412562310830929 Type openvas Reporter Copyright (c) 2010 Greenbone Networks GmbH Modified 2018-01-22T00:00:00
Description
Check for the Version of openssh
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for openssh MDVA-2010:090 (openssh)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_affected = "openssh on Mandriva Linux 2008.0,
Mandriva Linux 2008.0/X86_64,
Mandriva Linux 2009.0,
Mandriva Linux 2009.0/X86_64,
Mandriva Linux 2009.1,
Mandriva Linux 2009.1/X86_64,
Mandriva Linux 2010.0,
Mandriva Linux 2010.0/X86_64,
Mandriva Enterprise Server 5,
Mandriva Enterprise Server 5/X86_64";
tag_insight = "This bugfix release addresses a long standing problem when issuing
the halt or reboot commands on a remote Mandriva system. This led
to that the session wasn't closed properly. This advisory corrects
this problem.";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2010-03/msg00007.php");
script_oid("1.3.6.1.4.1.25623.1.0.830929");
script_version("$Revision: 8485 $");
script_cve_id("CVE-2010-0547", "CVE-2010-0787");
script_tag(name:"last_modification", value:"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $");
script_tag(name:"creation_date", value:"2010-03-12 17:02:32 +0100 (Fri, 12 Mar 2010)");
script_tag(name:"cvss_base", value:"4.4");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:P/I:P/A:P");
script_xref(name: "MDVA", value: "2010:090");
script_name("Mandriva Update for openssh MDVA-2010:090 (openssh)");
script_tag(name: "summary" , value: "Check for the Version of openssh");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2008.0")
{
if ((res = isrpmvuln(pkg:"openssh", rpm:"openssh~4.7p1~2.4mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass", rpm:"openssh-askpass~4.7p1~2.4mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass-common", rpm:"openssh-askpass-common~4.7p1~2.4mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass-gnome", rpm:"openssh-askpass-gnome~4.7p1~2.4mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-clients", rpm:"openssh-clients~4.7p1~2.4mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-server", rpm:"openssh-server~4.7p1~2.4mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_mes5")
{
if ((res = isrpmvuln(pkg:"openssh", rpm:"openssh~5.1p1~2.2mdvmes5", rls:"MNDK_mes5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass", rpm:"openssh-askpass~5.1p1~2.2mdvmes5", rls:"MNDK_mes5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass-common", rpm:"openssh-askpass-common~5.1p1~2.2mdvmes5", rls:"MNDK_mes5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass-gnome", rpm:"openssh-askpass-gnome~5.1p1~2.2mdvmes5", rls:"MNDK_mes5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-clients", rpm:"openssh-clients~5.1p1~2.2mdvmes5", rls:"MNDK_mes5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-server", rpm:"openssh-server~5.1p1~2.2mdvmes5", rls:"MNDK_mes5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh", rpm:"openssh~5.1p1~2.2mdv2009.0", rls:"MNDK_mes5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2010.0")
{
if ((res = isrpmvuln(pkg:"openssh", rpm:"openssh~5.3p1~2.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass", rpm:"openssh-askpass~5.3p1~2.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass-common", rpm:"openssh-askpass-common~5.3p1~2.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass-gnome", rpm:"openssh-askpass-gnome~5.3p1~2.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-clients", rpm:"openssh-clients~5.3p1~2.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-server", rpm:"openssh-server~5.3p1~2.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2009.1")
{
if ((res = isrpmvuln(pkg:"openssh", rpm:"openssh~5.2p1~1.1mdv2009.1", rls:"MNDK_2009.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass", rpm:"openssh-askpass~5.2p1~1.1mdv2009.1", rls:"MNDK_2009.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass-common", rpm:"openssh-askpass-common~5.2p1~1.1mdv2009.1", rls:"MNDK_2009.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass-gnome", rpm:"openssh-askpass-gnome~5.2p1~1.1mdv2009.1", rls:"MNDK_2009.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-clients", rpm:"openssh-clients~5.2p1~1.1mdv2009.1", rls:"MNDK_2009.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-server", rpm:"openssh-server~5.2p1~1.1mdv2009.1", rls:"MNDK_2009.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2009.0")
{
if ((res = isrpmvuln(pkg:"openssh", rpm:"openssh~5.1p1~2.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass", rpm:"openssh-askpass~5.1p1~2.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass-common", rpm:"openssh-askpass-common~5.1p1~2.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-askpass-gnome", rpm:"openssh-askpass-gnome~5.1p1~2.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-clients", rpm:"openssh-clients~5.1p1~2.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openssh-server", rpm:"openssh-server~5.1p1~2.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:1361412562310830929", "type": "openvas", "bulletinFamily": "scanner", "title": "Mandriva Update for openssh MDVA-2010:090 (openssh)", "description": "Check for the Version of openssh", "published": "2010-03-12T00:00:00", "modified": "2018-01-22T00:00:00", "cvss": {"vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 4.4}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830929", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://lists.mandriva.com/security-announce/2010-03/msg00007.php", "2010:090"], "cvelist": ["CVE-2010-0547", "CVE-2010-0787"], "lastseen": "2018-01-22T13:05:52", "viewCount": 1, "enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2018-01-22T13:05:52", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-0547", "CVE-2010-0787"]}, {"type": "nessus", "idList": ["UBUNTU_USN-893-1.NASL", "REDHAT-RHSA-2011-1219.NASL", "GENTOO_GLSA-201206-29.NASL", "ORACLELINUX_ELSA-2011-1219.NASL", "DEBIAN_DSA-2004.NASL", "FEDORA_2011-9847.NASL", "SL_20110829_SAMBA_ON_SL4_X.NASL", "CENTOS_RHSA-2011-1219.NASL", "FEDORA_2011-9831.NASL", "MANDRIVA_MDVSA-2010-090.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:881285", "OPENVAS:830929", "OPENVAS:1361412562310880969", "OPENVAS:1361412562310831038", "OPENVAS:71555", "OPENVAS:1361412562310881388", "OPENVAS:881388", "OPENVAS:1361412562310880981", "OPENVAS:136141256231071555", "OPENVAS:831038"]}, {"type": "gentoo", "idList": ["GLSA-201206-29"]}, {"type": "centos", "idList": ["CESA-2011:1220", "CESA-2011:1219"]}, {"type": "redhat", "idList": ["RHSA-2011:1219", "RHSA-2011:1220", "RHSA-2011:1221"]}, {"type": "seebug", "idList": ["SSV:19564"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1219", "ELSA-2012-0313"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2004-1:84FE5"]}, {"type": "fedora", "idList": ["FEDORA:46D55110B99", "FEDORA:78E2C2851D", "FEDORA:6616D110E05"]}, {"type": "suse", "idList": ["SUSE-SU-2012:0348-1", "SUSE-SA:2010:025"]}, {"type": "ubuntu", "idList": ["USN-893-1"]}, {"type": "vmware", "idList": ["VMSA-2012-0001"]}], "modified": "2018-01-22T13:05:52", "rev": 2}, "vulnersScore": 6.4}, "pluginID": "1361412562310830929", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssh MDVA-2010:090 (openssh)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssh on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_insight = \"This bugfix release addresses a long standing problem when issuing\n the halt or reboot commands on a remote Mandriva system. This led\n to that the session wasn't closed properly. This advisory corrects\n this problem.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-03/msg00007.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830929\");\n script_version(\"$Revision: 8485 $\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-12 17:02:32 +0100 (Fri, 12 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVA\", value: \"2010:090\");\n script_name(\"Mandriva Update for openssh MDVA-2010:090 (openssh)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssh\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-common\", rpm:\"openssh-askpass-common~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-gnome\", rpm:\"openssh-askpass-gnome~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-common\", rpm:\"openssh-askpass-common~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-gnome\", rpm:\"openssh-askpass-gnome~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.1p1~2.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-common\", rpm:\"openssh-askpass-common~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-gnome\", rpm:\"openssh-askpass-gnome~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-common\", rpm:\"openssh-askpass-common~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-gnome\", rpm:\"openssh-askpass-gnome~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-common\", rpm:\"openssh-askpass-common~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-gnome\", rpm:\"openssh-askpass-gnome~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Mandrake Local Security Checks"}
{"cve": [{"lastseen": "2020-10-03T11:57:22", "description": "client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file.", "edition": 3, "cvss3": {}, "published": "2010-03-02T18:30:00", "title": "CVE-2010-0787", "type": "cve", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0787"], "modified": "2017-08-17T01:32:00", "cpe": ["cpe:/a:samba:samba:3.4.0", "cpe:/a:samba:samba:3.4.5", "cpe:/a:samba:samba:3.0.22", "cpe:/a:samba:samba:3.0.28a", "cpe:/a:samba:samba:3.2.3"], "id": "CVE-2010-0787", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0787", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:samba:samba:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.28a:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:34:36", "description": "client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.", "edition": 5, "cvss3": {}, "published": "2010-02-04T20:15:00", "title": "CVE-2010-0547", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0547"], "modified": "2013-04-19T02:58:00", "cpe": ["cpe:/a:samba:samba:3.0.6", "cpe:/a:samba:samba:2.2.4", "cpe:/a:samba:samba:3.2.14", "cpe:/a:samba:samba:3.4.1", "cpe:/a:samba:samba:2.2a", "cpe:/a:samba:samba:3.3.9", "cpe:/a:samba:samba:3.0.23", "cpe:/a:samba:samba:2.2.6", "cpe:/a:samba:samba:3.4.0", "cpe:/a:samba:samba:2.2.8", "cpe:/a:samba:samba:3.2.9", "cpe:/a:samba:samba:3.2.11", "cpe:/a:samba:samba:3.3.6", "cpe:/a:samba:samba:3.0.30", "cpe:/a:samba:samba:3.3.2", "cpe:/a:samba:samba:2.2.10", "cpe:/a:samba:samba:3.2.15", "cpe:/a:samba:samba:3.0.21c", "cpe:/a:samba:samba:3.0.11", "cpe:/a:samba:samba:3.0.21b", "cpe:/a:samba:samba:3.0.26a", "cpe:/a:samba:samba:3.0.23d", "cpe:/a:samba:samba:2.2.3", "cpe:/a:samba:samba:3.4.5", "cpe:/a:samba:samba:3.0.21", "cpe:/a:samba:samba:3.0.9", "cpe:/a:samba:samba:3.3.3", "cpe:/a:samba:samba:3.0.20b", "cpe:/a:samba:samba:3.2.10", "cpe:/a:samba:samba:3.2.8", "cpe:/a:samba:samba:3.2.5", "cpe:/a:samba:samba:3.0.35", "cpe:/a:samba:samba:3.0.10", "cpe:/a:samba:samba:2.2.9", "cpe:/a:samba:samba:3.3.4", "cpe:/a:samba:samba:2.2.5", "cpe:/a:samba:samba:3.3.1", "cpe:/a:samba:samba:3.0.37", "cpe:/a:samba:samba:3.2.13", "cpe:/a:samba:samba:3.0.24", "cpe:/a:samba:samba:2.2.0a", "cpe:/a:samba:samba:3.0.25c", "cpe:/a:samba:samba:3.2.1", "cpe:/a:samba:samba:3.0.34", "cpe:/a:samba:samba:2.2.7a", "cpe:/a:samba:samba:3.0.3", "cpe:/a:samba:samba:3.3.0", "cpe:/a:samba:samba:3.0.0", "cpe:/a:samba:samba:3.0.20", "cpe:/a:samba:samba:2.2.8a", "cpe:/a:samba:samba:3.0.25a", "cpe:/a:samba:samba:3.0.1", "cpe:/a:samba:samba:3.0.22", "cpe:/a:samba:samba:3.3.5", "cpe:/a:samba:samba:2.2.2", "cpe:/a:samba:samba:3.0.23b", "cpe:/a:samba:samba:2.2.12", "cpe:/a:samba:samba:3.0.29", "cpe:/a:samba:samba:3.4.3", "cpe:/a:samba:samba:3.2.2", "cpe:/a:samba:samba:3.0.23a", "cpe:/a:samba:samba:3.0.4", "cpe:/a:samba:samba:3.2.0", "cpe:/a:samba:samba:2.2.3a", "cpe:/a:samba:samba:3.4.4", "cpe:/a:samba:samba:3.0.5", "cpe:/a:samba:samba:3.2.4", "cpe:/a:samba:samba:2.2.1a", "cpe:/a:samba:samba:3.0.27a", "cpe:/a:samba:samba:2.2.7", "cpe:/a:samba:samba:3.0.26", "cpe:/a:samba:samba:2.2.0", "cpe:/a:samba:samba:3.0.14a", "cpe:/a:samba:samba:3.2.7", "cpe:/a:samba:samba:3.0.8", "cpe:/a:samba:samba:2.2.1", "cpe:/a:samba:samba:3.0.21a", "cpe:/a:samba:samba:3.0.2", "cpe:/a:samba:samba:3.0.14", "cpe:/a:samba:samba:3.2.6", "cpe:/a:samba:samba:3.0.2a", "cpe:/a:samba:samba:3.3.8", "cpe:/a:samba:samba:3.0.12", "cpe:/a:samba:samba:3.0.23c", "cpe:/a:samba:samba:1.9.18", "cpe:/a:samba:samba:3.0.27", "cpe:/a:samba:samba:3.0.25", "cpe:/a:samba:samba:3.0.36", "cpe:/a:samba:samba:1.9.17", "cpe:/a:samba:samba:3.0.33", "cpe:/a:samba:samba:3.0.28a", "cpe:/a:samba:samba:3.0.13", "cpe:/a:samba:samba:3.0.20a", "cpe:/a:samba:samba:2.2.11", "cpe:/a:samba:samba:3.3.7", "cpe:/a:samba:samba:3.0.28", "cpe:/a:samba:samba:3.2.3", "cpe:/a:samba:samba:3.0.25b", "cpe:/a:samba:samba:3.0.32", "cpe:/a:samba:samba:3.2.12", "cpe:/a:samba:samba:3.3.10", "cpe:/a:samba:samba:3.4.2", "cpe:/a:samba:samba:3.0.31"], "id": "CVE-2010-0547", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0547", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:samba:samba:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.18:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.17:p5:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.17:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.18:p4:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.17:p1:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.25c:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.18:p10:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.18:p2:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.18:p8:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.18:p5:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.26a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.18:p7:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.27a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.18:p6:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.17:p2:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.17:p4:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.25a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.25:rc2:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.25:rc3:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.25b:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.17:p3:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.18:p1:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.25:pre1:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.25:rc1:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.28a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:1.9.18:p3:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.0.31:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-01-07T11:52:39", "description": "Multiple vulnerabilies has been found and corrected in samba :\n\nclient/mount.cifs.c in mount.cifs in smbfs in Samba does not verify\nthat the (1) device name and (2) mountpoint strings are composed of\nvalid characters, which allows local users to cause a denial of\nservice (mtab corruption) via a crafted string (CVE-2010-0547).\n\nclient/mount.cifs.c in mount.cifs in smbfs in Samba allows local users\nto mount a CIFS share on an arbitrary mountpoint, and gain privileges,\nvia a symlink attack on the mountpoint directory file (CVE-2010-0787).\n\nThe updated packages have been patched to correct these issues.\n\nUpdate :\n\nIt was discovered that the previous Samba update required libtalloc\nfrom Samba4 package. Therefore, this update provides the required\npackages in order to fix the issue.", "edition": 26, "published": "2010-05-05T00:00:00", "title": "Mandriva Linux Security Advisory : samba (MDVSA-2010:090-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2010-0787"], "modified": "2010-05-05T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libndr-devel", "p-cpe:/a:mandriva:linux:lib64tevent0", "p-cpe:/a:mandriva:linux:libsamba-hostconfig-devel", "p-cpe:/a:mandriva:linux:lib64talloc1", "p-cpe:/a:mandriva:linux:tdb-utils", "p-cpe:/a:mandriva:linux:samba4-python", "p-cpe:/a:mandriva:linux:lib64ndr0", "p-cpe:/a:mandriva:linux:samba4-pidl", "p-cpe:/a:mandriva:linux:libldb-devel", "p-cpe:/a:mandriva:linux:libsamba-hostconfig0", "p-cpe:/a:mandriva:linux:libdcerpc-devel", "p-cpe:/a:mandriva:linux:libtalloc-devel", "p-cpe:/a:mandriva:linux:lib64dcerpc0", "p-cpe:/a:mandriva:linux:lib64samba-hostconfig-devel", "p-cpe:/a:mandriva:linux:lib64tdb1", "p-cpe:/a:mandriva:linux:libtevent0", "p-cpe:/a:mandriva:linux:lib64ndr-devel", "p-cpe:/a:mandriva:linux:libtevent-devel", "p-cpe:/a:mandriva:linux:samba4-server", "p-cpe:/a:mandriva:linux:libndr0", "p-cpe:/a:mandriva:linux:lib64ldb-devel", "p-cpe:/a:mandriva:linux:lib64ldb0", "p-cpe:/a:mandriva:linux:libtdb-devel", "p-cpe:/a:mandriva:linux:lib64talloc-devel", "p-cpe:/a:mandriva:linux:samba4-client", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:samba4-test", "p-cpe:/a:mandriva:linux:libtdb1", "p-cpe:/a:mandriva:linux:mount-cifs4", "p-cpe:/a:mandriva:linux:lib64dcerpc-devel", "p-cpe:/a:mandriva:linux:samba4-devel", "p-cpe:/a:mandriva:linux:lib64tdb-devel", "p-cpe:/a:mandriva:linux:libdcerpc0", "p-cpe:/a:mandriva:linux:ldb-utils", "p-cpe:/a:mandriva:linux:lib64samba-hostconfig0", "p-cpe:/a:mandriva:linux:lib64tevent-devel", "p-cpe:/a:mandriva:linux:samba4-common", "p-cpe:/a:mandriva:linux:libtalloc1", "p-cpe:/a:mandriva:linux:libldb0"], "id": "MANDRIVA_MDVSA-2010-090.NASL", "href": "https://www.tenable.com/plugins/nessus/46227", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:090. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46227);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\");\n script_bugtraq_id(37992, 38326);\n script_xref(name:\"MDVSA\", value:\"2010:090-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : samba (MDVSA-2010:090-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilies has been found and corrected in samba :\n\nclient/mount.cifs.c in mount.cifs in smbfs in Samba does not verify\nthat the (1) device name and (2) mountpoint strings are composed of\nvalid characters, which allows local users to cause a denial of\nservice (mtab corruption) via a crafted string (CVE-2010-0547).\n\nclient/mount.cifs.c in mount.cifs in smbfs in Samba allows local users\nto mount a CIFS share on an arbitrary mountpoint, and gain privileges,\nvia a symlink attack on the mountpoint directory file (CVE-2010-0787).\n\nThe updated packages have been patched to correct these issues.