DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:1361412562310875582", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for samba FEDORA-2019-019c5314a0", "description": "The remote host is missing an update for the ", "published": "2019-04-30T00:00:00", "modified": "2019-04-30T00:00:00", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875582", "reporter": "Copyright (C) 2019 Greenbone Networks GmbH", "references": ["2019-019c5314a0", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRLRO7BPRFETVFZ4TVJL2VFZEPHKJY4"], "cvelist": ["CVE-2019-3880", "CVE-2018-1139", "CVE-2018-16851", "CVE-2018-10858", "CVE-2018-1050", "CVE-2018-1057", "CVE-2018-14629", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-16841", "CVE-2018-10918", "CVE-2018-16853"], "immutableFields": [], "lastseen": "2019-05-29T18:32:13", "viewCount": 30, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1126", "ALAS-2019-1329", "ALAS2-2018-1126", "ALAS2-2019-1351"]}, {"type": "archlinux", "idList": ["ASA-201803-10", "ASA-201811-22"]}, {"type": "centos", "idList": ["CESA-2018:1860", "CESA-2018:1883", "CESA-2018:3056", "CESA-2019:2099"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-0517", "CPAI-2019-0037", "CPAI-2019-0240"]}, {"type": "cisa", "idList": ["CISA:0CD2E46F080F40B50536A93A94A6EA41", "CISA:6180F1F1655FB3C48E0A4DAEF8DD65B4", "CISA:8B61E91ADA9DFED3FD75B9079ED04596", "CISA:E567C6CBA6FFDD941FA9D9550C4601C9"]}, {"type": "cve", "idList": ["CVE-2018-1050", "CVE-2018-1057", "CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16853", "CVE-2019-3880"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1320-1:1A840", "DEBIAN:DLA-1320-1:5120E", "DEBIAN:DLA-1607-1:12893", "DEBIAN:DLA-1607-1:AD011", "DEBIAN:DLA-1754-1:8C6F5", "DEBIAN:DLA-1754-1:AE022", "DEBIAN:DSA-4135-1:3631B", "DEBIAN:DSA-4135-1:EA2D3", "DEBIAN:DSA-4271-1:02F48", "DEBIAN:DSA-4271-1:FEBCF", "DEBIAN:DSA-4345-1:CA772", "DEBIAN:DSA-4345-1:F02AA", "DEBIAN:DSA-4427-1:48033", "DEBIAN:DSA-4427-1:B23F1"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-1050", "DEBIANCVE:CVE-2018-1057", "DEBIANCVE:CVE-2018-10858", "DEBIANCVE:CVE-2018-10918", "DEBIANCVE:CVE-2018-10919", "DEBIANCVE:CVE-2018-1139", "DEBIANCVE:CVE-2018-1140", "DEBIANCVE:CVE-2018-14629", "DEBIANCVE:CVE-2018-16841", "DEBIANCVE:CVE-2018-16851", "DEBIANCVE:CVE-2018-16853", "DEBIANCVE:CVE-2019-3880"]}, {"type": "f5", "idList": ["F5:K01494912", "F5:K20804356", "F5:K21595932"]}, {"type": "fedora", "idList": ["FEDORA:18CD06266DFD", "FEDORA:28A79611A8DC", "FEDORA:2D34260A7563", "FEDORA:2E1DE608BFF0", "FEDORA:60770610D7D4", "FEDORA:64B3F629453D", "FEDORA:6B54A611D00B", "FEDORA:7681F605F904", "FEDORA:7C7AD6076F44", "FEDORA:80C5D6057708", "FEDORA:907E86048FEE", "FEDORA:9951F624F57A", "FEDORA:D5AF26049ECF", "FEDORA:E846660C9ABC", "FEDORA:E8EF462A6DE0"]}, {"type": "freebsd", "idList": ["54976998-F248-11E8-81E2-005056A311D1", "793A0072-7822-11E9-81E2-005056A311D1", "C4E9A427-9FC2-11E8-802A-000C29A1E3EC", "FB26F78A-26A9-11E8-A1C2-00505689D4AE"]}, {"type": "gentoo", "idList": ["GLSA-201805-07", "GLSA-202003-52"]}, {"type": "ibm", "idList": ["1470A0982BD933EDD6F15CD787E95F92B6D097998E834E22092FDC651BC388B0", "14A66E285F80B7BAC39E8F65602A5BB93F398C1789034E2FF5379E73CE37D6ED", "3E525D00F327995803976B5325A76697A345A5C24A570868F0D0EEF2FA9F7BC3", "551EC403F4FDCF694703A0C47FFB997EB7CC3E496F4C885D20A31F14BCBF3B9F", "553AFE2A6679460EF39E866B63E643E18E41F440FAADF6A1CAFCE635BFBF2712", "82E9815E9174E5710F60C44A30A4B902DFE2D3282CE606B1D95035B4E3298A1D", "924FD2E8A5032ED7C22DF8341BBF235C72A5E6A9B17ED71F350A5B494B8D805A", "C6ADA288A87D604AB7D198ABC38D3CC47C47074116F90BDEF9BF22DF090C9534", "DB12F66FB174F7639D4040E533C9C3C2B38EB2659C60753763F3D5DF7F1BDD5D", "DF2732B37749E838D568058735FFDC547A56C12DBE652124924CA2895A6EAA3F", "FF8DCAF5269CDB0552E4DD23632ECE05975BD0C298A785C73A2CD22105F5CB55"]}, {"type": "mageia", "idList": ["MGASA-2018-0201", "MGASA-2018-0424", "MGASA-2019-0011"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1126.NASL", "AL2_ALAS-2019-1351.NASL", "ALA_ALAS-2018-1126.NASL", "ALA_ALAS-2019-1329.NASL", "CENTOS_RHSA-2018-1860.NASL", "CENTOS_RHSA-2018-1883.NASL", "CENTOS_RHSA-2018-3056.NASL", "CENTOS_RHSA-2019-2099.NASL", "DEBIAN_DLA-1320.NASL", "DEBIAN_DLA-1607.NASL", "DEBIAN_DLA-1754.NASL", "DEBIAN_DSA-4135.NASL", "DEBIAN_DSA-4271.NASL", "DEBIAN_DSA-4345.NASL", "DEBIAN_DSA-4427.NASL", "EULEROS_SA-2019-1125.NASL", "EULEROS_SA-2019-1150.NASL", "EULEROS_SA-2019-1273.NASL", "EULEROS_SA-2019-1342.NASL", "EULEROS_SA-2019-1408.NASL", "EULEROS_SA-2019-1598.NASL", "EULEROS_SA-2019-1618.NASL", "EULEROS_SA-2019-1689.NASL", "EULEROS_SA-2019-1708.NASL", "EULEROS_SA-2019-1744.NASL", "EULEROS_SA-2019-1780.NASL", "EULEROS_SA-2019-2018.NASL", "EULEROS_SA-2019-2484.NASL", "FEDORA_2018-7D0ACD608B.NASL", "FEDORA_2018-8E4D871867.NASL", "FEDORA_2018-BC22D6C7BC.NASL", "FEDORA_2018-C2A93F8E1B.NASL", "FEDORA_2018-C5C651AC44.NASL", "FEDORA_2018-E423E8743F.NASL", "FEDORA_2019-019C5314A0.NASL", "FEDORA_2019-CACF88EABF.NASL", "FEDORA_2019-DB21B5F1D2.NASL", "FREEBSD_PKG_54976998F24811E881E2005056A311D1.NASL", "FREEBSD_PKG_793A0072782211E981E2005056A311D1.NASL", "FREEBSD_PKG_C4E9A4279FC211E8802A000C29A1E3EC.NASL", "FREEBSD_PKG_FB26F78A26A911E8A1C200505689D4AE.NASL", "GENTOO_GLSA-201805-07.NASL", "GENTOO_GLSA-202003-52.NASL", "JUNIPER_SPACE_JSA10917_184R1.NASL", "NEWSTART_CGSL_NS-SA-2019-0069_SAMBA.NASL", "NEWSTART_CGSL_NS-SA-2019-0128_SAMBA4.NASL", "NEWSTART_CGSL_NS-SA-2019-0134_SAMBA.NASL", "NEWSTART_CGSL_NS-SA-2019-0197_SAMBA.NASL", "NEWSTART_CGSL_NS-SA-2019-0244_SAMBA.NASL", "OPENSUSE-2018-1195.NASL", "OPENSUSE-2018-300.NASL", "OPENSUSE-2018-649.NASL", "OPENSUSE-2018-890.NASL", "OPENSUSE-2018-891.NASL", "OPENSUSE-2019-1180.NASL", "OPENSUSE-2019-1292.NASL", "OPENSUSE-2019-617.NASL", "ORACLELINUX_ELSA-2018-1860.NASL", "ORACLELINUX_ELSA-2018-1883.NASL", "ORACLELINUX_ELSA-2018-3056.NASL", "REDHAT-RHSA-2018-1860.NASL", "REDHAT-RHSA-2018-1883.NASL", "REDHAT-RHSA-2018-2612.NASL", "REDHAT-RHSA-2018-2613.NASL", "REDHAT-RHSA-2018-3056.NASL", "REDHAT-RHSA-2018-3470.NASL", "REDHAT-RHSA-2019-1966.NASL", "REDHAT-RHSA-2019-1967.NASL", "REDHAT-RHSA-2019-2099.NASL", "REDHAT-RHSA-2019-3582.NASL", "SAMBA_4_6_15.NASL", "SAMBA_4_7_12.NASL", "SAMBA_4_7_6.NASL", "SAMBA_CVE-2019-3880.NASL", "SLACKWARE_SSA_2018-072-02.NASL", "SLACKWARE_SSA_2018-229-02.NASL", "SLACKWARE_SSA_2018-333-01.NASL", "SL_20180619_SAMBA4_ON_SL6_X.NASL", "SL_20180619_SAMBA_ON_SL6_X.NASL", "SL_20181030_SAMBA_ON_SL7_X.NASL", "SL_20190806_SAMBA_ON_SL7_X.NASL", "SUSE_SU-2018-0754-1.NASL", "SUSE_SU-2018-0774-1.NASL", "SUSE_SU-2018-0832-1.NASL", "SUSE_SU-2018-1687-1.NASL", "SUSE_SU-2018-2318-1.NASL", "SUSE_SU-2018-2319-1.NASL", "SUSE_SU-2018-2320-1.NASL", "SUSE_SU-2018-2320-2.NASL", "SUSE_SU-2018-2321-1.NASL", "SUSE_SU-2018-2329-1.NASL", "SUSE_SU-2018-2339-1.NASL", "SUSE_SU-2018-2339-2.NASL", "SUSE_SU-2018-3161-1.NASL", "SUSE_SU-2018-4066-1.NASL", "SUSE_SU-2019-1037-1.NASL", "SUSE_SU-2019-1040-1.NASL", "SUSE_SU-2019-1194-1.NASL", "SUSE_SU-2019-1195-1.NASL", "SUSE_SU-2019-1203-1.NASL", "SUSE_SU-2019-14042-1.NASL", "UBUNTU_USN-3595-1.NASL", "UBUNTU_USN-3738-1.NASL", "UBUNTU_USN-3827-1.NASL", "UBUNTU_USN-3939-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310113133", "OPENVAS:1361412562310141732", "OPENVAS:1361412562310141733", "OPENVAS:1361412562310141734", "OPENVAS:1361412562310142391", "OPENVAS:1361412562310704135", "OPENVAS:1361412562310704271", "OPENVAS:1361412562310704345", "OPENVAS:1361412562310704427", "OPENVAS:1361412562310813782", "OPENVAS:1361412562310813783", "OPENVAS:1361412562310813784", "OPENVAS:1361412562310813785", "OPENVAS:1361412562310843469", "OPENVAS:1361412562310843615", "OPENVAS:1361412562310843831", "OPENVAS:1361412562310843969", "OPENVAS:1361412562310851790", "OPENVAS:1361412562310851862", "OPENVAS:1361412562310851940", "OPENVAS:1361412562310852010", "OPENVAS:1361412562310852415", "OPENVAS:1361412562310852461", "OPENVAS:1361412562310874235", "OPENVAS:1361412562310874236", "OPENVAS:1361412562310874251", "OPENVAS:1361412562310874976", "OPENVAS:1361412562310874977", "OPENVAS:1361412562310874979", "OPENVAS:1361412562310875317", "OPENVAS:1361412562310875625", "OPENVAS:1361412562310876099", "OPENVAS:1361412562310876380", "OPENVAS:1361412562310876593", "OPENVAS:1361412562310876810", "OPENVAS:1361412562310877013", "OPENVAS:1361412562310891320", "OPENVAS:1361412562310891607", "OPENVAS:1361412562310891754", "OPENVAS:1361412562311220191125", "OPENVAS:1361412562311220191150", "OPENVAS:1361412562311220191273", "OPENVAS:1361412562311220191342", "OPENVAS:1361412562311220191408", "OPENVAS:1361412562311220191598", "OPENVAS:1361412562311220191618", "OPENVAS:1361412562311220191689", "OPENVAS:1361412562311220191708", "OPENVAS:1361412562311220191744", "OPENVAS:1361412562311220191780", "OPENVAS:1361412562311220192018", "OPENVAS:1361412562311220192484"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-1860", "ELSA-2018-1883", "ELSA-2018-3056", "ELSA-2019-2099", "ELSA-2019-3582"]}, {"type": "osv", "idList": ["OSV:DLA-1320-1", "OSV:DLA-1539-1", "OSV:DLA-1607-1", "OSV:DLA-1754-1", "OSV:DSA-4135-1", "OSV:DSA-4271-1", "OSV:DSA-4345-1", "OSV:DSA-4427-1"]}, {"type": "redhat", "idList": ["RHSA-2018:1860", "RHSA-2018:1883", "RHSA-2018:2612", "RHSA-2018:2613", "RHSA-2018:3056", "RHSA-2018:3470", "RHSA-2019:1966", "RHSA-2019:1967", "RHSA-2019:2099", "RHSA-2019:3582"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1050", "RH:CVE-2018-1057", "RH:CVE-2018-10858", "RH:CVE-2018-10918", "RH:CVE-2018-10919", "RH:CVE-2018-1139", "RH:CVE-2018-1140", "RH:CVE-2018-14629", "RH:CVE-2018-16841", "RH:CVE-2018-16851", "RH:CVE-2018-16853", "RH:CVE-2019-3880"]}, {"type": "samba", "idList": ["SAMBA:CVE-2018-1050", "SAMBA:CVE-2018-1057", "SAMBA:CVE-2018-10858", "SAMBA:CVE-2018-10918", "SAMBA:CVE-2018-10919", "SAMBA:CVE-2018-1139", "SAMBA:CVE-2018-1140", "SAMBA:CVE-2018-14629", "SAMBA:CVE-2018-16841", "SAMBA:CVE-2018-16851", "SAMBA:CVE-2018-16853", "SAMBA:CVE-2019-3880"]}, {"type": "slackware", "idList": ["SSA-2018-072-02", "SSA-2018-229-02", "SSA-2018-333-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1727-1", "OPENSUSE-SU-2018:2396-1", "OPENSUSE-SU-2018:2400-1", "OPENSUSE-SU-2018:3211-1", "OPENSUSE-SU-2019:1180-1", "OPENSUSE-SU-2019:1292-1"]}, {"type": "thn", "idList": ["THN:9AF63A5439FB2614532C19DFE04ACC6B"]}, {"type": "threatpost", "idList": ["THREATPOST:D76F21DEC2B85956DB1AD5200B4FD592"]}, {"type": "ubuntu", "idList": ["USN-3595-1", "USN-3595-2", "USN-3738-1", "USN-3827-1", "USN-3827-2", "USN-3939-1", "USN-3939-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1050", "UB:CVE-2018-1057", "UB:CVE-2018-10858", "UB:CVE-2018-10918", "UB:CVE-2018-10919", "UB:CVE-2018-1139", "UB:CVE-2018-1140", "UB:CVE-2018-14629", "UB:CVE-2018-16841", "UB:CVE-2018-16851", "UB:CVE-2018-16853", "UB:CVE-2019-3880"]}, {"type": "veracode", "idList": ["VERACODE:20980", "VERACODE:25235"]}, {"type": "zdt", "idList": ["1337DAY-ID-29999"]}]}, "score": {"value": -0.