Lucene search
Copyright (C) 2016 Greenbone Networks GmbHOPENVAS:1361412562310851279HistoryApr 18, 2016 - 12:00 a.m.
openSUSE: Security Advisory for samba (openSUSE-SU-2016:1064-1)
2016-04-1800:00:00
Copyright (C) 2016 Greenbone Networks GmbH
plugins.openvas.org
12
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.4 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
The remote host is missing an update for the
# Copyright (C) 2016 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.851279");
script_version("2023-11-03T05:05:46+0000");
script_tag(name:"last_modification", value:"2023-11-03 05:05:46 +0000 (Fri, 03 Nov 2023)");
script_tag(name:"creation_date", value:"2016-04-18 05:21:37 +0200 (Mon, 18 Apr 2016)");
script_cve_id("CVE-2014-8143", "CVE-2015-0240", "CVE-2015-3223", "CVE-2015-5252",
"CVE-2015-5296", "CVE-2015-5299", "CVE-2015-5330", "CVE-2015-5370",
"CVE-2015-7560", "CVE-2015-8467", "CVE-2016-2110", "CVE-2016-2111",
"CVE-2016-2112", "CVE-2016-2113", "CVE-2016-2115", "CVE-2016-2118");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2019-09-27 17:17:00 +0000 (Fri, 27 Sep 2019)");
script_tag(name:"qod_type", value:"package");
script_name("openSUSE: Security Advisory for samba (openSUSE-SU-2016:1064-1)");
script_tag(name:"summary", value:"The remote host is missing an update for the 'samba'
package(s) announced via the referenced advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"samba was updated to version 4.2.4 to fix 14 security issues.
These security issues were fixed:
- CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM
attacks (bsc#936862).
- CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP
authentication (bsc#973031).
- CVE-2016-2111: Domain controller netlogon member computer could have
been spoofed (bsc#973032).
- CVE-2016-2112: LDAP connenctions were vulnerable to downgrade and MITM
attack (bsc#973033).
- CVE-2016-2113: TLS certificate validation were missing (bsc#973034).
- CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks
(bsc#973036).
- CVE-2016-2118:'Badlock' DCERPC impersonation of authenticated account
were possible (bsc#971965).
- CVE-2015-3223: Malicious request can cause Samba LDAP server to hang,
spinning using CPU (boo#958581).
- CVE-2015-5330: Remote read memory exploit in LDB (boo#958586).
- CVE-2015-5252: Insufficient symlink verification (file access outside
the share)(boo#958582).
- CVE-2015-5296: No man in the middle protection when forcing smb
encryption on the client side (boo#958584).
- CVE-2015-5299: Currently the snapshot browsing is not secure through
windows previous version (shadow_copy2) (boo#958583).
- CVE-2015-8467: Fix Microsoft MS15-096 to prevent machine accounts from
being changed into user accounts (boo#958585).
- CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change
permissions on link target (boo#968222).
These non-security issues were fixed:
- Fix samba.tests.messaging test and prevent potential tdb corruption by
removing obsolete now invalid tdb_close call (boo#974629).
- Align fsrvp feature sources with upstream version.
- Obsolete libsmbsharemodes0 from samba-libs and libsmbsharemodes-devel
from samba-core-devel (boo#973832).
- s3:utils/smbget: Fix recursive download (bso#6482).
- s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystem
with no ACL support (bso#10489).
- docs: Add example for domain logins to smbspool man page (bso#11643).
- s3-client: Add a KRB5 wrapper for smbspool (bso#11690).
- loadparm: Fix memory leak issue (bso#11708).
- lib/tsocket: Work around sockets not supporting FIONREAD (bso#11714).
- ctdb-scripts: Drop use of 'smbcontrol winbindd ip-dropped ...'
(bso#11719).
- s3:smbd:open: Skip redundant call to file_set_dosmode when creating a
new file (bso#11727).
- param: Fix str_list_v3 to accept ' ' again (bso#11732).