\n\nUpdate :\n\nIt was discovered that the previous Samba update required libtalloc\nfrom Samba4 package. Therefore, this update provides the required\npackages in order to fix the issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ldb-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64dcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64dcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ldb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64samba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64samba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64talloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64talloc1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64tdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64tdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64tevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64tevent0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libldb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtalloc1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtevent0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mount-cifs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba4-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba4-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba4-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba4-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba4-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba4-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tdb-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.0\", reference:\"ldb-utils-0.9.3-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64dcerpc-devel-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64dcerpc0-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64ldb-devel-0.9.3-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64ldb0-0.9.3-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64ndr-devel-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64ndr0-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64samba-hostconfig-devel-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64samba-hostconfig0-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64talloc-devel-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64talloc1-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64tdb-devel-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64tdb1-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64tevent-devel-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64tevent0-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libdcerpc-devel-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libdcerpc0-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libldb-devel-0.9.3-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libldb0-0.9.3-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libndr-devel-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libndr0-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libsamba-hostconfig-devel-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libsamba-hostconfig0-0.0.1-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libtalloc-devel-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libtalloc1-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libtdb-devel-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libtdb1-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libtevent-devel-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libtevent0-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mount-cifs4-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"samba4-client-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"samba4-common-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"samba4-devel-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"samba4-pidl-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"samba4-python-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"samba4-server-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"samba4-test-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tdb-utils-4.0.0-0.4.alpha8.1mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:54:22", "description": "The remote host is affected by the vulnerability described in GLSA-201206-29\n(mount-cifs: Multiple vulnerabilites)\n\n Multiple vulnerabilities have been discovered in mount-cifs. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n The vulnerabilities allow local users to cause a denial of service (mtab\n corruption) via a crafted string. Also, local users could mount a CIFS\n share on an arbitrary mountpoint, and gain privileges via a symlink\n attack on the mountpoint directory file.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 22, "published": "2012-06-26T00:00:00", "title": "GLSA-201206-29 : mount-cifs: Multiple vulnerabilites", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2010-0787"], "modified": "2012-06-26T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:mount-cifs"], "id": "GENTOO_GLSA-201206-29.NASL", "href": "https://www.tenable.com/plugins/nessus/59702", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201206-29.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59702);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\");\n script_bugtraq_id(37992, 38326);\n script_xref(name:\"GLSA\", value:\"201206-29\");\n\n script_name(english:\"GLSA-201206-29 : mount-cifs: Multiple vulnerabilites\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201206-29\n(mount-cifs: Multiple vulnerabilites)\n\n Multiple vulnerabilities have been discovered in mount-cifs. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n The vulnerabilities allow local users to cause a denial of service (mtab\n corruption) via a crafted string. Also, local users could mount a CIFS\n share on an arbitrary mountpoint, and gain privileges via a symlink\n attack on the mountpoint directory file.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201206-29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Gentoo has discontinued support for mount-cifs. We recommend that users\n unmerge mount-cifs:\n # emerge --unmerge 'net-fs/mount-cifs'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mount-cifs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-fs/mount-cifs\", unaffected:make_list(), vulnerable:make_list(\"le 3.0.30\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mount-cifs\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:45:52", "description": "Two local vulnerabilities have been discovered in samba, a SMB/CIFS\nfile, print, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2009-3297\n Ronald Volgers discovered that a race condition in\n mount.cifs allows local users to mount remote\n filesystems over arbitrary mount points.\n\n - CVE-2010-0547\n Jeff Layton discovered that missing input sanitising in\n mount.cifs allows denial of service by corrupting\n /etc/mtab.", "edition": 27, "published": "2010-03-02T00:00:00", "title": "Debian DSA-2004-1 : samba - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2010-0787", "CVE-2009-3297"], "modified": "2010-03-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:samba", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2004.NASL", "href": "https://www.tenable.com/plugins/nessus/44950", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2004. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44950);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\");\n script_bugtraq_id(36936, 37019, 37036, 37068, 37069, 37339, 37519, 37523, 37724, 37762, 37906, 37992, 38058, 38144, 38165, 38326);\n script_xref(name:\"DSA\", value:\"2004\");\n\n script_name(english:\"Debian DSA-2004-1 : samba - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two local vulnerabilities have been discovered in samba, a SMB/CIFS\nfile, print, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2009-3297\n Ronald Volgers discovered that a race condition in\n mount.cifs allows local users to mount remote\n filesystems over arbitrary mount points.\n\n - CVE-2010-0547\n Jeff Layton discovered that missing input sanitising in\n mount.cifs allows denial of service by corrupting\n /etc/mtab.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3297\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2004\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the samba packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2:3.2.5-4lenny9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libpam-smbpass\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libsmbclient\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libsmbclient-dev\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libwbclient0\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"samba\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"samba-common\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"samba-dbg\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"samba-doc\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"samba-doc-pdf\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"samba-tools\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"smbclient\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"smbfs\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"swat\", reference:\"2:3.2.5-4lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"winbind\", reference:\"2:3.2.5-4lenny9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:45:58", "description": "Samba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA cross-site scripting (XSS) flaw was found in the password change\npage of the Samba Web Administration Tool (SWAT). If a remote attacker\ncould trick a user, who was logged into the SWAT interface, into\nvisiting a specially crafted URL, it would lead to arbitrary web\nscript execution in the context of the user's SWAT session.\n(CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a\nuser, who was logged into the SWAT interface, into visiting a\nspecially crafted URL, the attacker could perform Samba configuration\nchanges with the privileges of the logged in user. (CVE-2011-2522)\n\nA race condition flaw was found in the way the mount.cifs tool mounted\nCIFS (Common Internet File System) shares. If mount.cifs had the\nsetuid bit set, a local attacker could conduct a symbolic link attack\nto trick mount.cifs into mounting a share over an arbitrary directory\nthey were otherwise not allowed to mount to, possibly allowing them to\nescalate their privileges. (CVE-2010-0787)\n\nIt was found that the mount.cifs tool did not properly handle share or\ndirectory names containing a newline character. If mount.cifs had the\nsetuid bit set, a local attacker could corrupt the mtab (mounted file\nsystems table) file via a specially crafted CIFS share mount request.\n(CVE-2010-0547)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid\nbit set, a local attacker could corrupt the mtab file by setting a\nsmall file size limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba packages distributed by Red Hat does\nnot have the setuid bit set. We recommend that administrators do not\nmanually set the setuid bit for mount.cifs.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the smb service will be restarted automatically.", "edition": 26, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : samba on SL4.x, SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110829_SAMBA_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61123", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61123);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2011-1678\", \"CVE-2011-2522\", \"CVE-2011-2694\");\n\n script_name(english:\"Scientific Linux Security Update : samba on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Samba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA cross-site scripting (XSS) flaw was found in the password change\npage of the Samba Web Administration Tool (SWAT). If a remote attacker\ncould trick a user, who was logged into the SWAT interface, into\nvisiting a specially crafted URL, it would lead to arbitrary web\nscript execution in the context of the user's SWAT session.\n(CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a\nuser, who was logged into the SWAT interface, into visiting a\nspecially crafted URL, the attacker could perform Samba configuration\nchanges with the privileges of the logged in user. (CVE-2011-2522)\n\nA race condition flaw was found in the way the mount.cifs tool mounted\nCIFS (Common Internet File System) shares. If mount.cifs had the\nsetuid bit set, a local attacker could conduct a symbolic link attack\nto trick mount.cifs into mounting a share over an arbitrary directory\nthey were otherwise not allowed to mount to, possibly allowing them to\nescalate their privileges. (CVE-2010-0787)\n\nIt was found that the mount.cifs tool did not properly handle share or\ndirectory names containing a newline character. If mount.cifs had the\nsetuid bit set, a local attacker could corrupt the mtab (mounted file\nsystems table) file via a specially crafted CIFS share mount request.\n(CVE-2010-0547)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid\nbit set, a local attacker could corrupt the mtab file by setting a\nsmall file size limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba packages distributed by Red Hat does\nnot have the setuid bit set. We recommend that administrators do not\nmanually set the setuid bit for mount.cifs.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the smb service will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1108&L=scientific-linux-errata&T=0&P=3574\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?28eeef62\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"samba-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"samba-client-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"samba-common-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"samba-swat-3.0.33-0.34.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"libsmbclient-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libsmbclient-devel-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba-client-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba-common-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba-swat-3.0.33-3.29.el5_7.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:27:15", "description": "Updated samba packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA cross-site scripting (XSS) flaw was found in the password change\npage of the Samba Web Administration Tool (SWAT). If a remote attacker\ncould trick a user, who was logged into the SWAT interface, into\nvisiting a specially crafted URL, it would lead to arbitrary web\nscript execution in the context of the user's SWAT session.\n(CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a\nuser, who was logged into the SWAT interface, into visiting a\nspecially crafted URL, the attacker could perform Samba configuration\nchanges with the privileges of the logged in user. (CVE-2011-2522)\n\nA race condition flaw was found in the way the mount.cifs tool mounted\nCIFS (Common Internet File System) shares. If mount.cifs had the\nsetuid bit set, a local attacker could conduct a symbolic link attack\nto trick mount.cifs into mounting a share over an arbitrary directory\nthey were otherwise not allowed to mount to, possibly allowing them to\nescalate their privileges. (CVE-2010-0787)\n\nIt was found that the mount.cifs tool did not properly handle share or\ndirectory names containing a newline character. If mount.cifs had the\nsetuid bit set, a local attacker could corrupt the mtab (mounted file\nsystems table) file via a specially crafted CIFS share mount request.\n(CVE-2010-0547)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid\nbit set, a local attacker could corrupt the mtab file by setting a\nsmall file size limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba packages distributed by Red Hat does\nnot have the setuid bit set. We recommend that administrators do not\nmanually set the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2011-2694 and CVE-2011-2522; the Debian Security Team for\nreporting CVE-2010-0787; and Dan Rosenberg for reporting\nCVE-2011-1678. Upstream acknowledges Nobuhiro Tsuji of NTT DATA\nSecurity Corporation as the original reporter of CVE-2011-2694;\nYoshihiro Ishikawa of LAC Co., Ltd. as the original reporter of\nCVE-2011-2522; and the Debian Security Team acknowledges Ronald\nVolgers as the original reporter of CVE-2010-0787.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the smb service will be restarted automatically.", "edition": 28, "published": "2011-08-30T00:00:00", "title": "CentOS 4 / 5 : samba (CESA-2011:1219)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2011-3585", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "modified": "2011-08-30T00:00:00", "cpe": ["p-cpe:/a:centos:centos:samba-swat", "p-cpe:/a:centos:centos:samba-common", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:samba-client", "p-cpe:/a:centos:centos:samba", "p-cpe:/a:centos:centos:libsmbclient", "p-cpe:/a:centos:centos:libsmbclient-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-1219.NASL", "href": "https://www.tenable.com/plugins/nessus/55997", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1219 and \n# CentOS Errata and Security Advisory 2011:1219 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55997);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2011-1678\", \"CVE-2011-2522\", \"CVE-2011-2694\", \"CVE-2011-3585\");\n script_bugtraq_id(37992);\n script_xref(name:\"RHSA\", value:\"2011:1219\");\n\n script_name(english:\"CentOS 4 / 5 : samba (CESA-2011:1219)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA cross-site scripting (XSS) flaw was found in the password change\npage of the Samba Web Administration Tool (SWAT). If a remote attacker\ncould trick a user, who was logged into the SWAT interface, into\nvisiting a specially crafted URL, it would lead to arbitrary web\nscript execution in the context of the user's SWAT session.\n(CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a\nuser, who was logged into the SWAT interface, into visiting a\nspecially crafted URL, the attacker could perform Samba configuration\nchanges with the privileges of the logged in user. (CVE-2011-2522)\n\nA race condition flaw was found in the way the mount.cifs tool mounted\nCIFS (Common Internet File System) shares. If mount.cifs had the\nsetuid bit set, a local attacker could conduct a symbolic link attack\nto trick mount.cifs into mounting a share over an arbitrary directory\nthey were otherwise not allowed to mount to, possibly allowing them to\nescalate their privileges. (CVE-2010-0787)\n\nIt was found that the mount.cifs tool did not properly handle share or\ndirectory names containing a newline character. If mount.cifs had the\nsetuid bit set, a local attacker could corrupt the mtab (mounted file\nsystems table) file via a specially crafted CIFS share mount request.