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1126", "ALAS2-2018-1126", "ALAS2-2019-1351"]}, {"type": "archlinux", "idList": ["ASA-201803-10", "ASA-201811-22"]}, {"type": "centos", "idList": ["CESA-2018:1860", "CESA-2018:1883"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-0517", "CPAI-2019-0037", "CPAI-2019-0240"]}, {"type": "cisa", "idList": ["CISA:0CD2E46F080F40B50536A93A94A6EA41", "CISA:6180F1F1655FB3C48E0A4DAEF8DD65B4", "CISA:8B61E91ADA9DFED3FD75B9079ED04596", "CISA:E567C6CBA6FFDD941FA9D9550C4601C9"]}, {"type": "cve", "idList": ["CVE-2018-1050", "CVE-2018-1057"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1320-1:5120E", "DEBIAN:DSA-4135-1:EA2D3", "DEBIAN:DSA-4271-1:FEBCF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-1050", "DEBIANCVE:CVE-2018-1057", "DEBIANCVE:CVE-2018-10858", "DEBIANCVE:CVE-2018-10918", "DEBIANCVE:CVE-2018-10919", "DEBIANCVE:CVE-2018-1139", "DEBIANCVE:CVE-2018-1140", "DEBIANCVE:CVE-2018-14629", "DEBIANCVE:CVE-2018-16841", "DEBIANCVE:CVE-2018-16851", "DEBIANCVE:CVE-2018-16853", "DEBIANCVE:CVE-2019-3880"]}, {"type": "f5", "idList": ["F5:K21595932"]}, {"type": "fedora", "idList": ["FEDORA:28A79611A8DC", "FEDORA:2D34260A7563", "FEDORA:64B3F629453D", "FEDORA:6B54A611D00B", "FEDORA:7681F605F904", "FEDORA:80C5D6057708", "FEDORA:907E86048FEE", "FEDORA:9951F624F57A", "FEDORA:E846660C9ABC", "FEDORA:E8EF462A6DE0"]}, {"type": "freebsd", "idList": ["FB26F78A-26A9-11E8-A1C2-00505689D4AE"]}, {"type": "gentoo", "idList": ["GLSA-202003-52"]}, {"type": "ibm", "idList": ["1470A0982BD933EDD6F15CD787E95F92B6D097998E834E22092FDC651BC388B0", "553AFE2A6679460EF39E866B63E643E18E41F440FAADF6A1CAFCE635BFBF2712", "FF8DCAF5269CDB0552E4DD23632ECE05975BD0C298A785C73A2CD22105F5CB55"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/FREEBSD-CVE-2018-10858/", "MSF:ILITIES/FREEBSD-CVE-2018-10918/", "MSF:ILITIES/FREEBSD-CVE-2018-16851/", "MSF:ILITIES/FREEBSD-CVE-2018-16853/"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1351.NASL", "ALA_ALAS-2018-1126.NASL", "CENTOS_RHSA-2018-1860.NASL", "CENTOS_RHSA-2018-1883.NASL", "DEBIAN_DLA-1320.NASL", "DEBIAN_DSA-4135.NASL", "FEDORA_2018-7D0ACD608B.NASL", "FREEBSD_PKG_FB26F78A26A911E8A1C200505689D4AE.NASL", "GENTOO_GLSA-202003-52.NASL", "OPENSUSE-2018-300.NASL", "OPENSUSE-2018-649.NASL", "ORACLELINUX_ELSA-2018-1860.NASL", "ORACLELINUX_ELSA-2018-1883.NASL", "REDHAT-RHSA-2018-1860.NASL", "REDHAT-RHSA-2018-1883.NASL", "REDHAT-RHSA-2019-3582.NASL", "SLACKWARE_SSA_2018-072-02.NASL", "SUSE_SU-2018-0754-1.NASL", "SUSE_SU-2018-0774-1.NASL", "SUSE_SU-2018-0832-1.NASL", "SUSE_SU-2018-1687-1.NASL", "UBUNTU_USN-3595-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310113133", "OPENVAS:1361412562310704135", "OPENVAS:1361412562310851790", "OPENVAS:1361412562310874251", "OPENVAS:1361412562310877013"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-1883", "ELSA-2019-3582"]}, {"type": "redhat", "idList": ["RHSA-2019:3582"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1057", "RH:CVE-2018-10918", "RH:CVE-2018-1139", "RH:CVE-2018-1140", "RH:CVE-2018-14629", "RH:CVE-2018-16841", "RH:CVE-2018-16851", "RH:CVE-2018-16853"]}, {"type": "samba", "idList": ["SAMBA:CVE-2018-1139", "SAMBA:CVE-2018-14629"]}, {"type": "slackware", "idList": ["SSA-2018-072-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1727-1", "OPENSUSE-SU-2018:3211-1"]}, {"type": "thn", "idList": ["THN:9AF63A5439FB2614532C19DFE04ACC6B"]}, {"type": "threatpost", "idList": ["THREATPOST:D76F21DEC2B85956DB1AD5200B4FD592"]}, {"type": "ubuntu", "idList": ["USN-3595-1", "USN-3595-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1050", "UB:CVE-2018-1057", "UB:CVE-2018-10858", "UB:CVE-2018-10918", "UB:CVE-2018-10919", "UB:CVE-2018-1139", "UB:CVE-2018-1140", "UB:CVE-2018-14629", "UB:CVE-2018-16841", "UB:CVE-2018-16851", "UB:CVE-2018-16853", "UB:CVE-2019-3880"]}, {"type": "zdt", "idList": ["1337DAY-ID-29999"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2019-3880", "epss": "0.001300000", "percentile": "0.461590000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1139", "epss": "0.008910000", "percentile": "0.801600000", "modified": "2023-03-15"}, {"cve": "CVE-2018-16851", "epss": "0.007610000", "percentile": "0.783300000", "modified": "2023-03-15"}, {"cve": "CVE-2018-10858", "epss": "0.014120000", "percentile": "0.844310000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1050", "epss": "0.378770000", "percentile": "0.965590000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1057", "epss": "0.029710000", "percentile": "0.893240000", "modified": "2023-03-15"}, {"cve": "CVE-2018-14629", "epss": "0.002490000", "percentile": "0.609860000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1140", "epss": "0.841620000", "percentile": "0.978670000", "modified": "2023-03-15"}, {"cve": "CVE-2018-10919", "epss": "0.002530000", "percentile": "0.613610000", "modified": "2023-03-15"}, {"cve": "CVE-2018-16841", "epss": "0.009970000", "percentile": "0.812750000", "modified": "2023-03-15"}, {"cve": "CVE-2018-10918", "epss": "0.004920000", "percentile": "0.724720000", "modified": "2023-03-15"}, {"cve": "CVE-2018-16853", "epss": "0.015410000", "percentile": "0.850700000", "modified": "2023-03-15"}], "vulnersScore": -0.4}, "_state": {"dependencies": 1678957066, "score": 1683996360, "epss": 1678957426}, "_internal": {"score_hash": "26e0561b2eb5ba68109dc857609d5e59"}, "pluginID": "1361412562310875582", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875582\");\n script_version(\"2019-04-30T06:40:08+0000\");\n script_cve_id(\"CVE-2019-3880\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16853\", \"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1050\", \"CVE-2018-1057\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-04-30 06:40:08 +0000 (Tue, 30 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-30 02:12:09 +0000 (Tue, 30 Apr 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-019c5314a0\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-019c5314a0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRLRO7BPRFETVFZ4TVJL2VFZEPHKJY4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2019-019c5314a0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.8.11~0.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Fedora Local Security Checks"}

{"openvas": [{"lastseen": "2019-05-29T18:33:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-c2a93f8e1b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-16851", "CVE-2018-10858", "CVE-2018-1050", "CVE-2018-1057", "CVE-2018-14629", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-16841", "CVE-2018-10918", "CVE-2018-16853"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875317", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875317", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_c2a93f8e1b_samba_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for samba FEDORA-2018-c2a93f8e1b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875317\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16853\", \"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1050\", \"CVE-2018-1057\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:28:08 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for samba FEDORA-2018-c2a93f8e1b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-c2a93f8e1b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O6CDGPQKS2VCHWPTF4BNRGR5Y5AV7NWW\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2018-c2a93f8e1b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"samba on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.8.7~0.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-21T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-bc22d6c7bc", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-1050", "CVE-2018-1057", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-10918"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874976", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874976", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_bc22d6c7bc_samba_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for samba FEDORA-2018-bc22d6c7bc\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874976\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-21 06:55:59 +0200 (Tue, 21 Aug 2018)\");\n script_cve_id(\"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\",\n \"CVE-2018-10919\", \"CVE-2018-1050\", \"CVE-2018-1057\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for samba FEDORA-2018-bc22d6c7bc\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"samba on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-bc22d6c7bc\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JLO2ZIZN3LCSYBMKQC6WDL5AJYSE2UG2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.8.4~0.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-21T00:00:00", "type": "openvas", "title": "Fedora Update for libldb FEDORA-2018-bc22d6c7bc", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-10918"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874977", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874977", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_bc22d6c7bc_libldb_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libldb FEDORA-2018-bc22d6c7bc\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874977\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-21 06:56:45 +0200 (Tue, 21 Aug 2018)\");\n script_cve_id(\"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\",\n \"CVE-2018-10919\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libldb FEDORA-2018-bc22d6c7bc\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libldb'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"libldb on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-bc22d6c7bc\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMELAF56SFMIHXRXGSB7LFC6JJDUHRUA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldb\", rpm:\"libldb~1.4.0~3.fc28.1.3.5\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:33:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for samba (openSUSE-SU-2018:2400-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-10918"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852010", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852010", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852010\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:33:53 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for samba (openSUSE-SU-2018:2400-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:2400-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-08/msg00059.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the openSUSE-SU-2018:2400-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for samba fixes the following issues:\n\n The following security vulnerabilities were fixed:\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it\n (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with\n escapes crashes (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via substring search\n (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer\n overflow (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user\n without a SPN (bsc#1103414)\n\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-891=1\");\n\n script_tag(name:\"affected\", value:\"samba on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"ctdb\", rpm:\"ctdb~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-debuginfo\", rpm:\"ctdb-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-pcp-pmda\", rpm:\"ctdb-pcp-pmda~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-pcp-pmda-debuginfo\", rpm:\"ctdb-pcp-pmda-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-tests\", rpm:\"ctdb-tests~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-tests-debuginfo\", rpm:\"ctdb-tests-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0\", rpm:\"libdcerpc-binding0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-debuginfo\", rpm:\"libdcerpc-binding0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-devel\", rpm:\"libdcerpc-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr-devel\", rpm:\"libdcerpc-samr-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0\", rpm:\"libdcerpc-samr0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-debuginfo\", rpm:\"libdcerpc-samr0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0\", rpm:\"libdcerpc0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-debuginfo\", rpm:\"libdcerpc0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-devel\", rpm:\"libndr-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac-devel\", rpm:\"libndr-krb5pac-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0\", rpm:\"libndr-krb5pac0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-debuginfo\", rpm:\"libndr-krb5pac0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt-devel\", rpm:\"libndr-nbt-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0\", rpm:\"libndr-nbt0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-debuginfo\", rpm:\"libndr-nbt0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard-devel\", rpm:\"libndr-standard-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0\", rpm:\"libndr-standard0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-debuginfo\", rpm:\"libndr-standard0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0\", rpm:\"libndr0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-debuginfo\", rpm:\"libndr0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-debuginfo\", rpm:\"libnetapi0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials-devel\", rpm:\"libsamba-credentials-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0\", rpm:\"libsamba-credentials0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-debuginfo\", rpm:\"libsamba-credentials0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors-devel\", rpm:\"libsamba-errors-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0\", rpm:\"libsamba-errors0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-debuginfo\", rpm:\"libsamba-errors0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig-devel\", rpm:\"libsamba-hostconfig-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0\", rpm:\"libsamba-hostconfig0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-debuginfo\", rpm:\"libsamba-hostconfig0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb-devel\", rpm:\"libsamba-passdb-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0\", rpm:\"libsamba-passdb0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-debuginfo\", rpm:\"libsamba-passdb0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy-devel\", rpm:\"libsamba-policy-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0\", rpm:\"libsamba-policy0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-debuginfo\", rpm:\"libsamba-policy0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util-devel\", rpm:\"libsamba-util-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0\", rpm:\"libsamba-util0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-debuginfo\", rpm:\"libsamba-util0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb-devel\", rpm:\"libsamdb-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0\", rpm:\"libsamdb0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-debuginfo\", rpm:\"libsamdb0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo\", rpm:\"libsmbclient0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf-devel\", rpm:\"libsmbconf-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0\", rpm:\"libsmbconf0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-debuginfo\", rpm:\"libsmbconf0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap-devel\", rpm:\"libsmbldap-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap2\", rpm:\"libsmbldap2~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap2-debuginfo\", rpm:\"libsmbldap2-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util-devel\", rpm:\"libtevent-util-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0\", rpm:\"libtevent-util0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-debuginfo\", rpm:\"libtevent-util0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo\", rpm:\"libwbclient0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo\", rpm:\"samba-client-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-core-devel\", rpm:\"samba-core-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debugsource\", rpm:\"samba-debugsource~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-dsdb-modules\", rpm:\"samba-dsdb-modules~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-dsdb-modules-debuginfo\", rpm:\"samba-dsdb-modules-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-kdc\", rpm:\"samba-kdc~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-kdc-debuginfo\", rpm:\"samba-kdc-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-debuginfo\", rpm:\"samba-libs-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-pidl\", rpm:\"samba-pidl~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python-debuginfo\", rpm:\"samba-python-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-test\", rpm:\"samba-test~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-test-debuginfo\", rpm:\"samba-test-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo\", rpm:\"samba-winbind-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-32bit\", rpm:\"libdcerpc-binding0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-32bit-debuginfo\", rpm:\"libdcerpc-binding0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-32bit\", rpm:\"libdcerpc-samr0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-32bit-debuginfo\", rpm:\"libdcerpc-samr0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-32bit\", rpm:\"libdcerpc0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-32bit-debuginfo\", rpm:\"libdcerpc0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-32bit\", rpm:\"libndr-krb5pac0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-32bit-debuginfo\", rpm:\"libndr-krb5pac0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-32bit\", rpm:\"libndr-nbt0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-32bit-debuginfo\", rpm:\"libndr-nbt0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-32bit\", rpm:\"libndr-standard0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-32bit-debuginfo\", rpm:\"libndr-standard0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-32bit\", rpm:\"libndr0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-32bit-debuginfo\", rpm:\"libndr0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-32bit\", rpm:\"libnetapi0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-32bit-debuginfo\", rpm:\"libnetapi0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-32bit\", rpm:\"libsamba-credentials0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-32bit-debuginfo\", rpm:\"libsamba-credentials0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-32bit\", rpm:\"libsamba-errors0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-32bit-debuginfo\", rpm:\"libsamba-errors0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-32bit\", rpm:\"libsamba-hostconfig0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-32bit-debuginfo\", rpm:\"libsamba-hostconfig0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-32bit\", rpm:\"libsamba-passdb0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-32bit-debuginfo\", rpm:\"libsamba-passdb0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-32bit\", rpm:\"libsamba-policy0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-32bit-debuginfo\", rpm:\"libsamba-policy0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-32bit\", rpm:\"libsamba-util0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-32bit-debuginfo\", rpm:\"libsamba-util0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-32bit\", rpm:\"libsamdb0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-32bit-debuginfo\", rpm:\"libsamdb0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-32bit\", rpm:\"libsmbclient0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-32bit-debuginfo\", rpm:\"libsmbclient0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-32bit\", rpm:\"libsmbconf0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-32bit-debuginfo\", rpm:\"libsmbconf0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap2-32bit\", rpm:\"libsmbldap2-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap2-32bit-debuginfo\", rpm:\"libsmbldap2-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-32bit\", rpm:\"libtevent-util0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-32bit-debuginfo\", rpm:\"libtevent-util0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-32bit\", rpm:\"libwbclient0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-32bit-debuginfo\", rpm:\"libwbclient0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-ceph\", rpm:\"samba-ceph~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-ceph-debuginfo\", rpm:\"samba-ceph-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-32bit-debuginfo\", rpm:\"samba-client-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-kdc-32bit\", rpm:\"samba-kdc-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-kdc-32bit-debuginfo\", rpm:\"samba-kdc-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-32bit\", rpm:\"samba-libs-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-32bit-debuginfo\", rpm:\"samba-libs-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-32bit-debuginfo\", rpm:\"samba-winbind-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-22T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-8e4d871867", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-1050", "CVE-2018-1057", "CVE-2018-1140", "CVE-2017-14746", "CVE-2018-10919", "CVE-2018-10918", "CVE-2017-15275"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874979", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874979", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_8e4d871867_samba_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for samba FEDORA-2018-8e4d871867\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874979\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-22 06:58:16 +0200 (Wed, 22 Aug 2018)\");\n script_cve_id(\"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\",\n \"CVE-2018-10919\", \"CVE-2018-1050\", \"CVE-2018-1057\", \"CVE-2017-14746\",\n \"CVE-2017-15275\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for samba FEDORA-2018-8e4d871867\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"samba on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-8e4d871867\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7YJYQHQW2OGFNOT7P6SZ5G7A4EDHC2ND\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.7.9~0.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "openvas", "title": "Ubuntu Update for samba USN-3738-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-10919", "CVE-2018-10918"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843615", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843615", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3738_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for samba USN-3738-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843615\");\n script_version(\"$Revision: 14288 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 06:19:51 +0200 (Wed, 15 Aug 2018)\");\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for samba USN-3738-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"insight\", value:\"Svyatoslav Phirsov discovered that the Samba\n libsmbclient library incorrectly handled extra long filenames. A malicious server\n could use this issue to cause Samba to crash, resulting in a denial of service, or\npossibly execute arbitrary code. (CVE-2018-10858)\n\nVolker Mauel discovered that Samba incorrectly handled database output.\nWhen used as an Active Directory Domain Controller, a remote authenticated\nattacker could use this issue to cause Samba to crash, resulting in a\ndenial of service. This issue only affected Ubuntu 18.04 LTS.\n(CVE-2018-10918)\n\nPhillip Kuhrt discovered that the Samba LDAP server incorrectly handled\ncertain confidential attribute values. A remote authenticated attacker\ncould possibly use this issue to obtain certain sensitive information.\n(CVE-2018-10919)\n\nVivek Das discovered that Samba incorrectly handled NTLMv1 being explicitly\ndisabled on the server. A remote user could possibly be authenticated using\nNTLMv1, contrary to expectations. This issue only affected Ubuntu 18.04\nLTS. (CVE-2018-1139)\");\n script_tag(name:\"affected\", value:\"samba on Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"USN\", value:\"3738-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3738-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.3.11+dfsg-0ubuntu0.14.04.16\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.14.04.16\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.3.11+dfsg-0ubuntu0.16.04.15\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.16.04.15\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-11-27T00:00:00", "type": "openvas", "title": "Ubuntu Update for samba USN-3827-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843831", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3827_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for samba USN-3827-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843831\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-11-27 15:43:28 +0100 (Tue, 27 Nov 2018)\");\n script_name(\"Ubuntu Update for samba USN-3827-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|18\\.10|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3827-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3827-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the USN-3827-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Florian Stuelpner discovered that Samba incorrectly handled CNAME records.\nA remote attacker could use this issue to cause Samba to crash, resulting\nin a denial of service. (CVE-2018-14629)\n\nAlex MacCuish discovered that Samba incorrectly handled memory when\nconfigured to accept smart-card authentication. A remote attacker could\npossibly use this issue to cause Samba to crash, resulting in a denial of\nservice. (CVE-2018-16841)\n\nGarming Sam discovered that Samba incorrectly handled memory when\nprocessing LDAP searches. A remote attacker could possibly use this issue\nto cause Samba to crash, resulting in a denial of service. (CVE-2018-16851)\");\n\n script_tag(name:\"affected\", value:\"samba on Ubuntu 18.10,\n Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.14.04.19\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.5\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.8.4+dfsg-2ubuntu2.1\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.16.04.18\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-07-04T18:55:24", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-14629\nFlorian Stuelpner discovered that Samba is vulnerable to\ninfinite query recursion caused by CNAME loops, resulting in\ndenial of service.