- Real memory leak(buildup) issue in loadparm (bso#11740).
- Obsolete libsmbclient from libsmbcl ...
Description truncated, please see the referenced URL(s) for more information.");
script_tag(name:"affected", value:"samba on openSUSE 13.2");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_xref(name:"openSUSE-SU", value:"2016:1064-1");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2016 Greenbone Networks GmbH");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms", re:"ssh/login/release=openSUSE13\.2");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "openSUSE13.2")
{
if(!isnull(res = isrpmvuln(pkg:"ctdb", rpm:"ctdb~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ctdb-debuginfo", rpm:"ctdb-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ctdb-devel", rpm:"ctdb-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ctdb-pcp-pmda", rpm:"ctdb-pcp-pmda~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ctdb-pcp-pmda-debuginfo", rpm:"ctdb-pcp-pmda-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ctdb-tests", rpm:"ctdb-tests~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ctdb-tests-debuginfo", rpm:"ctdb-tests-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-atsvc-devel", rpm:"libdcerpc-atsvc-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-atsvc0", rpm:"libdcerpc-atsvc0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-atsvc0-debuginfo", rpm:"libdcerpc-atsvc0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0", rpm:"libdcerpc-binding0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0-debuginfo", rpm:"libdcerpc-binding0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-devel", rpm:"libdcerpc-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-samr-devel", rpm:"libdcerpc-samr-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-samr0", rpm:"libdcerpc-samr0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-samr0-debuginfo", rpm:"libdcerpc-samr0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0", rpm:"libdcerpc0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0-debuginfo", rpm:"libdcerpc0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libgensec-devel", rpm:"libgensec-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libgensec0", rpm:"libgensec0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libgensec0-debuginfo", rpm:"libgensec0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-devel", rpm:"libndr-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac-devel", rpm:"libndr-krb5pac-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0", rpm:"libndr-krb5pac0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0-debuginfo", rpm:"libndr-krb5pac0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt-devel", rpm:"libndr-nbt-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0", rpm:"libndr-nbt0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0-debuginfo", rpm:"libndr-nbt0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard-devel", rpm:"libndr-standard-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0", rpm:"libndr-standard0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0-debuginfo", rpm:"libndr-standard0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0", rpm:"libndr0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0-debuginfo", rpm:"libndr0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi-devel", rpm:"libnetapi-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0", rpm:"libnetapi0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0-debuginfo", rpm:"libnetapi0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libregistry-devel", rpm:"libregistry-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libregistry0", rpm:"libregistry0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libregistry0-debuginfo", rpm:"libregistry0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials-devel", rpm:"libsamba-credentials-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0", rpm:"libsamba-credentials0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0-debuginfo", rpm:"libsamba-credentials0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig-devel", rpm:"libsamba-hostconfig-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0", rpm:"libsamba-hostconfig0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0-debuginfo", rpm:"libsamba-hostconfig0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb-devel", rpm:"libsamba-passdb-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0", rpm:"libsamba-passdb0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0-debuginfo", rpm:"libsamba-passdb0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-policy-devel", rpm:"libsamba-policy-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0", rpm:"libsamba-policy0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-debuginfo", rpm:"libsamba-policy0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util-devel", rpm:"libsamba-util-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0", rpm:"libsamba-util0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0-debuginfo", rpm:"libsamba-util0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb-devel", rpm:"libsamdb-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0", rpm:"libsamdb0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0-debuginfo", rpm:"libsamdb0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient-devel", rpm:"libsmbclient-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient-raw-devel", rpm:"libsmbclient-raw-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient-raw0", rpm:"libsmbclient-raw0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient-raw0-debuginfo", rpm:"libsmbclient-raw0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0", rpm:"libsmbclient0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0-debuginfo", rpm:"libsmbclient0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf-devel", rpm:"libsmbconf-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0", rpm:"libsmbconf0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0-debuginfo", rpm:"libsmbconf0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap-devel", rpm:"libsmbldap-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap0", rpm:"libsmbldap0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap0-debuginfo", rpm:"libsmbldap0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util-devel", rpm:"libtevent-util-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0", rpm:"libtevent-util0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0-debuginfo", rpm:"libtevent-util0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient-devel", rpm:"libwbclient-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0", rpm:"libwbclient0~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0-debuginfo", rpm:"libwbclient0-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba", rpm:"samba~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client", rpm:"samba-client~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-debuginfo", rpm:"samba-client-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-core-devel", rpm:"samba-core-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-debuginfo", rpm:"samba-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-debugsource", rpm:"samba-debugsource~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs", rpm:"samba-libs~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-debuginfo", rpm:"samba-libs-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-pidl", rpm:"samba-pidl~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-python", rpm:"samba-python~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-python-debuginfo", rpm:"samba-python-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-test", rpm:"samba-test~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-test-debuginfo", rpm:"samba-test-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-test-devel", rpm:"samba-test-devel~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind", rpm:"samba-winbind~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-debuginfo", rpm:"samba-winbind-debuginfo~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-atsvc0-32bit", rpm:"libdcerpc-atsvc0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-atsvc0-debuginfo-32bit", rpm:"libdcerpc-atsvc0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0-32bit", rpm:"libdcerpc-binding0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-binding0-debuginfo-32bit", rpm:"libdcerpc-binding0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-samr0-32bit", rpm:"libdcerpc-samr0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc-samr0-debuginfo-32bit", rpm:"libdcerpc-samr0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0-32bit", rpm:"libdcerpc0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libdcerpc0-debuginfo-32bit", rpm:"libdcerpc0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libgensec0-32bit", rpm:"libgensec0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libgensec0-debuginfo-32bit", rpm:"libgensec0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0-32bit", rpm:"libndr-krb5pac0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-krb5pac0-debuginfo-32bit", rpm:"libndr-krb5pac0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0-32bit", rpm:"libndr-nbt0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-nbt0-debuginfo-32bit", rpm:"libndr-nbt0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0-32bit", rpm:"libndr-standard0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr-standard0-debuginfo-32bit", rpm:"libndr-standard0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0-32bit", rpm:"libndr0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libndr0-debuginfo-32bit", rpm:"libndr0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0-32bit", rpm:"libnetapi0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnetapi0-debuginfo-32bit", rpm:"libnetapi0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libregistry0-32bit", rpm:"libregistry0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libregistry0-debuginfo-32bit", rpm:"libregistry0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0-32bit", rpm:"libsamba-credentials0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-credentials0-debuginfo-32bit", rpm:"libsamba-credentials0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0-32bit", rpm:"libsamba-hostconfig0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-hostconfig0-debuginfo-32bit", rpm:"libsamba-hostconfig0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0-32bit", rpm:"libsamba-passdb0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-passdb0-debuginfo-32bit", rpm:"libsamba-passdb0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