\n(CVE-2010-0547)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid\nbit set, a local attacker could corrupt the mtab file by setting a\nsmall file size limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba packages distributed by Red Hat does\nnot have the setuid bit set. We recommend that administrators do not\nmanually set the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2011-2694 and CVE-2011-2522; the Debian Security Team for\nreporting CVE-2010-0787; and Dan Rosenberg for reporting\nCVE-2011-1678. Upstream acknowledges Nobuhiro Tsuji of NTT DATA\nSecurity Corporation as the original reporter of CVE-2011-2694;\nYoshihiro Ishikawa of LAC Co., Ltd. as the original reporter of\nCVE-2011-2522; and the Debian Security Team acknowledges Ronald\nVolgers as the original reporter of CVE-2010-0787.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the smb service will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-August/017708.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6da8e78\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-August/017709.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a8d50dd8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-September/017966.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fe52cf92\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-September/017967.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?74ab0647\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2011-September/000136.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29bfd921\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2011-September/000137.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7b1868b9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"samba-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"samba-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"samba-client-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"samba-client-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"samba-common-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"samba-common-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"samba-swat-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"samba-swat-3.0.33-0.34.el4\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"libsmbclient-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libsmbclient-devel-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba-client-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba-common-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba-swat-3.0.33-3.29.el5_7.4\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:46:13", "description": "From Red Hat Security Advisory 2011:1219 :\n\nUpdated samba packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA cross-site scripting (XSS) flaw was found in the password change\npage of the Samba Web Administration Tool (SWAT). If a remote attacker\ncould trick a user, who was logged into the SWAT interface, into\nvisiting a specially crafted URL, it would lead to arbitrary web\nscript execution in the context of the user's SWAT session.\n(CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a\nuser, who was logged into the SWAT interface, into visiting a\nspecially crafted URL, the attacker could perform Samba configuration\nchanges with the privileges of the logged in user. (CVE-2011-2522)\n\nA race condition flaw was found in the way the mount.cifs tool mounted\nCIFS (Common Internet File System) shares. If mount.cifs had the\nsetuid bit set, a local attacker could conduct a symbolic link attack\nto trick mount.cifs into mounting a share over an arbitrary directory\nthey were otherwise not allowed to mount to, possibly allowing them to\nescalate their privileges. (CVE-2010-0787)\n\nIt was found that the mount.cifs tool did not properly handle share or\ndirectory names containing a newline character. If mount.cifs had the\nsetuid bit set, a local attacker could corrupt the mtab (mounted file\nsystems table) file via a specially crafted CIFS share mount request.\n(CVE-2010-0547)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid\nbit set, a local attacker could corrupt the mtab file by setting a\nsmall file size limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba packages distributed by Red Hat does\nnot have the setuid bit set. We recommend that administrators do not\nmanually set the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2011-2694 and CVE-2011-2522; the Debian Security Team for\nreporting CVE-2010-0787; and Dan Rosenberg for reporting\nCVE-2011-1678. Upstream acknowledges Nobuhiro Tsuji of NTT DATA\nSecurity Corporation as the original reporter of CVE-2011-2694;\nYoshihiro Ishikawa of LAC Co., Ltd. as the original reporter of\nCVE-2011-2522; and the Debian Security Team acknowledges Ronald\nVolgers as the original reporter of CVE-2010-0787.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the smb service will be restarted automatically.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 5 : samba (ELSA-2011-1219)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2011-3585", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:samba-common", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:libsmbclient", "p-cpe:/a:oracle:linux:samba-client", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:samba", "p-cpe:/a:oracle:linux:samba-swat", "p-cpe:/a:oracle:linux:libsmbclient-devel"], "id": "ORACLELINUX_ELSA-2011-1219.NASL", "href": "https://www.tenable.com/plugins/nessus/68335", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:1219 and \n# Oracle Linux Security Advisory ELSA-2011-1219 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68335);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2011-1678\", \"CVE-2011-2522\", \"CVE-2011-2694\", \"CVE-2011-3585\");\n script_bugtraq_id(37992);\n script_xref(name:\"RHSA\", value:\"2011:1219\");\n\n script_name(english:\"Oracle Linux 4 / 5 : samba (ELSA-2011-1219)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:1219 :\n\nUpdated samba packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA cross-site scripting (XSS) flaw was found in the password change\npage of the Samba Web Administration Tool (SWAT). If a remote attacker\ncould trick a user, who was logged into the SWAT interface, into\nvisiting a specially crafted URL, it would lead to arbitrary web\nscript execution in the context of the user's SWAT session.\n(CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a\nuser, who was logged into the SWAT interface, into visiting a\nspecially crafted URL, the attacker could perform Samba configuration\nchanges with the privileges of the logged in user. (CVE-2011-2522)\n\nA race condition flaw was found in the way the mount.cifs tool mounted\nCIFS (Common Internet File System) shares. If mount.cifs had the\nsetuid bit set, a local attacker could conduct a symbolic link attack\nto trick mount.cifs into mounting a share over an arbitrary directory\nthey were otherwise not allowed to mount to, possibly allowing them to\nescalate their privileges. (CVE-2010-0787)\n\nIt was found that the mount.cifs tool did not properly handle share or\ndirectory names containing a newline character. If mount.cifs had the\nsetuid bit set, a local attacker could corrupt the mtab (mounted file\nsystems table) file via a specially crafted CIFS share mount request.\n(CVE-2010-0547)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid\nbit set, a local attacker could corrupt the mtab file by setting a\nsmall file size limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba packages distributed by Red Hat does\nnot have the setuid bit set. We recommend that administrators do not\nmanually set the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2011-2694 and CVE-2011-2522; the Debian Security Team for\nreporting CVE-2010-0787; and Dan Rosenberg for reporting\nCVE-2011-1678. Upstream acknowledges Nobuhiro Tsuji of NTT DATA\nSecurity Corporation as the original reporter of CVE-2011-2694;\nYoshihiro Ishikawa of LAC Co., Ltd. as the original reporter of\nCVE-2011-2522; and the Debian Security Team acknowledges Ronald\nVolgers as the original reporter of CVE-2010-0787.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the smb service will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-August/002316.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-August/002317.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"samba-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"samba-client-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"samba-common-3.0.33-0.34.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"samba-swat-3.0.33-0.34.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"libsmbclient-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libsmbclient-devel-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba-client-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba-common-3.0.33-3.29.el5_7.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba-swat-3.0.33-3.29.el5_7.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:09:44", "description": "Updated samba packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA cross-site scripting (XSS) flaw was found in the password change\npage of the Samba Web Administration Tool (SWAT). If a remote attacker\ncould trick a user, who was logged into the SWAT interface, into\nvisiting a specially crafted URL, it would lead to arbitrary web\nscript execution in the context of the user's SWAT session.\n(CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a\nuser, who was logged into the SWAT interface, into visiting a\nspecially crafted URL, the attacker could perform Samba configuration\nchanges with the privileges of the logged in user. (CVE-2011-2522)\n\nA race condition flaw was found in the way the mount.cifs tool mounted\nCIFS (Common Internet File System) shares. If mount.cifs had the\nsetuid bit set, a local attacker could conduct a symbolic link attack\nto trick mount.cifs into mounting a share over an arbitrary directory\nthey were otherwise not allowed to mount to, possibly allowing them to\nescalate their privileges. (CVE-2010-0787)\n\nIt was found that the mount.cifs tool did not properly handle share or\ndirectory names containing a newline character. If mount.cifs had the\nsetuid bit set, a local attacker could corrupt the mtab (mounted file\nsystems table) file via a specially crafted CIFS share mount request.\n(CVE-2010-0547)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid\nbit set, a local attacker could corrupt the mtab file by setting a\nsmall file size limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba packages distributed by Red Hat does\nnot have the setuid bit set. We recommend that administrators do not\nmanually set the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2011-2694 and CVE-2011-2522; the Debian Security Team for\nreporting CVE-2010-0787; and Dan Rosenberg for reporting\nCVE-2011-1678. Upstream acknowledges Nobuhiro Tsuji of NTT DATA\nSecurity Corporation as the original reporter of CVE-2011-2694;\nYoshihiro Ishikawa of LAC Co., Ltd. as the original reporter of\nCVE-2011-2522; and the Debian Security Team acknowledges Ronald\nVolgers as the original reporter of CVE-2010-0787.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the smb service will be restarted automatically.", "edition": 28, "published": "2011-08-30T00:00:00", "title": "RHEL 4 / 5 : samba (RHSA-2011:1219)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2011-3585", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "modified": "2011-08-30T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-swat"], "id": "REDHAT-RHSA-2011-1219.NASL", "href": "https://www.tenable.com/plugins/nessus/55999", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1219. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55999);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2011-1678\", \"CVE-2011-2522\", \"CVE-2011-2694\", \"CVE-2011-3585\");\n script_bugtraq_id(37992);\n script_xref(name:\"RHSA\", value:\"2011:1219\");\n\n script_name(english:\"RHEL 4 / 5 : samba (RHSA-2011:1219)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA cross-site scripting (XSS) flaw was found in the password change\npage of the Samba Web Administration Tool (SWAT). If a remote attacker\ncould trick a user, who was logged into the SWAT interface, into\nvisiting a specially crafted URL, it would lead to arbitrary web\nscript execution in the context of the user's SWAT session.\n(CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a\nuser, who was logged into the SWAT interface, into visiting a\nspecially crafted URL, the attacker could perform Samba configuration\nchanges with the privileges of the logged in user. (CVE-2011-2522)\n\nA race condition flaw was found in the way the mount.cifs tool mounted\nCIFS (Common Internet File System) shares. If mount.cifs had the\nsetuid bit set, a local attacker could conduct a symbolic link attack\nto trick mount.cifs into mounting a share over an arbitrary directory\nthey were otherwise not allowed to mount to, possibly allowing them to\nescalate their privileges. (CVE-2010-0787)\n\nIt was found that the mount.cifs tool did not properly handle share or\ndirectory names containing a newline character. If mount.cifs had the\nsetuid bit set, a local attacker could corrupt the mtab (mounted file\nsystems table) file via a specially crafted CIFS share mount request.\n(CVE-2010-0547)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid\nbit set, a local attacker could corrupt the mtab file by setting a\nsmall file size limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba packages distributed by Red Hat does\nnot have the setuid bit set. We recommend that administrators do not\nmanually set the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2011-2694 and CVE-2011-2522; the Debian Security Team for\nreporting CVE-2010-0787; and Dan Rosenberg for reporting\nCVE-2011-1678. Upstream acknowledges Nobuhiro Tsuji of NTT DATA\nSecurity Corporation as the original reporter of CVE-2011-2694;\nYoshihiro Ishikawa of LAC Co., Ltd. as the original reporter of\nCVE-2011-2522; and the Debian Security Team acknowledges Ronald\nVolgers as the original reporter of CVE-2010-0787.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the smb service will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2522\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3585\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1219\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1219\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"samba-3.0.33-0.34.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"samba-client-3.0.33-0.34.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"samba-common-3.0.33-0.34.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"samba-swat-3.0.33-0.34.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"libsmbclient-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"libsmbclient-devel-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba-client-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba-client-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba-client-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"samba-common-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba-swat-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba-swat-3.0.33-3.29.el5_7.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba-swat-3.0.33-3.29.el5_7.4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:57:20", "description": "Ronald Volgers discovered that the mount.cifs utility, when installed\nas a setuid program, suffered from a race condition when verifying\nuser permissions. A local attacker could trick samba into mounting\nover arbitrary locations, leading to a root privilege escalation.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2010-01-29T00:00:00", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : samba vulnerability (USN-893-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0787"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:samba-doc", "p-cpe:/a:canonical:ubuntu_linux:smbclient", "p-cpe:/a:canonical:ubuntu_linux:libwbclient0", "p-cpe:/a:canonical:ubuntu_linux:samba-common-bin", "p-cpe:/a:canonical:ubuntu_linux:samba-tools", "p-cpe:/a:canonical:ubuntu_linux:samba", "p-cpe:/a:canonical:ubuntu_linux:swat", "p-cpe:/a:canonical:ubuntu_linux:smbfs", "p-cpe:/a:canonical:ubuntu_linux:winbind", "p-cpe:/a:canonical:ubuntu_linux:libpam-smbpass", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libsmbclient-dev", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:samba-common", "p-cpe:/a:canonical:ubuntu_linux:samba-doc-pdf", "p-cpe:/a:canonical:ubuntu_linux:samba-dbg", "cpe:/o:canonical:ubuntu_linux:8.10", "p-cpe:/a:canonical:ubuntu_linux:python2.4-samba", "cpe:/o:canonical:ubuntu_linux:9.04", "p-cpe:/a:canonical:ubuntu_linux:libsmbclient", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-893-1.NASL", "href": "https://www.tenable.com/plugins/nessus/44336", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-893-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44336);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-0787\");\n script_xref(name:\"USN\", value:\"893-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : samba vulnerability (USN-893-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ronald Volgers discovered that the mount.cifs utility, when installed\nas a setuid program, suffered from a race condition when verifying\nuser permissions. A local attacker could trick samba into mounting\nover arbitrary locations, leading to a root privilege escalation.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/893-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpam-smbpass\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsmbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-common-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:smbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:smbfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04|9\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04 / 9.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpam-smbpass\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libsmbclient\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libsmbclient-dev\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-samba\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-common\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-dbg\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-doc\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"samba-doc-pdf\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"smbclient\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"smbfs\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"swat\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"winbind\", pkgver:\"3.0.22-1ubuntu3.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpam-smbpass\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libsmbclient\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libsmbclient-dev\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"samba\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"samba-common\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"samba-dbg\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"samba-doc\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"samba-doc-pdf\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"smbclient\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"smbfs\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"swat\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"winbind\", pkgver:\"3.0.28a-1ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpam-smbpass\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libsmbclient\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libsmbclient-dev\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libwbclient0\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"samba\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"samba-common\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"samba-dbg\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"samba-doc\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"samba-doc-pdf\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"samba-tools\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"smbclient\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"smbfs\", pkgver:\"2:3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"swat\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"winbind\", pkgver:\"3.2.3-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libpam-smbpass\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libsmbclient\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libsmbclient-dev\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libwbclient0\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"samba\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"samba-common\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"samba-dbg\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"samba-doc\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"samba-doc-pdf\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"samba-tools\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"smbclient\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"smbfs\", pkgver:\"2:3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"swat\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"winbind\", pkgver:\"3.3.2-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libpam-smbpass\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libsmbclient\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libsmbclient-dev\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libwbclient0\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"samba\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"samba-common\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"samba-common-bin\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"samba-dbg\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"samba-doc\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"samba-doc-pdf\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"samba-tools\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"smbclient\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"smbfs\", pkgver:\"2:3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"swat\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"winbind\", pkgver:\"3.4.0-3ubuntu5.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpam-smbpass / libsmbclient / libsmbclient-dev / libwbclient0 / etc\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:09:02", "description": "This is an update that fixes a problem with handling embedded newlines\nin share names or mountpoints.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2011-08-23T00:00:00", "title": "Fedora 16 : cifs-utils-5.0-2.fc16 (2011-10028)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-2724"], "modified": "2011-08-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:16", "p-cpe:/a:fedoraproject:fedora:cifs-utils"], "id": "FEDORA_2011-10028.NASL", "href": "https://www.tenable.com/plugins/nessus/55944", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-10028.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55944);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-0547\", \"CVE-2011-2724\");\n script_bugtraq_id(38326);\n script_xref(name:\"FEDORA\", value:\"2011-10028\");\n\n script_name(english:\"Fedora 16 : cifs-utils-5.0-2.fc16 (2011-10028)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is an update that fixes a problem with handling embedded newlines\nin share names or mountpoints.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=726691\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/064316.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36cb1e6a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cifs-utils package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cifs-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"cifs-utils-5.0-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cifs-utils\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:09:48", "description": "This is an update that fixes a problem with handling embedded newlines\nin share names or mountpoints.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2011-08-09T00:00:00", "title": "Fedora 15 : cifs-utils-5.0-2.fc15 (2011-9831)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-2724"], "modified": "2011-08-09T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cifs-utils", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-9831.NASL", "href": "https://www.tenable.com/plugins/nessus/55778", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-9831.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55778);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-0547\", \"CVE-2011-2724\");\n script_bugtraq_id(38326);\n script_xref(name:\"FEDORA\", value:\"2011-9831\");\n\n script_name(english:\"Fedora 15 : cifs-utils-5.0-2.fc15 (2011-9831)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is an update that fixes a problem with handling embedded newlines\nin share names or mountpoints.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=726691\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/063521.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0813ce86\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cifs-utils package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cifs-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"cifs-utils-5.0-2.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cifs-utils\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:07", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2010-0787"], "description": "### Background\n\nmount-cifs is the cifs filesystem mount helper split from Samba.\n\n### Description\n\nMultiple vulnerabilities have been discovered in mount-cifs. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nThe vulnerabilities allow local users to cause a denial of service (mtab corruption) via a crafted string. Also, local users could mount a CIFS share on an arbitrary mountpoint, and gain privileges via a symlink attack on the mountpoint directory file. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nGentoo has discontinued support for mount-cifs. We recommend that users unmerge mount-cifs: \n \n \n # emerge --unmerge \"net-fs/mount-cifs\"", "edition": 1, "modified": "2014-02-02T00:00:00", "published": "2012-06-25T00:00:00", "id": "GLSA-201206-29", "href": "https://security.gentoo.org/glsa/201206-29", "type": "gentoo", "title": "mount-cifs: Multiple vulnerabilites", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-01-02T10:54:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2010-0787"], "description": "Check for the Version of openssh", "modified": "2017-12-22T00:00:00", "published": "2010-03-12T00:00:00", "id": "OPENVAS:830929", "href": "http://plugins.openvas.org/nasl.php?oid=830929", "type": "openvas", "title": "Mandriva Update for openssh MDVA-2010:090 (openssh)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssh MDVA-2010:090 (openssh)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssh on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_insight = \"This bugfix release addresses a long standing problem when issuing\n the halt or reboot commands on a remote Mandriva system. This led\n to that the session wasn't closed properly. This advisory corrects\n this problem.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-03/msg00007.php\");\n script_id(830929);\n script_version(\"$Revision: 8226 $\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-12 17:02:32 +0100 (Fri, 12 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVA\", value: \"2010:090\");\n script_name(\"Mandriva Update for openssh MDVA-2010:090 (openssh)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssh\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-common\", rpm:\"openssh-askpass-common~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-gnome\", rpm:\"openssh-askpass-gnome~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~4.7p1~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-common\", rpm:\"openssh-askpass-common~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-gnome\", rpm:\"openssh-askpass-gnome~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~5.1p1~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.1p1~2.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-common\", rpm:\"openssh-askpass-common~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-gnome\", rpm:\"openssh-askpass-gnome~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~5.3p1~2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-common\", rpm:\"openssh-askpass-common~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-gnome\", rpm:\"openssh-askpass-gnome~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~5.2p1~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssh\", rpm:\"openssh~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass\", rpm:\"openssh-askpass~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-common\", rpm:\"openssh-askpass-common~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-askpass-gnome\", rpm:\"openssh-askpass-gnome~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-clients\", rpm:\"openssh-clients~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssh-server\", rpm:\"openssh-server~5.1p1~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2010-0787"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-29.", "modified": "2017-07-07T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:71555", "href": "http://plugins.openvas.org/nasl.php?oid=71555", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-29 (mount-cifs)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in mount-cifs, the worst of\nwhich leading to privilege escalation.\";\ntag_solution = \"All mount-cifs users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/mount-cifs-3.4.6'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-29\nhttp://bugs.gentoo.org/show_bug.cgi?id=308067\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201206-29.\";\n\n \n \nif(description)\n{\n script_id(71555);\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:53 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-29 (mount-cifs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-fs/mount-cifs\", unaffected: make_list(\"ge 3.4.6\"), vulnerable: make_list(\"lt 3.4.6\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:54:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2010-0787"], "description": "Check for the Version of samba", "modified": "2018-01-08T00:00:00", "published": "2010-05-17T00:00:00", "id": "OPENVAS:1361412562310831038", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831038", "type": "openvas", "title": "Mandriva Update for samba MDVSA-2010:090-1 (samba)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for samba MDVSA-2010:090-1 (samba)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilies has been found and corrected in samba:\n\n client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify\n that the (1) device name and (2) mountpoint strings are composed of\n valid characters, which allows local users to cause a denial of service\n (mtab corruption) via a crafted string (CVE-2010-0547).\n \n client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users\n to mount a CIFS share on an arbitrary mountpoint, and gain privileges,\n via a symlink attack on the mountpoint directory file (CVE-2010-0787).\n \n The updated packages have been patched to correct these issues.\n \n Update:\n \n It was discovered that the previous Samba update required libtalloc\n from Samba4 package. Therefore, this update provides the required\n packages in order to fix the issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"samba on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-05/msg00011.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831038\");\n script_version(\"$Revision: 8314 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 09:01:01 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-17 16:00:10 +0200 (Mon, 17 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:090-1\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\");\n script_name(\"Mandriva Update for samba MDVSA-2010:090-1 (samba)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"ldb-utils\", rpm:\"ldb-utils~0.9.3~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdcerpc0\", rpm:\"libdcerpc0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdcerpc-devel\", rpm:\"libdcerpc-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldb0\", rpm:\"libldb0~0.9.3~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldb-devel\", rpm:\"libldb-devel~0.9.3~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libndr0\", rpm:\"libndr0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libndr-devel\", rpm:\"libndr-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsamba-hostconfig0\", rpm:\"libsamba-hostconfig0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsamba-hostconfig-devel\", rpm:\"libsamba-hostconfig-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtalloc1\", rpm:\"libtalloc1~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtalloc-devel\", rpm:\"libtalloc-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtdb1\", rpm:\"libtdb1~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtdb-devel\", rpm:\"libtdb-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtevent0\", rpm:\"libtevent0~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtevent-devel\", rpm:\"libtevent-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mount-cifs4\", rpm:\"mount-cifs4~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-client\", rpm:\"samba4-client~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-common\", rpm:\"samba4-common~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-devel\", rpm:\"samba4-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-pidl\", rpm:\"samba4-pidl~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-python\", rpm:\"samba4-python~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-server\", rpm:\"samba4-server~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-test\", rpm:\"samba4-test~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tdb-utils\", rpm:\"tdb-utils~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4\", rpm:\"samba4~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64dcerpc0\", rpm:\"lib64dcerpc0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64dcerpc-devel\", rpm:\"lib64dcerpc-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldb0\", rpm:\"lib64ldb0~0.9.3~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldb-devel\", rpm:\"lib64ldb-devel~0.9.3~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ndr0\", rpm:\"lib64ndr0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ndr-devel\", rpm:\"lib64ndr-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64samba-hostconfig0\", rpm:\"lib64samba-hostconfig0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64samba-hostconfig-devel\", rpm:\"lib64samba-hostconfig-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64talloc1\", rpm:\"lib64talloc1~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64talloc-devel\", rpm:\"lib64talloc-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64tdb1\", rpm:\"lib64tdb1~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64tdb-devel\", rpm:\"lib64tdb-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64tevent0\", rpm:\"lib64tevent0~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64tevent-devel\", rpm:\"lib64tevent-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2010-0787"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-29.", "modified": "2018-10-12T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:136141256231071555", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071555", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-29 (mount-cifs)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201206_29.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71555\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:53 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-29 (mount-cifs)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in mount-cifs, the worst of\nwhich leading to privilege escalation.\");\n script_tag(name:\"solution\", value:\"All mount-cifs users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/mount-cifs-3.4.6'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-29\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=308067\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201206-29.