\n\nCVE-2018-16841\nAlex MacCuish discovered that a user with a valid certificate or\nsmart card can crash the Samba AD DC", "cvss3": {}, "published": "2018-11-27T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4345-1 (samba - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704345", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704345", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4345-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704345\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\");\n script_name(\"Debian Security Advisory DSA 4345-1 (samba - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-27 00:00:00 +0100 (Tue, 27 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4345.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"samba on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2:4.5.12+dfsg-2+deb9u4.\n\nWe recommend that you upgrade your samba packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/samba\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-14629\nFlorian Stuelpner discovered that Samba is vulnerable to\ninfinite query recursion caused by CNAME loops, resulting in\ndenial of service.\n\nCVE-2018-16841\nAlex MacCuish discovered that a user with a valid certificate or\nsmart card can crash the Samba AD DC's KDC when configured to accept\nsmart-card authentication.\n\nCVE-2018-16851\nGarming Sam of the Samba Team and Catalyst discovered a NULL pointer\ndereference vulnerability in the Samba AD DC LDAP server allowing a\nuser able to read more than 256MB of LDAP entries to crash the Samba\nAD DC's LDAP server.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"ctdb\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libparse-pidl-perl\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-samba\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"registry-tools\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dev\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-libs\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-testsuite\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-vfs-modules\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"winbind\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-e423e8743f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16857", "CVE-2018-16852", "CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876099", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876099", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876099\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:34:29 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2018-e423e8743f\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-e423e8743f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RZQ6ORDPCGDR4IZCRLBSB5LHT6NLZQBO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2018-e423e8743f advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.3~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2019-db21b5f1d2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3880", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-3870", "CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875625", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875625", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875625\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-3870\", \"CVE-2019-3880\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:12:28 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-db21b5f1d2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-db21b5f1d2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2019-db21b5f1d2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.6~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2019-08-15T14:38:29", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-05-19T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2019-208cc34d40", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3880", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-3870", "CVE-2018-16851", "CVE-2018-16860", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "modified": "2019-08-14T00:00:00", "id": "OPENVAS:1361412562310876380", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876380", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876380\");\n script_version(\"2019-08-14T06:47:48+0000\");\n script_cve_id(\"CVE-2018-16860\", \"CVE-2019-3870\", \"CVE-2019-3880\", \"CVE-2018-14629\",\n \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\",\n \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-08-14 06:47:48 +0000 (Wed, 14 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-19 02:09:46 +0000 (Sun, 19 May 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-208cc34d40\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-208cc34d40\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OM5TYKT3Y2N2WB5QQKKEFQAF752FN3JJ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'samba' package(s) announced via the FEDORA-2019-208cc34d40 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability\n suite of programs for Linux and Unix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.8~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T20:08:04", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-14629\n\nFlorian Stuelpner discovered that Samba is vulnerable to\ninfinite query recursion caused by CNAME loops, resulting in\ndenial of service.\n\nCVE-2018-16851\n\nGarming Sam of the Samba Team and Catalyst discovered a NULL pointer\ndereference vulnerability in the Samba AD DC LDAP server allowing a\nuser able to read more than 256MB of LDAP entries to crash the Samba\nAD DC", "cvss3": {}, "published": "2018-12-18T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for samba (DLA-1607-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16851", "CVE-2018-14629"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891607", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891607", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891607\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16851\");\n script_name(\"Debian LTS: Security Advisory for samba (DLA-1607-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-12-18 00:00:00 +0100 (Tue, 18 Dec 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/12/msg00005.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"samba on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2:4.2.14+dfsg-0+deb8u11.\n\nWe recommend that you upgrade your samba packages.\");\n\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-14629\n\nFlorian Stuelpner discovered that Samba is vulnerable to\ninfinite query recursion caused by CNAME loops, resulting in\ndenial of service.\n\nCVE-2018-16851\n\nGarming Sam of the Samba Team and Catalyst discovered a NULL pointer\ndereference vulnerability in the Samba AD DC LDAP server allowing a\nuser able to read more than 256MB of LDAP entries to crash the Samba\nAD DC's LDAP server.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"ctdb\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libparse-pidl-perl\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-samba\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"registry-tools\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dev\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-doc\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-libs\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-testsuite\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-vfs-modules\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"winbind\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-07-04T18:55:32", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-10858\nSvyatoslav Phirsov discovered that insufficient input validation in\nlibsmbclient allowed a malicious Samba server to write to the\nclient", "cvss3": {}, "published": "2018-08-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4271-1 (samba - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704271", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704271", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4271-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704271\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10919\");\n script_name(\"Debian Security Advisory DSA 4271-1 (samba - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-14 00:00:00 +0200 (Tue, 14 Aug 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4271.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"samba on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2:4.5.12+dfsg-2+deb9u3.\n\nWe recommend that you upgrade your samba packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/samba\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-10858\nSvyatoslav Phirsov discovered that insufficient input validation in\nlibsmbclient allowed a malicious Samba server to write to the\nclient's heap memory.\n\nCVE-2018-10919\nPhillip Kuhrt discovered that Samba when acting as an Active Domain\ncontroller disclosed some sensitive attributes.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"ctdb\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libparse-pidl-perl\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-samba\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"registry-tools\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dev\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-libs\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-testsuite\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-vfs-modules\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"winbind\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-08-15T14:36:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-07-21T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2019-8966706e33", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3880", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-3870", "CVE-2018-16851", "CVE-2018-16860", "CVE-2019-12435", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "modified": "2019-08-14T00:00:00", "id": "OPENVAS:1361412562310876593", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876593", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876593\");\n script_version(\"2019-08-14T06:47:48+0000\");\n script_cve_id(\"CVE-2019-12435\", \"CVE-2018-16860\", \"CVE-2019-3870\", \"CVE-2019-3880\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-08-14 06:47:48 +0000 (Wed, 14 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-07-21 02:19:08 +0000 (Sun, 21 Jul 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-8966706e33\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-8966706e33\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSG3TLPZP35RH5DWAIDC7MHXRK5DFKOE\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2019-8966706e33 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.11~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:16", "description": "Samba is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "openvas", "title": "Samba 4.x Multiple DoS Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16851", "CVE-2018-14629"], "modified": "2019-02-07T00:00:00", "id": "OPENVAS:1361412562310141732", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141732", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_samba_mult_vuln2.nasl 13517 2019-02-07 07:51:12Z mmartin $\n#\n# Samba 4.x Multiple DoS Vulnerabilities\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:samba:samba\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141732\");\n script_version(\"$Revision: 13517 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-07 08:51:12 +0100 (Thu, 07 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 10:17:12 +0700 (Thu, 29 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16851\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Samba 4.x Multiple DoS Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_samba_detect.nasl\");\n script_mandatory_keys(\"samba/smb_or_ssh/detected\");\n\n script_tag(name:\"summary\", value:\"Samba is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"Samba is prone to multiple vulnerabilities:\n\n - CNAME loops can cause DNS server crashes, and CNAMEs can be added by unprivileged users. (CVE-2018-14629)\n\n - A user able to read more than 256MB of LDAP entries can crash the Samba AD DC's LDAP server.