-32bit", rpm:"libsamba-policy0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-debuginfo-32bit", rpm:"libsamba-policy0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0-32bit", rpm:"libsamba-util0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-util0-debuginfo-32bit", rpm:"libsamba-util0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0-32bit", rpm:"libsamdb0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamdb0-debuginfo-32bit", rpm:"libsamdb0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient-raw0-32bit", rpm:"libsmbclient-raw0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient-raw0-debuginfo-32bit", rpm:"libsmbclient-raw0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0-32bit", rpm:"libsmbclient0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbclient0-debuginfo-32bit", rpm:"libsmbclient0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0-32bit", rpm:"libsmbconf0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbconf0-debuginfo-32bit", rpm:"libsmbconf0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap0-32bit", rpm:"libsmbldap0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsmbldap0-debuginfo-32bit", rpm:"libsmbldap0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0-32bit", rpm:"libtevent-util0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libtevent-util0-debuginfo-32bit", rpm:"libtevent-util0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0-32bit", rpm:"libwbclient0-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libwbclient0-debuginfo-32bit", rpm:"libwbclient0-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-32bit", rpm:"samba-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-32bit", rpm:"samba-client-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-debuginfo-32bit", rpm:"samba-client-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-debuginfo-32bit", rpm:"samba-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-32bit", rpm:"samba-libs-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-debuginfo-32bit", rpm:"samba-libs-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-32bit", rpm:"samba-winbind-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-debuginfo-32bit", rpm:"samba-winbind-debuginfo-32bit~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-doc", rpm:"samba-doc~4.2.4~34.1", rls:"openSUSE13.2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
References
Related
suse
suse
Security update for samba (important)
2016-04-17 15:11:14
Security update for samba (important)
2016-04-13 14:07:57
Security update for samba (important)
2016-04-13 20:07:50
nessus
nessus
openSUSE Security Update : samba (openSUSE-2016-462) (Badlock)
2016-04-18 00:00:00
GLSA-201612-47 : Samba: Multiple vulnerabilities (Badlock)
2016-12-27 00:00:00
SUSE SLES11 Security Update : samba (SUSE-SU-2016:1028-1) (Badlock)
2016-04-15 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2016-12-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.3.3-alt1
2015-12-16 00:00:00
Security fix for the ALT Linux 8 package samba-DC version 4.3.3-alt1
2015-12-16 00:00:00
Security fix for the ALT Linux 8 package samba version 4.3.3-alt1
2015-12-16 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:2304-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for ldb (openSUSE-SU-2015:2354-1)
2016-02-02 00:00:00
openSUSE: Security Advisory for samba (openSUSE-SU-2016:1025-1)
2016-04-14 00:00:00
ibm
ibm
redhat
redhat
(RHSA-2016:0624) Critical: samba3x security update
2016-04-12 00:00:00
(RHSA-2016:0611) Critical: samba security update
2016-04-13 06:54:34
(RHSA-2016:0613) Critical: samba3x security update
2016-04-12 00:00:00
centos
centos
samba3x security update
2016-04-13 00:27:00
libsmbclient, samba security update
2016-04-13 00:14:40
oraclelinux
oraclelinux
samba3x security update
2016-04-12 00:00:00
samba security update
2016-04-12 00:00:00
samba and samba4 security, bug fix, and enhancement update
2016-04-12 00:00:00
mageia
mageia
Updated samba packages fix security vulnerabilities
2016-04-26 21:02:43
Updated samba packages fix security vulnerabilities
2016-03-03 20:43:41
fedora
fedora
[SECURITY] Fedora 22 Update: samba-4.2.11-0.fc22
2016-04-14 04:23:49
[SECURITY] Fedora 23 Update: samba-4.3.8-0.fc23
2016-04-13 20:24:23
[SECURITY] Fedora 24 Update: samba-4.4.2-1.fc24
2016-04-15 03:20:46
ubuntu
ubuntu
libsoup update
2016-05-04 00:00:00
Samba regressions
2016-05-04 00:00:00
Samba vulnerabilities
2016-04-18 00:00:00
cloudfoundry
cloudfoundry
Samba and Windows Vulnerabilities | Cloud Foundry
2016-04-14 00:00:00
freebsd
freebsd
samba -- multiple vulnerabilities
2016-04-12 00:00:00
amazon
amazon
Critical: samba
2016-04-13 11:45:00
Medium: samba
2016-01-18 11:00:00
slackware
slackware
[slackware-security] samba
2016-04-15 20:48:27
archlinux
archlinux
samba: multiple issues
2016-04-23 00:00:00
osv
osv
samba - security update
2016-04-13 00:00:00
samba - regression update
2016-04-13 00:00:00
samba - regression update
2016-04-13 00:00:00
debian
debian
[SECURITY] [DSA 3548-1] samba security update
2016-04-13 20:42:03
[SECURITY] [DSA 3548-1] samba security update
2016-04-13 20:42:03
[SECURITY] [DSA 3433-1] samba security update
2016-01-02 09:40:27
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.4 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
Related for OPENVAS:1361412562310851279