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-fs/mount-cifs\", unaffected: make_list(\"ge 3.4.6\"), vulnerable: make_list(\"lt 3.4.6\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-18T10:58:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2010-0787"], "description": "Check for the Version of samba", "modified": "2017-12-18T00:00:00", "published": "2010-05-17T00:00:00", "id": "OPENVAS:831038", "href": "http://plugins.openvas.org/nasl.php?oid=831038", "type": "openvas", "title": "Mandriva Update for samba MDVSA-2010:090-1 (samba)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for samba MDVSA-2010:090-1 (samba)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilies has been found and corrected in samba:\n\n client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify\n that the (1) device name and (2) mountpoint strings are composed of\n valid characters, which allows local users to cause a denial of service\n (mtab corruption) via a crafted string (CVE-2010-0547).\n \n client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users\n to mount a CIFS share on an arbitrary mountpoint, and gain privileges,\n via a symlink attack on the mountpoint directory file (CVE-2010-0787).\n \n The updated packages have been patched to correct these issues.\n \n Update:\n \n It was discovered that the previous Samba update required libtalloc\n from Samba4 package. Therefore, this update provides the required\n packages in order to fix the issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"samba on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-05/msg00011.php\");\n script_id(831038);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-17 16:00:10 +0200 (Mon, 17 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:090-1\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\");\n script_name(\"Mandriva Update for samba MDVSA-2010:090-1 (samba)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"ldb-utils\", rpm:\"ldb-utils~0.9.3~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdcerpc0\", rpm:\"libdcerpc0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdcerpc-devel\", rpm:\"libdcerpc-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldb0\", rpm:\"libldb0~0.9.3~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldb-devel\", rpm:\"libldb-devel~0.9.3~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libndr0\", rpm:\"libndr0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libndr-devel\", rpm:\"libndr-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsamba-hostconfig0\", rpm:\"libsamba-hostconfig0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsamba-hostconfig-devel\", rpm:\"libsamba-hostconfig-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtalloc1\", rpm:\"libtalloc1~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtalloc-devel\", rpm:\"libtalloc-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtdb1\", rpm:\"libtdb1~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtdb-devel\", rpm:\"libtdb-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtevent0\", rpm:\"libtevent0~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtevent-devel\", rpm:\"libtevent-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mount-cifs4\", rpm:\"mount-cifs4~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-client\", rpm:\"samba4-client~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-common\", rpm:\"samba4-common~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-devel\", rpm:\"samba4-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-pidl\", rpm:\"samba4-pidl~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-python\", rpm:\"samba4-python~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-server\", rpm:\"samba4-server~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4-test\", rpm:\"samba4-test~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tdb-utils\", rpm:\"tdb-utils~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba4\", rpm:\"samba4~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64dcerpc0\", rpm:\"lib64dcerpc0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64dcerpc-devel\", rpm:\"lib64dcerpc-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldb0\", rpm:\"lib64ldb0~0.9.3~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldb-devel\", rpm:\"lib64ldb-devel~0.9.3~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ndr0\", rpm:\"lib64ndr0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ndr-devel\", rpm:\"lib64ndr-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64samba-hostconfig0\", rpm:\"lib64samba-hostconfig0~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64samba-hostconfig-devel\", rpm:\"lib64samba-hostconfig-devel~0.0.1~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64talloc1\", rpm:\"lib64talloc1~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64talloc-devel\", rpm:\"lib64talloc-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64tdb1\", rpm:\"lib64tdb1~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64tdb-devel\", rpm:\"lib64tdb-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64tevent0\", rpm:\"lib64tevent0~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64tevent-devel\", rpm:\"lib64tevent-devel~4.0.0~0.4.alpha8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "description": "Check for the Version of samba", "modified": "2017-12-27T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881388", "href": "http://plugins.openvas.org/nasl.php?oid=881388", "type": "openvas", "title": "CentOS Update for samba CESA-2011:1219 centos4 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba CESA-2011:1219 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A cross-site scripting (XSS) flaw was found in the password change page of\n the Samba Web Administration Tool (SWAT). If a remote attacker could trick\n a user, who was logged into the SWAT interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's SWAT session. (CVE-2011-2694)\n \n It was found that SWAT web pages did not protect against Cross-Site\n Request Forgery (CSRF) attacks. If a remote attacker could trick a user,\n who was logged into the SWAT interface, into visiting a specially-crafted\n URL, the attacker could perform Samba configuration changes with the\n privileges of the logged in user. (CVE-2011-2522)\n \n A race condition flaw was found in the way the mount.cifs tool mounted CIFS\n (Common Internet File System) shares. If mount.cifs had the setuid bit set,\n a local attacker could conduct a symbolic link attack to trick mount.cifs\n into mounting a share over an arbitrary directory they were otherwise not\n allowed to mount to, possibly allowing them to escalate their privileges.\n (CVE-2010-0787)\n \n It was found that the mount.cifs tool did not properly handle share or\n directory names containing a newline character. If mount.cifs had the\n setuid bit set, a local attacker could corrupt the mtab (mounted file\n systems table) file via a specially-crafted CIFS share mount request.\n (CVE-2010-0547)\n \n It was found that the mount.cifs tool did not handle certain errors\n correctly when updating the mtab file. If mount.cifs had the setuid bit\n set, a local attacker could corrupt the mtab file by setting a small file\n size limit before running mount.cifs. (CVE-2011-1678)\n \n Note: mount.cifs from the samba packages distributed by Red Hat does not\n have the setuid bit set. We recommend that administrators do not manually\n set the setuid bit for mount.cifs.\n \n Red Hat would like to thank the Samba project for reporting CVE-2011-2694\n and CVE-2011-2522; the Debian Security Team for reporting CVE-2010-0787;\n and Dan Rosenberg for reporting CVE-2011-1678. Upstream acknowledges\n Nobuhiro Tsuji of NTT DATA Security Corporation as the original reporter of\n CVE-2011-2694; Yoshihiro Ishikawa of LAC Co., Ltd. as the original reporter\n of CVE-2011-2522; and the Debian Security Team acknowledges Ronald Volgers\n as the original reporter of CVE-2010-0787.\n \n Users of Samba are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the smb service will be restarted automatically.\";\n\ntag_affected = \"samba on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-August/017709.html\");\n script_id(881388);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:39:58 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2011-1678\", \"CVE-2011-2522\",\n \"CVE-2011-2694\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2011:1219\");\n script_name(\"CentOS Update for samba CESA-2011:1219 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-09-07T00:00:00", "id": "OPENVAS:1361412562310880969", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880969", "type": "openvas", "title": "CentOS Update for samba CESA-2011:1219 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba CESA-2011:1219 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-August/017708.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880969\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-07 08:58:04 +0200 (Wed, 07 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2011:1219\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2011-1678\", \"CVE-2011-2522\", \"CVE-2011-2694\");\n script_name(\"CentOS Update for samba CESA-2011:1219 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"samba on CentOS 4\");\n script_tag(name:\"insight\", value:\"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A cross-site scripting (XSS) flaw was found in the password change page of\n the Samba Web Administration Tool (SWAT). If a remote attacker could trick\n a user, who was logged into the SWAT interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's SWAT session. (CVE-2011-2694)\n\n It was found that SWAT web pages did not protect against Cross-Site\n Request Forgery (CSRF) attacks. If a remote attacker could trick a user,\n who was logged into the SWAT interface, into visiting a specially-crafted\n URL, the attacker could perform Samba configuration changes with the\n privileges of the logged in user. (CVE-2011-2522)\n\n A race condition flaw was found in the way the mount.cifs tool mounted CIFS\n (Common Internet File System) shares. If mount.cifs had the setuid bit set,\n a local attacker could conduct a symbolic link attack to trick mount.cifs\n into mounting a share over an arbitrary directory they were otherwise not\n allowed to mount to, possibly allowing them to escalate their privileges.\n (CVE-2010-0787)\n\n It was found that the mount.cifs tool did not properly handle share or\n directory names containing a newline character. If mount.cifs had the\n setuid bit set, a local attacker could corrupt the mtab (mounted file\n systems table) file via a specially-crafted CIFS share mount request.\n (CVE-2010-0547)\n\n It was found that the mount.cifs tool did not handle certain errors\n correctly when updating the mtab file. If mount.cifs had the setuid bit\n set, a local attacker could corrupt the mtab file by setting a small file\n size limit before running mount.cifs. (CVE-2011-1678)\n\n Note: mount.cifs from the samba packages distributed by Red Hat does not\n have the setuid bit set. We recommend that administrators do not manually\n set the setuid bit for mount.cifs.\n\n Red Hat would like to thank the Samba project for reporting CVE-2011-2694\n and CVE-2011-2522, the Debian Security Team for reporting CVE-2010-0787,\n and Dan Rosenberg for reporting CVE-2011-1678. Upstream acknowledges\n Nobuhiro Tsuji of NTT DATA Security Corporation as the original reporter of\n CVE-2011-2694, Yoshihiro Ishikawa of LAC Co., Ltd. as the original reporter\n of CVE-2011-2522, and the Debian Security Team acknowledges Ronald Volgers\n as the original reporter of CVE-2010-0787.\n\n Users of Samba are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the smb service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-09-23T00:00:00", "id": "OPENVAS:1361412562310880981", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880981", "type": "openvas", "title": "CentOS Update for libsmbclient CESA-2011:1219 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmbclient CESA-2011:1219 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-September/017966.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880981\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-23 16:39:49 +0200 (Fri, 23 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2011:1219\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2011-1678\", \"CVE-2011-2522\", \"CVE-2011-2694\");\n script_name(\"CentOS Update for libsmbclient CESA-2011:1219 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libsmbclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"libsmbclient on CentOS 5\");\n script_tag(name:\"insight\", value:\"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A cross-site scripting (XSS) flaw was found in the password change page of\n the Samba Web Administration Tool (SWAT). If a remote attacker could trick\n a user, who was logged into the SWAT interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's SWAT session. (CVE-2011-2694)\n\n It was found that SWAT web pages did not protect against Cross-Site\n Request Forgery (CSRF) attacks. If a remote attacker could trick a user,\n who was logged into the SWAT interface, into visiting a specially-crafted\n URL, the attacker could perform Samba configuration changes with the\n privileges of the logged in user. (CVE-2011-2522)\n\n A race condition flaw was found in the way the mount.cifs tool mounted CIFS\n (Common Internet File System) shares. If mount.cifs had the setuid bit set,\n a local attacker could conduct a symbolic link attack to trick mount.cifs\n into mounting a share over an arbitrary directory they were otherwise not\n allowed to mount to, possibly allowing them to escalate their privileges.\n (CVE-2010-0787)\n\n It was found that the mount.cifs tool did not properly handle share or\n directory names containing a newline character. If mount.cifs had the\n setuid bit set, a local attacker could corrupt the mtab (mounted file\n systems table) file via a specially-crafted CIFS share mount request.\n (CVE-2010-0547)\n\n It was found that the mount.cifs tool did not handle certain errors\n correctly when updating the mtab file. If mount.cifs had the setuid bit\n set, a local attacker could corrupt the mtab file by setting a small file\n size limit before running mount.cifs. (CVE-2011-1678)\n\n Note: mount.cifs from the samba packages distributed by Red Hat does not\n have the setuid bit set. We recommend that administrators do not manually\n set the setuid bit for mount.cifs.\n\n Red Hat would like to thank the Samba project for reporting CVE-2011-2694\n and CVE-2011-2522, the Debian Security Team for reporting CVE-2010-0787,\n and Dan Rosenberg for reporting CVE-2011-1678. Upstream acknowledges\n Nobuhiro Tsuji of NTT DATA Security Corporation as the original reporter of\n CVE-2011-2694, Yoshihiro Ishikawa of LAC Co., Ltd. as the original reporter\n of CVE-2011-2522, and the Debian Security Team acknowledges Ronald Volgers\n as the original reporter of CVE-2010-0787.\n\n Users of Samba are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the smb service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:1361412562310881388", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881388", "type": "openvas", "title": "CentOS Update for samba CESA-2011:1219 centos4 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba CESA-2011:1219 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-August/017709.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881388\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:39:58 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2011-1678\", \"CVE-2011-2522\",\n \"CVE-2011-2694\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2011:1219\");\n script_name(\"CentOS Update for samba CESA-2011:1219 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"samba on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A cross-site scripting (XSS) flaw was found in the password change page of\n the Samba Web Administration Tool (SWAT). If a remote attacker could trick\n a user, who was logged into the SWAT interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's SWAT session. (CVE-2011-2694)\n\n It was found that SWAT web pages did not protect against Cross-Site\n Request Forgery (CSRF) attacks. If a remote attacker could trick a user,\n who was logged into the SWAT interface, into visiting a specially-crafted\n URL, the attacker could perform Samba configuration changes with the\n privileges of the logged in user. (CVE-2011-2522)\n\n A race condition flaw was found in the way the mount.cifs tool mounted CIFS\n (Common Internet File System) shares. If mount.cifs had the setuid bit set,\n a local attacker could conduct a symbolic link attack to trick mount.cifs\n into mounting a share over an arbitrary directory they were otherwise not\n allowed to mount to, possibly allowing them to escalate their privileges.\n (CVE-2010-0787)\n\n It was found that the mount.cifs tool did not properly handle share or\n directory names containing a newline character. If mount.cifs had the\n setuid bit set, a local attacker could corrupt the mtab (mounted file\n systems table) file via a specially-crafted CIFS share mount request.\n (CVE-2010-0547)\n\n It was found that the mount.cifs tool did not handle certain errors\n correctly when updating the mtab file. If mount.cifs had the setuid bit\n set, a local attacker could corrupt the mtab file by setting a small file\n size limit before running mount.cifs. (CVE-2011-1678)\n\n Note: mount.cifs from the samba packages distributed by Red Hat does not\n have the setuid bit set. We recommend that administrators do not manually\n set the setuid bit for mount.cifs.\n\n Red Hat would like to thank the Samba project for reporting CVE-2011-2694\n and CVE-2011-2522, the Debian Security Team for reporting CVE-2010-0787,\n and Dan Rosenberg for reporting CVE-2011-1678. Upstream acknowledges\n Nobuhiro Tsuji of NTT DATA Security Corporation as the original reporter of\n CVE-2011-2694, Yoshihiro Ishikawa of LAC Co., Ltd. as the original reporter\n of CVE-2011-2522, and the Debian Security Team acknowledges Ronald Volgers\n as the original reporter of CVE-2010-0787.\n\n Users of Samba are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the smb service will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.33~0.34.