\n (CVE-2018-16851)\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Samba version 4.x.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 4.7.12, 4.8.7, 4.9.3 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-14629.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-16851.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"4.0.0\", test_version2: \"4.7.11\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.7.12\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.8.0\", test_version2: \"4.8.6\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.8.7\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.9.0\", test_version2: \"4.9.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.9.3\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T19:24:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-10T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for samba (DLA-1754-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3880", "CVE-2018-1050", "CVE-2018-1057", "CVE-2017-9461"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891754", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891754", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891754\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-9461\", \"CVE-2018-1050\", \"CVE-2018-1057\", \"CVE-2019-3880\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-10 02:00:09 +0000 (Wed, 10 Apr 2019)\");\n script_name(\"Debian LTS: Security Advisory for samba (DLA-1754-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1754-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the DLA-1754-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Various vulnerabilities were discovered in Samba, SMB/CIFS file, print,\nand login server/client for Unix\n\nCVE-2017-9461\n\nsmbd in Samba had a denial of service vulnerability (fd_open_atomic\ninfinite loop with high CPU usage and memory consumption) due to\nwrongly handling dangling symlinks.\n\nCVE-2018-1050\n\nSamba was vulnerable to a denial of service attack when the RPC\nspoolss service was configured to be run as an external daemon.\nMissing input sanitization checks on some of the input parameters to\nspoolss RPC calls could have caused the print spooler service to\ncrash.\n\nCVE-2018-1057\n\nOn a Samba 4 AD DC the LDAP server of Samba incorrectly validated\npermissions to modify passwords over LDAP allowing authenticated\nusers to change any other users' passwords, including administrative\nusers and privileged service accounts (eg Domain Controllers).\n\nThanks to the Ubuntu security team for having backported the rather\ninvasive changeset to Samba in Ubuntu 14.04 (which we could use to\npatch Samba in Debian jessie LTS).\n\nCVE-2019-3880\n\nA flaw was found in the way Samba implemented an RPC endpoint\nemulating the Windows registry service API. An unprivileged attacker\ncould have used this flaw to create a new registry hive file anywhere\nthey had unix permissions which could have lead to creation of a new\nfile in the Samba share.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2:4.2.14+dfsg-0+deb8u12.\n\nWe recommend that you upgrade your samba packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"ctdb\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libparse-pidl-perl\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-samba\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"registry-tools\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dev\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-doc\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-libs\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-testsuite\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-vfs-modules\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"winbind\", ver:\"2:4.2.14+dfsg-0+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:34:18", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1342)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-1050"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191342", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1342\");\n script_version(\"2020-01-23T11:39:56+0000\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:39:56 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:39:56 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1342)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1342\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1342\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-1342 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.(CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.(CVE-2018-10858)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-07-17T14:13:11", "description": "This host is running Samba and is prone\n to multiple vulnerabilities.", "cvss3": {}, "published": "2018-08-17T00:00:00", "type": "openvas", "title": "Samba Multiple Vulnerabilities - Aug18", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10918"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310813783", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813783", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Samba Multiple Vulnerabilities - Aug18\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:samba:samba\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813783\");\n script_version(\"2019-07-05T09:54:18+0000\");\n script_cve_id(\"CVE-2018-10918\", \"CVE-2018-1139\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:54:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-17 13:10:38 +0530 (Fri, 17 Aug 2018)\");\n script_name(\"Samba Multiple Vulnerabilities - Aug18\");\n\n script_tag(name:\"summary\", value:\"This host is running Samba and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to\n\n - A missing database output checks on the returned directory attributes from\n the LDB database layer.\n\n - An error which allows authentication using NTLMv1 over an SMB1 transport\n (either directory or via NETLOGON SamLogon calls from a member server),\n even when NTLMv1 is explicitly disabled on the server.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to conduct a denial of service attack and authenticate using NTLMv1 over an SMB1\n transport.\");\n\n script_tag(name:\"affected\", value:\"All versions of Samba from 4.7.0 onwards\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Samba 4.8.4 or 4.7.9 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-10918.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-1139.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/history/samba-4.7.9.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/history/samba-4.8.4.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"smb_nativelanman.nasl\", \"gb_samba_detect.nasl\");\n script_mandatory_keys(\"samba/smb_or_ssh/detected\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE))) exit(0);\n\nif(!infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\nloc = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"4.7.0\", test_version2:\"4.7.8\")){\n fix = \"4.7.9\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"4.8.0\", test_version2:\"4.8.3\")){\n fix = \"4.8.4\";\n}\n\nif(fix){\n report = report_fixed_ver( installed_version:vers, fixed_version: fix + \" or apply patch\", install_path:loc);\n security_message( data:report, port:port);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:39:07", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1150)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-1050"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191150", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191150", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1150\");\n script_version(\"2020-01-23T11:32:56+0000\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:32:56 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:32:56 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1150)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1150\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1150\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-1150 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\nsamba: NULL pointer dereference in printer server process (CVE-2018-1050)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:45", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1273)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-1050"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191273", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191273", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1273\");\n script_version(\"2020-01-23T11:37:03+0000\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:37:03 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:37:03 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1273)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1273\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1273\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-1273 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash. (CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.(CVE-2018-10858)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:33:51", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1125)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-1050"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191125", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191125", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1125\");\n script_version(\"2020-01-23T11:32:08+0000\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:32:08 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:32:08 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1125)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1125\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1125\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-1125 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\nsamba: NULL pointer dereference in printer server process (CVE-2018-1050)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-09-20T14:34:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-19T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2019-eb1e982800", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3880", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-3870", "CVE-2018-16851", "CVE-2018-16860", "CVE-2019-12435", "CVE-2018-14629", "CVE-2018-16841", "CVE-2019-10197", "CVE-2018-16853"], "modified": "2019-09-20T00:00:00", "id": "OPENVAS:1361412562310876810", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876810", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876810\");\n script_version(\"2019-09-20T05:25:28+0000\");\n script_cve_id(\"CVE-2019-10197\", \"CVE-2019-12435\", \"CVE-2018-16860\", \"CVE-2019-3870\", \"CVE-2019-3880\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-09-20 05:25:28 +0000 (Fri, 20 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-19 02:30:42 +0000 (Thu, 19 Sep 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-eb1e982800\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-eb1e982800\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56ZUXHGDHPM7S6RVAKULZT5EATS37OKA\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2019-eb1e982800 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.13~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:33:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-21T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-7d0acd608b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-1057"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874251", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_7d0acd608b_samba_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for samba FEDORA-2018-7d0acd608b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874251\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-21 15:10:41 +0100 (Wed, 21 Mar 2018)\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-1057\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for samba FEDORA-2018-7d0acd608b\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"samba on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-7d0acd608b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W6SCHFMINJOBDMPSQTSDO2ZG2AX67PC\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.6.14~0.