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "description": "Check for the Version of libsmbclient", "modified": "2018-01-01T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881285", "href": "http://plugins.openvas.org/nasl.php?oid=881285", "type": "openvas", "title": "CentOS Update for libsmbclient CESA-2011:1219 centos5 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmbclient CESA-2011:1219 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A cross-site scripting (XSS) flaw was found in the password change page of\n the Samba Web Administration Tool (SWAT). If a remote attacker could trick\n a user, who was logged into the SWAT interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's SWAT session. (CVE-2011-2694)\n \n It was found that SWAT web pages did not protect against Cross-Site\n Request Forgery (CSRF) attacks. If a remote attacker could trick a user,\n who was logged into the SWAT interface, into visiting a specially-crafted\n URL, the attacker could perform Samba configuration changes with the\n privileges of the logged in user. (CVE-2011-2522)\n \n A race condition flaw was found in the way the mount.cifs tool mounted CIFS\n (Common Internet File System) shares. If mount.cifs had the setuid bit set,\n a local attacker could conduct a symbolic link attack to trick mount.cifs\n into mounting a share over an arbitrary directory they were otherwise not\n allowed to mount to, possibly allowing them to escalate their privileges.\n (CVE-2010-0787)\n \n It was found that the mount.cifs tool did not properly handle share or\n directory names containing a newline character. If mount.cifs had the\n setuid bit set, a local attacker could corrupt the mtab (mounted file\n systems table) file via a specially-crafted CIFS share mount request.\n (CVE-2010-0547)\n \n It was found that the mount.cifs tool did not handle certain errors\n correctly when updating the mtab file. If mount.cifs had the setuid bit\n set, a local attacker could corrupt the mtab file by setting a small file\n size limit before running mount.cifs. (CVE-2011-1678)\n \n Note: mount.cifs from the samba packages distributed by Red Hat does not\n have the setuid bit set. We recommend that administrators do not manually\n set the setuid bit for mount.cifs.\n \n Red Hat would like to thank the Samba project for reporting CVE-2011-2694\n and CVE-2011-2522; the Debian Security Team for reporting CVE-2010-0787;\n and Dan Rosenberg for reporting CVE-2011-1678. Upstream acknowledges\n Nobuhiro Tsuji of NTT DATA Security Corporation as the original reporter of\n CVE-2011-2694; Yoshihiro Ishikawa of LAC Co., Ltd. as the original reporter\n of CVE-2011-2522; and the Debian Security Team acknowledges Ronald Volgers\n as the original reporter of CVE-2010-0787.\n \n Users of Samba are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the smb service will be restarted automatically.\";\n\ntag_affected = \"libsmbclient on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-September/017967.html\");\n script_id(881285);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:18:06 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2011-1678\", \"CVE-2011-2522\",\n \"CVE-2011-2694\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2011:1219\");\n script_name(\"CentOS Update for libsmbclient CESA-2011:1219 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libsmbclient\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.33~3.29.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2020-10-30T13:23:09", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2011-3585", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "description": "**CentOS Errata and Security Advisory** CESA-2011:1219\n\n\nSamba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA cross-site scripting (XSS) flaw was found in the password change page of\nthe Samba Web Administration Tool (SWAT). If a remote attacker could trick\na user, who was logged into the SWAT interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user's SWAT session. (CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a user,\nwho was logged into the SWAT interface, into visiting a specially-crafted\nURL, the attacker could perform Samba configuration changes with the\nprivileges of the logged in user. (CVE-2011-2522)\n\nA race condition flaw was found in the way the mount.cifs tool mounted CIFS\n(Common Internet File System) shares. If mount.cifs had the setuid bit set,\na local attacker could conduct a symbolic link attack to trick mount.cifs\ninto mounting a share over an arbitrary directory they were otherwise not\nallowed to mount to, possibly allowing them to escalate their privileges.\n(CVE-2010-0787)\n\nIt was found that the mount.cifs tool did not properly handle share or\ndirectory names containing a newline character. If mount.cifs had the\nsetuid bit set, a local attacker could corrupt the mtab (mounted file\nsystems table) file via a specially-crafted CIFS share mount request.\n(CVE-2010-0547)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid bit\nset, a local attacker could corrupt the mtab file by setting a small file\nsize limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba packages distributed by Red Hat does not\nhave the setuid bit set. We recommend that administrators do not manually\nset the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting CVE-2011-2694\nand CVE-2011-2522; the Debian Security Team for reporting CVE-2010-0787;\nand Dan Rosenberg for reporting CVE-2011-1678. Upstream acknowledges\nNobuhiro Tsuji of NTT DATA Security Corporation as the original reporter of\nCVE-2011-2694; Yoshihiro Ishikawa of LAC Co., Ltd. as the original reporter\nof CVE-2011-2522; and the Debian Security Team acknowledges Ronald Volgers\nas the original reporter of CVE-2010-0787.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the smb service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-August/029746.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-August/029747.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-September/030004.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-September/030005.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2011-September/006336.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2011-September/006337.html\n\n**Affected packages:**\nlibsmbclient\nlibsmbclient-devel\nsamba\nsamba-client\nsamba-common\nsamba-swat\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-1219.html", "edition": 13, "modified": "2011-09-22T10:01:07", "published": "2011-08-29T21:13:06", "href": "http://lists.centos.org/pipermail/centos-announce/2011-August/029746.html", "id": "CESA-2011:1219", "title": "libsmbclient, samba security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-30T13:20:26", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2011-2724", "CVE-2011-2522", "CVE-2011-2694"], "description": "**CentOS Errata and Security Advisory** CESA-2011:1220\n\n\nSamba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA cross-site scripting (XSS) flaw was found in the password change page of\nthe Samba Web Administration Tool (SWAT). If a remote attacker could trick\na user, who was logged into the SWAT interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user's SWAT session. (CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a user,\nwho was logged into the SWAT interface, into visiting a specially-crafted\nURL, the attacker could perform Samba configuration changes with the\nprivileges of the logged in user. (CVE-2011-2522)\n\nIt was found that the fix for CVE-2010-0547, provided by the Samba rebase\nin RHBA-2011:0054, was incomplete. The mount.cifs tool did not properly\nhandle share or directory names containing a newline character, allowing a\nlocal attacker to corrupt the mtab (mounted file systems table) file via a\nspecially-crafted CIFS (Common Internet File System) share mount request,\nif mount.cifs had the setuid bit set. (CVE-2011-2724)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid bit\nset, a local attacker could corrupt the mtab file by setting a small file\nsize limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba3x packages distributed by Red Hat does not\nhave the setuid bit set. We recommend that administrators do not manually\nset the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting CVE-2011-2694\nand CVE-2011-2522, and Dan Rosenberg for reporting CVE-2011-1678. Upstream\nacknowledges Nobuhiro Tsuji of NTT DATA Security Corporation as the\noriginal reporter of CVE-2011-2694, and Yoshihiro Ishikawa of LAC Co., Ltd.\nas the original reporter of CVE-2011-2522.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the smb service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-September/030008.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-September/030009.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2011-September/006340.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2011-September/006341.html\n\n**Affected packages:**\nsamba3x\nsamba3x-client\nsamba3x-common\nsamba3x-doc\nsamba3x-domainjoin-gui\nsamba3x-swat\nsamba3x-winbind\nsamba3x-winbind-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-1220.html", "edition": 9, "modified": "2011-09-22T10:01:11", "published": "2011-09-01T16:12:20", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2011-September/006340.html", "id": "CESA-2011:1220", "title": "samba3x security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-12-11T13:33:05", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2010-0787", "CVE-2011-1678", "CVE-2011-2522", "CVE-2011-2694", "CVE-2011-3585"], "description": "Samba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA cross-site scripting (XSS) flaw was found in the password change page of\nthe Samba Web Administration Tool (SWAT). If a remote attacker could trick\na user, who was logged into the SWAT interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user's SWAT session. (CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a user,\nwho was logged into the SWAT interface, into visiting a specially-crafted\nURL, the attacker could perform Samba configuration changes with the\nprivileges of the logged in user. (CVE-2011-2522)\n\nA race condition flaw was found in the way the mount.cifs tool mounted CIFS\n(Common Internet File System) shares. If mount.cifs had the setuid bit set,\na local attacker could conduct a symbolic link attack to trick mount.cifs\ninto mounting a share over an arbitrary directory they were otherwise not\nallowed to mount to, possibly allowing them to escalate their privileges.\n(CVE-2010-0787)\n\nIt was found that the mount.cifs tool did not properly handle share or\ndirectory names containing a newline character. If mount.cifs had the\nsetuid bit set, a local attacker could corrupt the mtab (mounted file\nsystems table) file via a specially-crafted CIFS share mount request.\n(CVE-2010-0547)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid bit\nset, a local attacker could corrupt the mtab file by setting a small file\nsize limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba packages distributed by Red Hat does not\nhave the setuid bit set. We recommend that administrators do not manually\nset the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting CVE-2011-2694\nand CVE-2011-2522; the Debian Security Team for reporting CVE-2010-0787;\nand Dan Rosenberg for reporting CVE-2011-1678. Upstream acknowledges\nNobuhiro Tsuji of NTT DATA Security Corporation as the original reporter of\nCVE-2011-2694; Yoshihiro Ishikawa of LAC Co., Ltd. as the original reporter\nof CVE-2011-2522; and the Debian Security Team acknowledges Ronald Volgers\nas the original reporter of CVE-2010-0787.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the smb service will be restarted automatically.\n", "modified": "2017-09-08T12:07:56", "published": "2011-08-29T04:00:00", "id": "RHSA-2011:1219", "href": "https://access.redhat.com/errata/RHSA-2011:1219", "type": "redhat", "title": "(RHSA-2011:1219) Moderate: samba security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:47:04", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2011-2522", "CVE-2011-2694", "CVE-2011-2724"], "description": "Samba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA cross-site scripting (XSS) flaw was found in the password change page of\nthe Samba Web Administration Tool (SWAT). If a remote attacker could trick\na user, who was logged into the SWAT interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user's SWAT session. (CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a user,\nwho was logged into the SWAT interface, into visiting a specially-crafted\nURL, the attacker could perform Samba configuration changes with the\nprivileges of the logged in user. (CVE-2011-2522)\n\nIt was found that the fix for CVE-2010-0547, provided by the Samba rebase\nin RHBA-2011:0054, was incomplete. The mount.cifs tool did not properly\nhandle share or directory names containing a newline character, allowing a\nlocal attacker to corrupt the mtab (mounted file systems table) file via a\nspecially-crafted CIFS (Common Internet File System) share mount request,\nif mount.cifs had the setuid bit set. (CVE-2011-2724)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid bit\nset, a local attacker could corrupt the mtab file by setting a small file\nsize limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the samba3x packages distributed by Red Hat does not\nhave the setuid bit set. We recommend that administrators do not manually\nset the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting CVE-2011-2694\nand CVE-2011-2522, and Dan Rosenberg for reporting CVE-2011-1678. Upstream\nacknowledges Nobuhiro Tsuji of NTT DATA Security Corporation as the\noriginal reporter of CVE-2011-2694, and Yoshihiro Ishikawa of LAC Co., Ltd.\nas the original reporter of CVE-2011-2522.\n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the smb service will be restarted automatically.\n", "modified": "2017-09-08T11:55:14", "published": "2011-08-29T04:00:00", "id": "RHSA-2011:1220", "href": "https://access.redhat.com/errata/RHSA-2011:1220", "type": "redhat", "title": "(RHSA-2011:1220) Moderate: samba3x security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-11T13:30:58", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2011-2522", "CVE-2011-2694", "CVE-2011-2724", "CVE-2011-3585"], "description": "Samba is a suite of programs used by machines to share files, printers, and\nother information. The cifs-utils package contains utilities for mounting\nand managing CIFS (Common Internet File System) shares.\n\nA cross-site scripting (XSS) flaw was found in the password change page of\nthe Samba Web Administration Tool (SWAT). If a remote attacker could trick\na user, who was logged into the SWAT interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user's SWAT session. (CVE-2011-2694)\n\nIt was found that SWAT web pages did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a user,\nwho was logged into the SWAT interface, into visiting a specially-crafted\nURL, the attacker could perform Samba configuration changes with the\nprivileges of the logged in user. (CVE-2011-2522)\n\nIt was found that the fix for CVE-2010-0547, provided in the cifs-utils\npackage included in the GA release of Red Hat Enterprise Linux 6, was\nincomplete. The mount.cifs tool did not properly handle share or directory\nnames containing a newline character, allowing a local attacker to corrupt\nthe mtab (mounted file systems table) file via a specially-crafted CIFS\nshare mount request, if mount.cifs had the setuid bit set. (CVE-2011-2724)\n\nIt was found that the mount.cifs tool did not handle certain errors\ncorrectly when updating the mtab file. If mount.cifs had the setuid bit\nset, a local attacker could corrupt the mtab file by setting a small file\nsize limit before running mount.cifs. (CVE-2011-1678)\n\nNote: mount.cifs from the cifs-utils package distributed by Red Hat does\nnot have the setuid bit set. We recommend that administrators do not\nmanually set the setuid bit for mount.cifs.\n\nRed Hat would like to thank the Samba project for reporting CVE-2011-2694\nand CVE-2011-2522, and Dan Rosenberg for reporting CVE-2011-1678. Upstream\nacknowledges Nobuhiro Tsuji of NTT DATA Security Corporation as the\noriginal reporter of CVE-2011-2694, and Yoshihiro Ishikawa of LAC Co., Ltd.\nas the original reporter of CVE-2011-2522.\n\nThis update also fixes the following bug:\n\n* If plain text passwords were used (\"encrypt passwords = no\" in\n\"/etc/samba/smb.conf\"), Samba clients running the Windows XP or Windows\nServer 2003 operating system may not have been able to access Samba shares\nafter installing the Microsoft Security Bulletin MS11-043. This update\ncorrects this issue, allowing such clients to use plain text passwords to\naccess Samba shares. (BZ#728517)\n\nUsers of samba and cifs-utils are advised to upgrade to these updated\npackages, which contain backported patches to resolve these issues. After\ninstalling this update, the smb service will be restarted automatically.