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:55:42", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-1050\nIt was discovered that Samba is prone to a denial of service\nattack when the RPC spoolss service is configured to be run as an\nexternal daemon.\n\nCVE-2018-1057\nBjoern Baumbach from Sernet discovered that on Samba 4 AD DC the\nLDAP server incorrectly validates permissions to modify passwords\nover LDAP allowing authenticated users to change any other users\npasswords, including administrative users.", "cvss3": {}, "published": "2018-03-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4135-1 (samba - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-1057"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704135", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704135", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4135-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704135\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-1057\");\n script_name(\"Debian Security Advisory DSA 4135-1 (samba - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-13 00:00:00 +0100 (Tue, 13 Mar 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4135.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"samba on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), CVE-2018-1050 will be addressed\nin a later update. Unfortunately the changes required to fix\nCVE-2018-1057 for Debian oldstable are too invasive to be backported.\nUsers using Samba as an AD-compatible domain controller are encouraged\nto apply the workaround described in the Samba wiki and upgrade to\nDebian stretch.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:4.5.12+dfsg-2+deb9u2.\n\nWe recommend that you upgrade your samba packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/samba\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-1050\nIt was discovered that Samba is prone to a denial of service\nattack when the RPC spoolss service is configured to be run as an\nexternal daemon.\n\nCVE-2018-1057\nBjoern Baumbach from Sernet discovered that on Samba 4 AD DC the\nLDAP server incorrectly validates permissions to modify passwords\nover LDAP allowing authenticated users to change any other users\npasswords, including administrative users.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"ctdb\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libparse-pidl-perl\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-samba\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"registry-tools\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dev\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-libs\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-testsuite\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-vfs-modules\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"winbind\", ver:\"2:4.5.12+dfsg-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-15T00:00:00", "type": "openvas", "title": "Fedora Update for libldb FEDORA-2018-c5c651ac44", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-1057"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874235", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874235", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_c5c651ac44_libldb_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libldb FEDORA-2018-c5c651ac44\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874235\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-15 08:54:04 +0100 (Thu, 15 Mar 2018)\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-1057\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libldb FEDORA-2018-c5c651ac44\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libldb'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libldb on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-c5c651ac44\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TSEA6GWWGBHUTR2IVCLHKI5VCXTHRA3U\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldb\", rpm:\"libldb~1.3.2~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-15T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-c5c651ac44", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-1057"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874236", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874236", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_c5c651ac44_samba_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for samba FEDORA-2018-c5c651ac44\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874236\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-15 08:54:09 +0100 (Thu, 15 Mar 2018)\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-1057\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for samba FEDORA-2018-c5c651ac44\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"samba on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-c5c651ac44\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W4YHPBMSDW7MNTSL66Q2USGUGNTJKIW5\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.7.6~0.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-14T00:00:00", "type": "openvas", "title": "Ubuntu Update for samba USN-3595-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-1057"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843469", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843469", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3595_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for samba USN-3595-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843469\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-14 08:30:51 +0100 (Wed, 14 Mar 2018)\");\n script_cve_id(\"CVE-2018-1057\", \"CVE-2018-1050\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for samba USN-3595-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Bjrn Baumbach discovered that Samba\n incorrectly validated permissions when changing account passwords via LDAP. An\n authenticated attacker could use this issue to change the password of other\n users, including administrators, and perform actions as those users.\n (CVE-2018-1057) It was discovered that Samba incorrectly validated inputs to the\n RPC spoolss service. An authenticated attacker could use this issue to cause the\n service to crash, resulting in a denial of service. (CVE-2018-1050)\");\n script_tag(name:\"affected\", value:\"samba on Ubuntu 17.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3595-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3595-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.10|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.14.04.14\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.3.11+dfsg-0ubuntu0.14.04.14\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.6.7+dfsg-1ubuntu3.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.6.7+dfsg-1ubuntu3.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.16.04.13\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.3.11+dfsg-0ubuntu0.16.04.13\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:16", "description": "Multiple Vulnerabilities in Samba 4.0 onward.", "cvss3": {}, "published": "2018-03-14T00:00:00", "type": "openvas", "title": "Samba 4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-1057"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310113133", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113133", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_samba_mult_vuln.nasl 12120 2018-10-26 11:13:20Z mmartin $\n#\n# Samba 4 Multiple Vulnerabilities\n#\n# Authors:\n# Jan Philipp Schulte <jan.schulte@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, https://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif( description )\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113133\");\n script_version(\"$Revision: 12120 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 13:13:20 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-14 11:45:55 +0100 (Wed, 14 Mar 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-1057\");\n\n script_name(\"Samba 4 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_samba_detect.nasl\");\n script_mandatory_keys(\"samba/smb_or_ssh/detected\");\n\n script_tag(name:\"summary\", value:\"Multiple Vulnerabilities in Samba 4.0 onward.\");\n script_tag(name:\"vuldetect\", value:\"The script checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"There exist two vulnerabilities:\n\n - Samba is vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as\n an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls\n could cause the print spooler service to crash.\n\n - On a Samba AD DC the LDAP server in Samba incorrectly validates permissions to modify passwords over LDAP\n allowing authenticated users to change any other users' passwords, including administrative users and privileged\n service accounts (eg Domain Controllers).\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation would result in effects ranging from Denial of Service to Privilege Escalation,\n eventually allowing an attacker to gain full control over the target system.\");\n\n script_tag(name:\"affected\", value:\"Samba 4.x.x before 4.5.16, 4.6.x before 4.6.14 and 4.7.x before 4.7.6.\");\n\n script_tag(name:\"solution\", value:\"Update to Samba version 4.5.16, 4.6.14 or 4.7.6 respectively.\");\n\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-1050.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-1057.html\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:samba:samba\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( isnull( port = get_app_port( cpe: CPE ) ) ) exit( 0 );\nif( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) ) exit( 0 );\nvers = infos['version'];\nloc = infos['location'];\n\nif( version_in_range( version: vers, test_version: \"4.0.0\", test_version2: \"4.5.15\" ) ) {\n fixed_ver = \"4.5.16\";\n}\n\nif( version_in_range( version: vers, test_version: \"4.6.0\", test_version2: \"4.6.13\" ) ) {\n fixed_ver = \"4.6.14\";\n}\n\nif( version_in_range( version: vers, test_version: \"4.7.0\", test_version2: \"4.7.5\" ) ) {\n fixed_ver = \"4.7.6\";\n}\n\nif( ! isnull( fixed_ver ) ) {\n report = report_fixed_ver( installed_version: vers, fixed_version: fixed_ver, install_path: loc );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-11-20T15:36:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-17T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2019-703e299870", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14833", "CVE-2019-3880", "CVE-2019-14847", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-3870", "CVE-2018-16851", "CVE-2018-16860", "CVE-2019-12435", "CVE-2018-14629", "CVE-2019-10218", "CVE-2018-16841", "CVE-2019-10197", "CVE-2018-16853"], "modified": "2019-11-19T00:00:00", "id": "OPENVAS:1361412562310877013", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877013", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877013\");\n script_version(\"2019-11-19T07:59:35+0000\");\n script_cve_id(\"CVE-2019-10218\", \"CVE-2019-14833\", \"CVE-2019-14847\", \"CVE-2019-10197\", \"CVE-2019-12435\", \"CVE-2018-16860\", \"CVE-2019-3870\", \"CVE-2019-3880\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-11-19 07:59:35 +0000 (Tue, 19 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-17 03:31:56 +0000 (Sun, 17 Nov 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-703e299870\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-703e299870\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKPYHDFI7HRELVXBE5J4MTGSI35AKFBI\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2019-703e299870 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.15~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-01-27T18:40:01", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1780)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16841"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191780", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191780", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1780\");\n script_version(\"2020-01-23T12:22:14+0000\");\n script_cve_id(\"CVE-2018-16841\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:22:14 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:22:14 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1780)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1780\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1780\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-1780 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A double-free was found when Samba's KDC is used as an Active Directory Domain Controller. An authenticated attacker could use this flaw to cause a denial of service (application crash).