\n", "modified": "2018-06-06T20:24:22", "published": "2011-08-29T04:00:00", "id": "RHSA-2011:1221", "href": "https://access.redhat.com/errata/RHSA-2011:1221", "type": "redhat", "title": "(RHSA-2011:1221) Moderate: samba and cifs-utils security and bug fix update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T18:11:57", "description": "BUGTRAQ ID: 38326\r\nCVE ID: CVE-2010-0547\r\n\r\nSamba\u662f\u4e00\u5957\u5b9e\u73b0SMB\uff08Server Messages Block\uff09\u534f\u8bae\u3001\u8de8\u5e73\u53f0\u8fdb\u884c\u6587\u4ef6\u5171\u4eab\u548c\u6253\u5370\u5171\u4eab\u670d\u52a1\u7684\u7a0b\u5e8f\u3002\r\n\r\nSamba\u7684mount.cifs\u5de5\u5177\u4e2d\u7684client/mount.cifs.c\u6587\u4ef6\u6ca1\u6709\u6b63\u786e\u5730\u9a8c\u8bc1\u7531\u6709\u6548\u5b57\u7b26\u7ec4\u6210\u7684\u8bbe\u5907\u540d\u548c\u52a0\u8f7d\u70b9\u5b57\u7b26\u4e32\uff0c\u8fd9\u5141\u8bb8\u672c\u5730\u7528\u6237\u901a\u8fc7\u7279\u5236\u7684\u5b57\u7b26\u4e32\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08mtab\u7834\u574f\uff09\u3002\n\nSamba 3.4.5\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nDebian\r\n------\r\nDebian\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08DSA-2004-1\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nDSA-2004-1\uff1aNew samba packages fix several vulnerabilities\r\n\u94fe\u63a5\uff1ahttp://www.debian.org/security/2010/dsa-2004\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1a\r\n\r\nSource archives:\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9.dsc\r\nSize/MD5 checksum: 2470 c350b5f777685fe69e0ae2f5dcf810ed\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9.diff.gz\r\nSize/MD5 checksum: 239988 82ad8ff6f28af236b321a7eb50d754c8\r\n\r\nArchitecture independent packages:\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-doc-pdf_3.2.5-4lenny9_all.deb\r\nSize/MD5 checksum: 6252746 f7df1cc363fbcd6ce2da61aaaea2e1c5\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-doc_3.2.5-4lenny9_all.deb\r\nSize/MD5 checksum: 7950496 68348d1ee83c74096ad02f05ed3b3699\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 1463176 dead0cf63a2ea7de8baf562e1867fe10\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 1333348 80f5022f6b36cab3f2d67bb0ef4b2800\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 638200 c3467c6d11c4b655cfe31e6a19ff0622\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 2574222 491cfc0ee9ce90d6c98347467002c7ef\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 3275458 c3b8ba294354a64c4b7e80ddcd7849cb\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 1941530 14d2c8ffd8544b448eff0d3790e46621\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 6950754 58cffb8cebcaf30c8d8e35916a65fffe\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 3736204 8a467068fa6ff8ef20a61f6277b7d583\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 81568 c70797d1ea795973e6d6639cfd0410fd\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 4834334 c4114837ae9245452a8e8752f7b5343a\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 5733410 59017cdc857eae1a64dcb707365ac78b\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_alpha.deb\r\nSize/MD5 checksum: 1080474 37190dfe1f9c11ba17aeda1377cc0304\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 1992470 93f2f6a501d8b0c354537d143c962794\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 4781510 b3432114b15d1134e9f88ef8fd5cef8b\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 7006958 656401f8a9bcebd2e0daf05d009d4adb\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 1083040 98380f9059424e4b8cbcb56435586467\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 628388 d5c4908130f2932c7e630bf0fb71868f\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 1358206 e92b4c3d4ee7a0cb1102808b0f479bcb\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 5648010 926ac5718d9c7f45491944b9ecddbf32\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 1955572 6ef5dc332042050c27ce9ab96dd43a0a\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 3276028 b1527124efde3b2e5551fa9680573207\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 1494266 185078508720dd3b5930c06465a0995d\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 80588 f2a8a84e3528b95c65782a3cb34f339b\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_amd64.deb\r\nSize/MD5 checksum: 3740744 f2c56fbf05935f8fdd0a7b1acce61585\r\n\r\narm architecture (ARM)\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 5041804 17ec9ce0b0e9476f8b98bf36063b5df0\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 4267870 a5e251c739ff83a838b03f0d6764c399\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 6177368 d2140c896a2cfa9e8fd7222709ee088e\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 79528 efce94f03c3257f89cf105a1e943ecba\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 3353546 0fa90fe9a676418b663ad8892b6afd77\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 2399034 9e2d664559b76868d0667bead3cad3ce\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 2892614 441f28084951ef0dea1d8ffa2d6137d2\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 561446 b8962709de12e2b7e483355019c46a09\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 1817364 62ced50f9c213a2e8c800bc5352c662f\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 972544 62f0a623dc4d9354319ffca2421ef16a\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 1204248 1163a18d6c97e4b46817209c8e2f74fc\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_arm.deb\r\nSize/MD5 checksum: 1316352 84bbb87072aa207ad4afe5dd88a9f500\r\n\r\narmel architecture (ARM EABI)\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 5071106 97a106d71674be953f17f339083da535\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 2910800 11d8ddb4557c0fb7372e6cc8343130b0\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 79132 4add29b5576fe4d30a759e3eba3a93d4\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 564374 6c5eb08f957c4158d0c31776185740bf\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 4294734 baa5c610c222fe7b484e461fa20be525\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 1210740 4f028be63b6e88caf6edfa67bbd6a2ff\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 1823786 1ef88ad11dbeb601cbb7218ef8446a33\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 2425120 2e6318bfeba97595191f67f1c5fa5e6f\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 1324336 428eaf85b5e5454034584401f6d2ce7b\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 982218 34bd6f03110c66b35a4236331b1499c5\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 6215120 a721a2bb9e62e291ab83ff26eedaf62d\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_armel.deb\r\nSize/MD5 checksum: 3372496 db8264837f10ef4764a520c0aebddfb2\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 3610420 a5916d3de88d013019156341f54a479b\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 81108 4240ebdef0a8b22f5d1c6a3379165764\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 1413152 3554ee16031015b27961935754a47716\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 2229384 2d97c8ed8b5caf3560c93fcb57ad83d7\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 5501292 93612983b1e8f04c3e24f72914db7f53\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 6687792 e7b9d3708978cb2f64dd3929a6fe0a94\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 1375854 f3ab7208ab858e11cd86f4612124d251\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 1046668 7b39cf96e77638ee2fb46aaa502a0def\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 3177818 00faf13a7fbbe1f998f573e068bbe6fa\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 632108 2703f1403b04dd5f1045fe31ea160edb\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 2067852 076a6a4d253c0504566f9a94e22c4be6\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_hppa.deb\r\nSize/MD5 checksum: 4653586 a1d4e4f3f67708b63c387099c6626733\r\n\r\ni386 architecture (Intel ia32)\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 1823542 682b1050f232ceadb18dc8979df57570\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 5068864 f009e30589af4295e040475ca6fd2146\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 984834 d17d8eb0c46950e7fb3e0ee10bd5d315\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 3409862 0a9992e1716da1f56276825f81490cec\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 2928130 4df6e3ce9043c99d8ba859a0ab19efd0\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 2082664 717349032021d55f05ab2cf5fa1f58f9\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 1350022 e4c70a2d2a9bf7a023da3d1cf24da8e5\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 79508 8538f6232741624ee538e5169a2626c1\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 561468 244bf102790619264bc6d4fce12bf4e8\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 6304788 ac7f194da34e6363cb8c65a3bb1583f6\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 1200166 f7ddc5b9a70093bd6163df687eb114a1\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_i386.deb\r\nSize/MD5 checksum: 4295358 0e3b758dea0f72490bec60dd35d9f160\r\n\r\nia64 architecture (Intel ia64)\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 84304 0f20e815665230738edda78a2d393275\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 4386736 44c2bab94b6882e62a4ee77d1cbc1f68\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 8295058 9f06b80b653b9da0340f4ca6a7c6d6a7\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 752380 d71e8976ba8d4d3d0b69b158cb37c530\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 6933780 2724767feaddc313b8391ec8db89ef2a\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 2401268 c0d04b98213ada6c226bae0796087d8f\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 5832528 bebeb7c54ede902f9ccf4cb9cd0fbc3f\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 1280376 c002483dae1dfb2c9e66574a1a54b580\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 1561426 514ee394b1674db405acac07fbe7161f\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 1724684 64f04b6f893d499b4004ddd299ffcc50\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 3915626 ff6374f67ed88d6dc22bc33452fa880b\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_ia64.deb\r\nSize/MD5 checksum: 1939766 e49b157099db2dbb7a1af1f3cdf09c21\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 1093902 1a9b8c81b21d950382de5dc9dac61ec6\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 2182482 2637f89bf9108adcdbcf2d99cb8e95df\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 4998930 48d1409f35e9d2fd0f6f5f0aaf56366a\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 572986 6aa1e6021995269549f78ed3bcafa08c\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 2809668 5e9c02e1832a889776b314bbed82a5a3\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 5841264 eb06b2674383addf8477d9ee2f067241\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 2507278 892aa8720573e572cc8ff42dd075e8c3\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 3239124 a4c88a224df61f0bbc54e87dea3e99f8\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 79594 ce272ecce69206c7bc22c888b359418d\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 1205806 8611ab7991f6e09121bbda33b092b1ad\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 4203548 a6dd8ec04f802507d8e51e9f78c26c6b\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_mips.deb\r\nSize/MD5 checksum: 942366 aabc925238e075f8f3744c7c44b40e4f\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 1082016 f351b94f4de134809f854d2a2941652e\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 2793406 c8db0453dd55318071d4bcf1252ae633\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 79514 269977ec2d6a1a9551c0021fab1871e9\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 5801436 634198ec023c9fb2afba8533d168ec40\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 937206 a129e3579dca0f2e0b4fa66bfc9df693\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 2128634 a3b8e9b7d616884e918ee615a9bb2443\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 2390238 3cd9bf05564f27964232cfb1d35c0944\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 3219528 f845d56e3b9334401e192fe79f45da9d\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 1196926 d50e00881b8650b92caf40089b5f6552\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 4967686 5cdcd7cfec791f472e4f761a1264098a\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 4178230 4558a771c63c83f92f7276e69fa00dd9\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_mipsel.deb\r\nSize/MD5 checksum: 569600 61fbc8a1b21c45e080f7c7253a2bcbd4\r\n\r\npowerpc architecture (PowerPC)\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 2078396 375b7b8719ce7d27a65f4063550068f0\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 989754 3843d901f44ff4c982b82292c3cf2b4a\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 2988350 72e1abd2481e5fca5f13ab926e6439c1\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 1335802 3a0ce75ec8dd000ed1a8a56047b41344\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 1240416 3e2a10e14a13872718d64e270d2ed36b\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 1714648 0abc5aebba55ff318bda4cc33fbd6531\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 5190642 b32cdb5163b7c49923e14e33f993f93d\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 596034 22ae2b5fa172445e065a820284bae32b\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 80996 60821ef9894750d967c8b8dfa152771e\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 4406486 e74c12d39018c5eb918049a9f43f2bd1\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 6296704 11789a7c80ac1f76f93b66cbc0e25024\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_powerpc.deb\r\nSize/MD5 checksum: 3436812 7f637893c3237c1609f8130c740ab444\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 4321558 45bd9c058b347210a8d073d01dea0d80\r\nhttp://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 978766 a1bbfed8506f7959b8d38dc34d52c4a9\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 6175646 ccbbef75be06864fa4e6e26a13f6de2e\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 1202346 565f1b01fc3724198f6ecd52709c6a51\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 2026382 1da15e63b5f850ac91b266b2917fa865\r\nhttp://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 1304294 8d2dc296f6a1bf3280b26c8bd56f1f05\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 5115064 d32a60f69d2d8b11c127caf52218c996\r\nhttp://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 581974 1224d3e0c417803ac6bb3bef706a1330\r\nhttp://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 1995210 841952b9e09835556cc9f23e491a8066\r\nhttp://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 2927968 8b5c038a2395f41e2a835182a3d6c98e\r\nhttp://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 3380236 45a49dd8180d36e3f2d9b0313344b42b\r\nhttp://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_sparc.deb\r\nSize/MD5 checksum: 79216 4cfbfc843b4fb44adbde9cdb88637404\r\n\r\n\u8865\u4e01\u5b89\u88c5\u65b9\u6cd5\uff1a\r\n\r\n1. \u624b\u5de5\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u4e0b\u8f7d\u8865\u4e01\u8f6f\u4ef6\uff1a\r\n # wget url (url\u662f\u8865\u4e01\u4e0b\u8f7d\u94fe\u63a5\u5730\u5740)\r\n\r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u5b89\u88c5\u8865\u4e01\uff1a \r\n # dpkg -i file.deb (file\u662f\u76f8\u5e94\u7684\u8865\u4e01\u540d)\r\n\r\n2. \u4f7f\u7528apt-get\u81ea\u52a8\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u66f4\u65b0\u5185\u90e8\u6570\u636e\u5e93\uff1a\r\n # apt-get update\r\n \r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u5b89\u88c5\u66f4\u65b0\u8f6f\u4ef6\u5305\uff1a\r\n # apt-get upgrade\r\n\r\nSamba\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://git.samba.org/?p=samba.git;a=commit;h=a065c177dfc8f968775593ba00dffafeebb2e054", "published": "2010-05-06T00:00:00", "type": "seebug", "title": "Samba 3.4.5 client/mount.cifs.c\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2010-0547"], "modified": "2010-05-06T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19564", "id": "SSV:19564", "sourceData": "", "sourceHref": "", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:26", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2011-2724", "CVE-2011-3585", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694"], "description": "[3.0.33-3.29.el5.4]\n- Security Release, Add fix also for CVE-2011-2724\n- related: #722552\n[3.0.33-3.29.el5.3]\n- Security Release, fixes CVE-2010-0547, CVE-2010-0787, CVE-2011-2694,\n CVE-2011-2522, CVE-2011-1678\n- resolves: #722552", "edition": 4, "modified": "2011-08-29T00:00:00", "published": "2011-08-29T00:00:00", "id": "ELSA-2011-1219", "href": "http://linux.oracle.com/errata/ELSA-2011-1219.html", "title": "samba security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:23", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2011-1678", "CVE-2011-0719", "CVE-2010-0926", "CVE-2011-2724", "CVE-2010-0787", "CVE-2011-2522", "CVE-2011-2694", "CVE-2010-3069"], "description": "[3.0.33-3.37.el5]\n- Regenerate manpage for 'wide links' and 'unix extensions' sections\n- related: #722553\n[3.0.33-3.36.el5]\n- Security Release, fixes CVE-2010-0926\n- resolves: #722553\n[3.0.33-3.35.el5]\n- Fix smbclient return code\n- resolves: #768908\n[3.0.33-3.34.el5]\n- Fix support for Windows 2008 R2 domains\n- resolves: #736124\n[3.0.33-3.33.el5]\n- Security Release, fixes CVE-2010-0547, CVE-2010-0787, CVE-2011-2694,\n CVE-2011-2522, CVE-2011-1678, CVE-2011-2724\n- resolves: #722553\n[3.0.33-3.32.el5]\n- Security Release, fixes CVE-2011-0719\n- resolves: #678331\n[3.0.33-3.30.el5]\n- Security Release, fixes CVE-2010-3069\n- resolves: #632230", "edition": 4, "modified": "2012-03-01T00:00:00", "published": "2012-03-01T00:00:00", "id": "ELSA-2012-0313", "href": "http://linux.oracle.com/errata/ELSA-2012-0313.html", "title": "samba security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:15:52", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2009-3297"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2004-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 28, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : samba\nVulnerability : several\nProblem type : local\nDebian-specific: no\nCVE Id(s) : CVE-2009-3297 CVE-2010-0547\n\nTwo local vulnerabilities have been discovered in samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and \nExposures project identifies the following problems:\n\nCVE-2009-3297\n\n Ronald Volgers discovered that a race condition in mount.cifs\n allows local users to mount remote filesystems over arbitrary\n mount points.\n\nCVE-2010-0547\n\n Jeff Layton discovered that missing input sanitising in mount.cifs\n allows denial of service by corrupting /etc/mtab.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2:3.2.5-4lenny9.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:3.4.5~dfsg-2.\n\nWe recommend that you upgrade your samba packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9.dsc\n Size/MD5 checksum: 2470 c350b5f777685fe69e0ae2f5dcf810ed\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9.diff.gz\n Size/MD5 checksum: 239988 82ad8ff6f28af236b321a7eb50d754c8\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/s/samba/samba-doc-pdf_3.2.5-4lenny9_all.deb\n Size/MD5 checksum: 6252746 f7df1cc363fbcd6ce2da61aaaea2e1c5\n http://security.debian.org/pool/updates/main/s/samba/samba-doc_3.2.5-4lenny9_all.deb\n Size/MD5 checksum: 7950496 68348d1ee83c74096ad02f05ed3b3699\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 1463176 dead0cf63a2ea7de8baf562e1867fe10\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 1333348 80f5022f6b36cab3f2d67bb0ef4b2800\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 638200 c3467c6d11c4b655cfe31e6a19ff0622\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 2574222 491cfc0ee9ce90d6c98347467002c7ef\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 3275458 c3b8ba294354a64c4b7e80ddcd7849cb\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 1941530 14d2c8ffd8544b448eff0d3790e46621\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 6950754 58cffb8cebcaf30c8d8e35916a65fffe\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 3736204 8a467068fa6ff8ef20a61f6277b7d583\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 81568 c70797d1ea795973e6d6639cfd0410fd\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 4834334 c4114837ae9245452a8e8752f7b5343a\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 5733410 59017cdc857eae1a64dcb707365ac78b\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_alpha.deb\n Size/MD5 checksum: 1080474 37190dfe1f9c11ba17aeda1377cc0304\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 1992470 93f2f6a501d8b0c354537d143c962794\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 4781510 b3432114b15d1134e9f88ef8fd5cef8b\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 7006958 656401f8a9bcebd2e0daf05d009d4adb\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 1083040 98380f9059424e4b8cbcb56435586467\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 628388 d5c4908130f2932c7e630bf0fb71868f\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 1358206 e92b4c3d4ee7a0cb1102808b0f479bcb\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 5648010 926ac5718d9c7f45491944b9ecddbf32\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 1955572 6ef5dc332042050c27ce9ab96dd43a0a\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 3276028 b1527124efde3b2e5551fa9680573207\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 1494266 185078508720dd3b5930c06465a0995d\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 80588 f2a8a84e3528b95c65782a3cb34f339b\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_amd64.deb\n Size/MD5 checksum: 3740744 f2c56fbf05935f8fdd0a7b1acce61585\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 5041804 17ec9ce0b0e9476f8b98bf36063b5df0\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 4267870 a5e251c739ff83a838b03f0d6764c399\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 6177368 d2140c896a2cfa9e8fd7222709ee088e\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 79528 efce94f03c3257f89cf105a1e943ecba\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 3353546 0fa90fe9a676418b663ad8892b6afd77\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 2399034 9e2d664559b76868d0667bead3cad3ce\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 2892614 441f28084951ef0dea1d8ffa2d6137d2\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 561446 b8962709de12e2b7e483355019c46a09\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 1817364 62ced50f9c213a2e8c800bc5352c662f\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 972544 62f0a623dc4d9354319ffca2421ef16a\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 1204248 1163a18d6c97e4b46817209c8e2f74fc\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_arm.deb\n Size/MD5 checksum: 1316352 84bbb87072aa207ad4afe5dd88a9f500\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 5071106 97a106d71674be953f17f339083da535\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 2910800 11d8ddb4557c0fb7372e6cc8343130b0\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 79132 4add29b5576fe4d30a759e3eba3a93d4\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 564374 6c5eb08f957c4158d0c31776185740bf\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 4294734 baa5c610c222fe7b484e461fa20be525\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 1210740 4f028be63b6e88caf6edfa67bbd6a2ff\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 1823786 1ef88ad11dbeb601cbb7218ef8446a33\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 2425120 2e6318bfeba97595191f67f1c5fa5e6f\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 1324336 428eaf85b5e5454034584401f6d2ce7b\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 982218 34bd6f03110c66b35a4236331b1499c5\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 6215120 a721a2bb9e62e291ab83ff26eedaf62d\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_armel.deb\n Size/MD5 checksum: 3372496 db8264837f10ef4764a520c0aebddfb2\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 3610420 a5916d3de88d013019156341f54a479b\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 81108 4240ebdef0a8b22f5d1c6a3379165764\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 1413152 3554ee16031015b27961935754a47716\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 2229384 2d97c8ed8b5caf3560c93fcb57ad83d7\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 5501292 93612983b1e8f04c3e24f72914db7f53\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 6687792 e7b9d3708978cb2f64dd3929a6fe0a94\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 1375854 f3ab7208ab858e11cd86f4612124d251\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 1046668 7b39cf96e77638ee2fb46aaa502a0def\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 3177818 00faf13a7fbbe1f998f573e068bbe6fa\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 632108 2703f1403b04dd5f1045fe31ea160edb\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 2067852 076a6a4d253c0504566f9a94e22c4be6\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_hppa.deb\n Size/MD5 checksum: 4653586 a1d4e4f3f67708b63c387099c6626733\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 1823542 682b1050f232ceadb18dc8979df57570\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 5068864 f009e30589af4295e040475ca6fd2146\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 984834 d17d8eb0c46950e7fb3e0ee10bd5d315\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 3409862 0a9992e1716da1f56276825f81490cec\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 2928130 4df6e3ce9043c99d8ba859a0ab19efd0\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 2082664 717349032021d55f05ab2cf5fa1f58f9\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 1350022 e4c70a2d2a9bf7a023da3d1cf24da8e5\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 79508 8538f6232741624ee538e5169a2626c1\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 561468 244bf102790619264bc6d4fce12bf4e8\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 6304788 ac7f194da34e6363cb8c65a3bb1583f6\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 1200166 f7ddc5b9a70093bd6163df687eb114a1\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_i386.deb\n Size/MD5 checksum: 4295358 0e3b758dea0f72490bec60dd35d9f160\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 84304 0f20e815665230738edda78a2d393275\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 4386736 44c2bab94b6882e62a4ee77d1cbc1f68\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 8295058 9f06b80b653b9da0340f4ca6a7c6d6a7\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 752380 d71e8976ba8d4d3d0b69b158cb37c530\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 6933780 2724767feaddc313b8391ec8db89ef2a\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 2401268 c0d04b98213ada6c226bae0796087d8f\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 5832528 bebeb7c54ede902f9ccf4cb9cd0fbc3f\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 1280376 c002483dae1dfb2c9e66574a1a54b580\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 1561426 514ee394b1674db405acac07fbe7161f\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 1724684 64f04b6f893d499b4004ddd299ffcc50\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 3915626 ff6374f67ed88d6dc22bc33452fa880b\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_ia64.deb\n Size/MD5 checksum: 1939766 e49b157099db2dbb7a1af1f3cdf09c21\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 1093902 1a9b8c81b21d950382de5dc9dac61ec6\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 2182482 2637f89bf9108adcdbcf2d99cb8e95df\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 4998930 48d1409f35e9d2fd0f6f5f0aaf56366a\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 572986 6aa1e6021995269549f78ed3bcafa08c\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 2809668 5e9c02e1832a889776b314bbed82a5a3\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 5841264 eb06b2674383addf8477d9ee2f067241\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 2507278 892aa8720573e572cc8ff42dd075e8c3\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 3239124 a4c88a224df61f0bbc54e87dea3e99f8\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 79594 ce272ecce69206c7bc22c888b359418d\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 1205806 8611ab7991f6e09121bbda33b092b1ad\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 4203548 a6dd8ec04f802507d8e51e9f78c26c6b\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_mips.deb\n Size/MD5 checksum: 942366 aabc925238e075f8f3744c7c44b40e4f\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 1082016 f351b94f4de134809f854d2a2941652e\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 2793406 c8db0453dd55318071d4bcf1252ae633\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 79514 269977ec2d6a1a9551c0021fab1871e9\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 5801436 634198ec023c9fb2afba8533d168ec40\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 937206 a129e3579dca0f2e0b4fa66bfc9df693\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 2128634 a3b8e9b7d616884e918ee615a9bb2443\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 2390238 3cd9bf05564f27964232cfb1d35c0944\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 3219528 f845d56e3b9334401e192fe79f45da9d\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 1196926 d50e00881b8650b92caf40089b5f6552\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 4967686 5cdcd7cfec791f472e4f761a1264098a\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 4178230 4558a771c63c83f92f7276e69fa00dd9\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_mipsel.deb\n Size/MD5 checksum: 569600 61fbc8a1b21c45e080f7c7253a2bcbd4\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 2078396 375b7b8719ce7d27a65f4063550068f0\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 989754 3843d901f44ff4c982b82292c3cf2b4a\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 2988350 72e1abd2481e5fca5f13ab926e6439c1\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 1335802 3a0ce75ec8dd000ed1a8a56047b41344\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 1240416 3e2a10e14a13872718d64e270d2ed36b\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 1714648 0abc5aebba55ff318bda4cc33fbd6531\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 5190642 b32cdb5163b7c49923e14e33f993f93d\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 596034 22ae2b5fa172445e065a820284bae32b\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 80996 60821ef9894750d967c8b8dfa152771e\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 4406486 e74c12d39018c5eb918049a9f43f2bd1\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 6296704 11789a7c80ac1f76f93b66cbc0e25024\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_powerpc.deb\n Size/MD5 checksum: 3436812 7f637893c3237c1609f8130c740ab444\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 4321558 45bd9c058b347210a8d073d01dea0d80\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 978766 a1bbfed8506f7959b8d38dc34d52c4a9\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 6175646 ccbbef75be06864fa4e6e26a13f6de2e\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 1202346 565f1b01fc3724198f6ecd52709c6a51\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 2026382 1da15e63b5f850ac91b266b2917fa865\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 1304294 8d2dc296f6a1bf3280b26c8bd56f1f05\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 5115064 d32a60f69d2d8b11c127caf52218c996\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 581974 1224d3e0c417803ac6bb3bef706a1330\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 1995210 841952b9e09835556cc9f23e491a8066\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 2927968 8b5c038a2395f41e2a835182a3d6c98e\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 3380236 45a49dd8180d36e3f2d9b0313344b42b\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny9_sparc.deb\n Size/MD5 checksum: 79216 4cfbfc843b4fb44adbde9cdb88637404\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2010-02-28T21:55:23", "published": "2010-02-28T21:55:23", "id": "DEBIAN:DSA-2004-1:84FE5", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00044.html", "title": "[SECURITY] [DSA 2004-1] New samba packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2011-2724"], "description": "The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. This package contains tools for mounting shares on Linux using the SMB/CIFS protocol. The tools in this package work in conjunction with support in the kernel to allow one to mount a SMB/CIFS share onto a client and use it as if it were a standard Linux file system. ", "modified": "2011-08-09T01:35:06", "published": "2011-08-09T01:35:06", "id": "FEDORA:46D55110B99", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: cifs-utils-5.0-2.fc15", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2011-2724"], "description": "The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. This package contains tools for mounting shares on Linux using the SMB/CIFS protocol. The tools in this package work in conjunction with support in the kernel to allow one to mount a SMB/CIFS share onto a client and use it as if it were a standard Linux file system. ", "modified": "2011-08-09T01:29:26", "published": "2011-08-09T01:29:26", "id": "FEDORA:6616D110E05", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: cifs-utils-4.8.1-7.fc14", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2011-2724"], "description": "The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. This package contains tools for mounting shares on Linux using the SMB/CIFS protocol. The tools in this package work in conjunction with support in the kernel to allow one to mount a SMB/CIFS share onto a client and use it as if it were a standard Linux file system. ", "modified": "2011-08-22T15:29:48", "published": "2011-08-22T15:29:48", "id": "FEDORA:78E2C2851D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: cifs-utils-5.0-2.fc16", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T11:43:03", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0787", "CVE-2010-2063"], "description": "The Samba server was updated to fix security issues and bugs.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2010-07-01T11:11:15", "published": "2010-07-01T11:11:15", "id": "SUSE-SA:2010:025", "href": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00000.html", "title": "potential remote code execution in samba", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:46:53", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0719", "CVE-2010-1642", "CVE-2010-0787", "CVE-2010-2063", "CVE-2012-0870", "CVE-2011-2694", "CVE-2010-3069"], "description": "This Samba file server update fixes various security issues:\n\n * CVE-2012-0870: A heap-based buffer overflow that\n could be exploited by remote, unauthenticated attackers to\n crash the smbd daemon or potentially execute arbitrary code\n via specially crafted SMB AndX request packets.\n * CVE-2011-2694: A cross site scripting problem in SWAT\n was fixed.\n * CVE-2011-0719: Fixed a possible denial of service\n caused by memory corruption.\n * CVE-2010-3069: Fix buffer overflow in sid_parse() to\n correctly check the input lengths when reading a binary\n representation of a Windows Security ID (SID).\n * CVE-2010-2063: Addressed possible buffer overrun in\n chain_reply code of pre-3.4 versions.\n * CVE-2010-1642: An uninitialized variable read could\n have caused an smbd crash.\n * CVE-2010-0787: Take extra care that a mount point of\n mount.cifs isn't changed during mount;\n\n Also the following bugs have been fixed:\n\n * Add Provides samba-client-gplv2 and samba-doc-gplv2\n to pre-3.2 versions; (bnc#652620).\n * Initialize workgroup of nmblookup as empty string.\n * Fix trusts with Windows 2008R2 DCs; (bnc#613459);\n (bnc#599873); (bnc#592198); (bso#6697).\n * Document "wide links" defaults to "no" in the\n smb.conf man page for versions pre-3.4.6; (bnc#577868).\n * Allow forced pw change even with min pw age;\n (bnc#561894).\n", "edition": 1, "modified": "2012-03-09T17:08:16", "published": "2012-03-09T17:08:16", "id": "SUSE-SU-2012:0348-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00010.html", "title": "Security update for Samba (critical)", "type": "suse", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-09T00:22:38", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0787", "CVE-2009-3297"], "description": "Ronald Volgers discovered that the mount.cifs utility, when installed as a \nsetuid program, suffered from a race condition when verifying user \npermissions. A local attacker could trick samba into mounting over \narbitrary locations, leading to a root privilege escalation.", "edition": 5, "modified": "2010-01-28T00:00:00", "published": "2010-01-28T00:00:00", "id": "USN-893-1", "href": "https://ubuntu.com/security/notices/USN-893-1", "title": "Samba vulnerability", "type": "ubuntu", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}], "vmware": [{"lastseen": "2019-11-06T16:05:40", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0547", "CVE-2010-3493", "CVE-2011-1746", "CVE-2011-1678", "CVE-2011-0695", "CVE-2011-1521", "CVE-2011-1078", "CVE-2011-1494", "CVE-2011-2491", "CVE-2010-4649", "CVE-2010-2059", "CVE-2011-1776", "CVE-2011-2517", "CVE-2011-1576", "CVE-2011-1573", "CVE-2011-2492", "CVE-2011-1780", "CVE-2011-2495", "CVE-2011-1166", "CVE-2011-0711", "CVE-2011-2901", "CVE-2011-2022", "CVE-2011-1079", "CVE-2011-1044", "CVE-2011-1495", "CVE-2010-0787", "CVE-2011-1163", "CVE-2011-2519", "CVE-2010-2089", "CVE-2011-1093", "CVE-2011-1593", "CVE-2011-2522", "CVE-2011-1170", "CVE-2011-1936", "CVE-2011-2482", "CVE-2011-1172", "CVE-2011-1171", "CVE-2011-2213", "CVE-2011-1015", "CVE-2011-2689", "CVE-2009-3720", "CVE-2011-3378", "CVE-2010-1634", "CVE-2009-3560", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1763", "CVE-2011-2525", "CVE-2011-1080", "CVE-2011-2694", "CVE-2011-1577", "CVE-2011-2192"], "description": "a. ESX third party update for Service Console kernel \nThe ESX Service Console Operating System (COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix multiple security issues in the COS kernel. \nThe Common Vulnerabilities and Exposures project ( [cve.mitre.org](<http://www.cve.mitre.org/>)) has assigned the names CVE-2011-0726, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494, CVE-2011-1495, CVE-2011-1577, CVE-2011-1763, CVE-2010-4649, CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182, CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745, CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022, CVE-2011-2213, CVE-2011-2492, CVE-2011-1780, CVE-2011-2525, CVE-2011-2689, CVE-2011-2482, CVE-2011-2491, CVE-2011-2495, CVE-2011-2517, CVE-2011-2519, CVE-2011-2901 to these issues. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "edition": 4, "modified": "2012-03-29T00:00:00", "published": "2012-01-30T00:00:00", "id": "VMSA-2012-0001", "href": "https://www.vmware.com/security/advisories/VMSA-2012-0001.html", "title": "VMware ESXi and ESX updates to third party library and ESX Service Console", "type": "vmware", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