(CVE-2018-16841)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb\", rpm:\"ctdb~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-tests\", rpm:\"ctdb-tests~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-samba\", rpm:\"python2-samba~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-samba\", rpm:\"python3-samba~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-samba-test\", rpm:\"python3-samba-test~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-dc-libs\", rpm:\"samba-dc-libs~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-krb5-printing\", rpm:\"samba-krb5-printing~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-pidl\", rpm:\"samba-pidl~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-test\", rpm:\"samba-test~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-test-libs\", rpm:\"samba-test-libs~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-krb5-locator\", rpm:\"samba-winbind-krb5-locator~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.9.1~2.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:16", "description": "Samba is prone to a denial of service vulnerability.", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "openvas", "title": "Samba DoS Vulnerability (CVE-2018-16853)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16853"], "modified": "2019-02-07T00:00:00", "id": "OPENVAS:1361412562310141733", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141733", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_samba_dos_vuln1.nasl 13517 2019-02-07 07:51:12Z mmartin $\n#\n# Samba DoS Vulnerability (CVE-2018-16853)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:samba:samba\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141733\");\n script_version(\"$Revision: 13517 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-07 08:51:12 +0100 (Thu, 07 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 10:26:51 +0700 (Thu, 29 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2018-16853\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Samba DoS Vulnerability (CVE-2018-16853)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_samba_detect.nasl\");\n script_mandatory_keys(\"samba/smb_or_ssh/detected\");\n\n script_tag(name:\"summary\", value:\"Samba is prone to a denial of service vulnerability.\");\n\n script_tag(name:\"insight\", value:\"A user in a Samba AD domain can crash the MIT KDC by requesting an S4U2Self\nticket.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Samba 4.7.0 and later.\");\n\n script_tag(name:\"solution\", value:\"Update to version 4.7.12, 4.8.7, 4.9.3 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-16853.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"4.7.0\", test_version2: \"4.7.11\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.7.12\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.8.0\", test_version2: \"4.8.6\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.8.7\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.9.0\", test_version2: \"4.9.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.9.3\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:16", "description": "Samba is prone to a denial of service vulnerability.", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "openvas", "title": "Samba DoS Vulnerability (CVE-2018-16841)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16841"], "modified": "2019-02-07T00:00:00", "id": "OPENVAS:1361412562310141734", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141734", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_samba_dos_vuln2.nasl 13517 2019-02-07 07:51:12Z mmartin $\n#\n# Samba DoS Vulnerability (CVE-2018-16841)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:samba:samba\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141734\");\n script_version(\"$Revision: 13517 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-07 08:51:12 +0100 (Thu, 07 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 10:37:40 +0700 (Thu, 29 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2018-16841\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Samba DoS Vulnerability (CVE-2018-16841)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_samba_detect.nasl\");\n script_mandatory_keys(\"samba/smb_or_ssh/detected\");\n\n script_tag(name:\"summary\", value:\"Samba is prone to a denial of service vulnerability.\");\n\n script_tag(name:\"insight\", value:\"A user with a valid certificate or smart card can crash the Samba AD DC's\nKDC.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Samba 4.3.0 and later.\");\n\n script_tag(name:\"solution\", value:\"Update to version 4.7.12, 4.8.7, 4.9.3 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-16841.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"4.3.0\", test_version2: \"4.7.11\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.7.12\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.8.0\", test_version2: \"4.8.6\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.8.7\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.9.0\", test_version2: \"4.9.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.9.3\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:34:23", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-2484)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10919"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192484", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192484", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2484\");\n script_version(\"2020-01-23T13:01:13+0000\");\n script_cve_id(\"CVE-2018-10919\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:01:13 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:01:13 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-2484)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2484\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2484\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-2484 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.(CVE-2018-10919)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.6.2~8.h9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2019-07-17T14:13:11", "description": "This host is running Samba and is prone\n to a heap based buffer overflow vulnerability.", "cvss3": {}, "published": "2018-08-17T00:00:00", "type": "openvas", "title": "Samba 'libsmbclient' Heap Buffer Overflow Vulnerability - Aug18", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310813782", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813782", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Samba 'libsmbclient' Heap Buffer Overflow Vulnerability - Aug18\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:samba:samba\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813782\");\n script_version(\"2019-07-05T09:54:18+0000\");\n script_cve_id(\"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:54:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-17 12:10:38 +0530 (Fri, 17 Aug 2018)\");\n script_name(\"Samba 'libsmbclient' Heap Buffer Overflow Vulnerability - Aug18\");\n\n script_tag(name:\"summary\", value:\"This host is running Samba and is prone\n to a heap based buffer overflow vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to insufficient input\n validation on client directory listing in libsmbclient.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to conduct a denial of service attack.\");\n\n script_tag(name:\"affected\", value:\"Samba versions 3.2.0 through 4.8.3\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Samba 4.6.16, 4.7.9 or 4.8.4\n or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-10858.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/history/samba-4.6.16.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/history/samba-4.7.9.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/history/samba-4.8.4.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"smb_nativelanman.nasl\", \"gb_samba_detect.nasl\");\n script_mandatory_keys(\"samba/smb_or_ssh/detected\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE))) exit(0);\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\nloc = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"3.2.0\", test_version2:\"4.6.15\")){\n fix = \"4.6.16\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"4.7.0\", test_version2:\"4.7.8\")){\n fix = \"4.7.9\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"4.8.0\", test_version2:\"4.8.3\")){\n fix = \"4.8.4\";\n}\n\nif(fix){\n report = report_fixed_ver( installed_version:vers, fixed_version: fix + \" or apply patch\", install_path:loc);\n security_message( data:report, port:port);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:40:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-18T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for samba (openSUSE-SU-2018:2396-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851862", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851862", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851862\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-18 06:33:39 +0200 (Sat, 18 Aug 2018)\");\n script_cve_id(\"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for samba (openSUSE-SU-2018:2396-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for samba fixes the following issues:\n\n The following security vulnerability was fixed:\n\n - CVE-2018-10858: Fixed insufficient input validation on client directory\n listing in libsmbclient (bsc#1103411)\n\n The following other change was made:\n\n - s3: winbind: Fix 'winbind normalize names' in wb_getpwsid()\n\n - winbind: honor 'winbind use default domain' with empty domain\n (bsc#1087303)\n\n - winbind: do not modify credentials in NTLM passthru (bsc#1068059)\n\n - net: fix net ads keytab handling (bsc#1067700)\n\n - fix vfs_ceph flock stub\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-890=1\");\n\n script_tag(name:\"affected\", value:\"samba on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:2396-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-08/msg00056.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"ctdb\", rpm:\"ctdb~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-debuginfo\", rpm:\"ctdb-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-tests\", rpm:\"ctdb-tests~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-tests-debuginfo\", rpm:\"ctdb-tests-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0\", rpm:\"libdcerpc-binding0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-debuginfo\", rpm:\"libdcerpc-binding0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-devel\", rpm:\"libdcerpc-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr-devel\", rpm:\"libdcerpc-samr-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0\", rpm:\"libdcerpc-samr0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-debuginfo\", rpm:\"libdcerpc-samr0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0\", rpm:\"libdcerpc0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-debuginfo\", rpm:\"libdcerpc0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-devel\", rpm:\"libndr-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac-devel\", rpm:\"libndr-krb5pac-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0\", rpm:\"libndr-krb5pac0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-debuginfo\", rpm:\"libndr-krb5pac0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt-devel\", rpm:\"libndr-nbt-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0\", rpm:\"libndr-nbt0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-debuginfo\", rpm:\"libndr-nbt0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard-devel\", rpm:\"libndr-standard-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0\", rpm:\"libndr-standard0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-debuginfo\", rpm:\"libndr-standard0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0\", rpm:\"libndr0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-debuginfo\", rpm:\"libndr0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-debuginfo\", rpm:\"libnetapi0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials-devel\", rpm:\"libsamba-credentials-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0\", rpm:\"libsamba-credentials0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-debuginfo\", rpm:\"libsamba-credentials0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors-devel\", rpm:\"libsamba-errors-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0\", rpm:\"libsamba-errors0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-debuginfo\", rpm:\"libsamba-errors0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig-devel\", rpm:\"libsamba-hostconfig-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0\", rpm:\"libsamba-hostconfig0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-debuginfo\", rpm:\"libsamba-hostconfig0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb-devel\", rpm:\"libsamba-passdb-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0\", rpm:\"libsamba-passdb0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-debuginfo\", rpm:\"libsamba-passdb0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy-devel\", rpm:\"libsamba-policy-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0\", rpm:\"libsamba-policy0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-debuginfo\", rpm:\"libsamba-policy0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util-devel\", rpm:\"libsamba-util-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0\", rpm:\"libsamba-util0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-debuginfo\", rpm:\"libsamba-util0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb-devel\", rpm:\"libsamdb-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0\", rpm:\"libsamdb0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-debuginfo\", rpm:\"libsamdb0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo\", rpm:\"libsmbclient0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf-devel\", rpm:\"libsmbconf-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0\", rpm:\"libsmbconf0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-debuginfo\", rpm:\"libsmbconf0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap-devel\", rpm:\"libsmbldap-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap0\", rpm:\"libsmbldap0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap0-debuginfo\", rpm:\"libsmbldap0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util-devel\", rpm:\"libtevent-util-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0\", rpm:\"libtevent-util0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-debuginfo\", rpm:\"libtevent-util0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo\", rpm:\"libwbclient0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo\", rpm:\"samba-client-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-core-devel\", rpm:\"samba-core-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debugsource\", rpm:\"samba-debugsource~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-debuginfo\", rpm:\"samba-libs-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-pidl\", rpm:\"samba-pidl~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python-debuginfo\", rpm:\"samba-python-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-test\", rpm:\"samba-test~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-test-debuginfo\", rpm:\"samba-test-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo\", rpm:\"samba-winbind-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-32bit\", rpm:\"libdcerpc-binding0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-debuginfo-32bit\", rpm:\"libdcerpc-binding0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-32bit\", rpm:\"libdcerpc-samr0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-debuginfo-32bit\", rpm:\"libdcerpc-samr0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-32bit\", rpm:\"libdcerpc0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-debuginfo-32bit\", rpm:\"libdcerpc0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-32bit\", rpm:\"libndr-krb5pac0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-debuginfo-32bit\", rpm:\"libndr-krb5pac0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-32bit\", rpm:\"libndr-nbt0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-debuginfo-32bit\", rpm:\"libndr-nbt0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-32bit\", rpm:\"libndr-standard0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-debuginfo-32bit\", rpm:\"libndr-standard0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-32bit\", rpm:\"libndr0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-debuginfo-32bit\", rpm:\"libndr0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-32bit\", rpm:\"libnetapi0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-debuginfo-32bit\", rpm:\"libnetapi0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-32bit\", rpm:\"libsamba-credentials0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-debuginfo-32bit\", rpm:\"libsamba-credentials0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-32bit\", rpm:\"libsamba-errors0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-debuginfo-32bit\", rpm:\"libsamba-errors0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-32bit\", rpm:\"libsamba-hostconfig0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-debuginfo-32bit\", rpm:\"libsamba-hostconfig0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-32bit\", rpm:\"libsamba-passdb0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-debuginfo-32bit\", rpm:\"libsamba-passdb0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-32bit\", rpm:\"libsamba-policy0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-debuginfo-32bit\", rpm:\"libsamba-policy0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-32bit\", rpm:\"libsamba-util0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-debuginfo-32bit\", rpm:\"libsamba-util0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-32bit\", rpm:\"libsamdb0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-debuginfo-32bit\", rpm:\"libsamdb0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-32bit\", rpm:\"libsmbclient0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo-32bit\", rpm:\"libsmbclient0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-32bit\", rpm:\"libsmbconf0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-debuginfo-32bit\", rpm:\"libsmbconf0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap0-32bit\", rpm:\"libsmbldap0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap0-debuginfo-32bit\", rpm:\"libsmbldap0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-32bit\", rpm:\"libtevent-util0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-debuginfo-32bit\", rpm:\"libtevent-util0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-32bit\", rpm:\"libwbclient0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo-32bit\", rpm:\"libwbclient0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-ceph\", rpm:\"samba-ceph~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-ceph-debuginfo\", rpm:\"samba-ceph-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo-32bit\", rpm:\"samba-client-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-32bit\", rpm:\"samba-libs-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-debuginfo-32bit\", rpm:\"samba-libs-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo-32bit\", rpm:\"samba-winbind-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:50", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-04-30T01:41:00", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: samba-4.8.11-0.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16853", "CVE-2019-3880"], "modified": "2019-04-30T01:41:00", "id": "FEDORA:D5AF26049ECF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HSRLRO7BPRFETVFZ4TVJL2VFZEPHKJY4/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-12-02T07:37:56", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: samba-4.8.7-0.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16853"], "modified": "2018-12-02T07:37:56", "id": "FEDORA:80C5D6057708", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/O6CDGPQKS2VCHWPTF4BNRGR5Y5AV7NWW/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-20T18:43:27", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: samba-4.8.4-0.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2018-08-20T18:43:27", "id": "FEDORA:6B54A611D00B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JLO2ZIZN3LCSYBMKQC6WDL5AJYSE2UG2/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-20T18:43:27", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: libldb-1.4.0-3.fc28.1.3.5", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2018-08-20T18:43:27", "id": "FEDORA:28A79611A8DC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UMELAF56SFMIHXRXGSB7LFC6JJDUHRUA/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-22T00:46:40", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: samba-4.7.9-0.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14746", "CVE-2017-15275", "CVE-2018-1050", "CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2018-08-22T00:46:40", "id": "FEDORA:9951F624F57A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7YJYQHQW2OGFNOT7P6SZ5G7A4EDHC2ND/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-04-16T04:05:09", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.6-0.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2019-3870", "CVE-2019-3880"], "modified": "2019-04-16T04:05:09", "id": "FEDORA:2D34260A7563", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6354GALK73CZWQKFUG7AWB6EIEGFMF62/", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:37", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-02T08:28:26", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.3-0.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857"], "modified": "2018-12-02T08:28:26", "id": "FEDORA:7681F605F904", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RZQ6ORDPCGDR4IZCRLBSB5LHT6NLZQBO/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-18T03:21:47", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.8-0.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2018-16860", "CVE-2019-3870", "CVE-2019-3880"], "modified": "2019-05-18T03:21:47", "id": "FEDORA:60770610D7D4", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OM5TYKT3Y2N2WB5QQKKEFQAF752FN3JJ/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-20T03:47:09", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.11-0.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2018-16860", "CVE-2019-12435", "CVE-2019-3870", "CVE-2019-3880"], "modified": "2019-07-20T03:47:09", "id": "FEDORA:18CD06266DFD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QSG3TLPZP35RH5DWAIDC7MHXRK5DFKOE/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-03-14T19:40:43", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: libldb-1.3.2-1.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-1057"], "modified": "2018-03-14T19:40:43", "id": "FEDORA:E8EF462A6DE0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TSEA6GWWGBHUTR2IVCLHKI5VCXTHRA3U/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-03-20T17:38:39", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: samba-4.6.14-0.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-1057"], "modified": "2018-03-20T17:38:39", "id": "FEDORA:907E86048FEE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3W6SCHFMINJOBDMPSQTSDO2ZG2AX67PC/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2019-09-19T01:53:43", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.13-0.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2018-16860", "CVE-2019-10197", "CVE-2019-12435", "CVE-2019-3870", "CVE-2019-3880"], "modified": "2019-09-19T01:53:43", "id": "FEDORA:7C7AD6076F44", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/56ZUXHGDHPM7S6RVAKULZT5EATS37OKA/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-03-14T19:40:44", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: samba-4.7.6-0.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-1057"], "modified": "2018-03-14T19:40:44", "id": "FEDORA:64B3F629453D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/W4YHPBMSDW7MNTSL66Q2USGUGNTJKIW5/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2019-11-15T03:20:51", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.15-0.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2018-16860", "CVE-2019-10197", "CVE-2019-10218", "CVE-2019-12435", "CVE-2019-14833", "CVE-2019-14847", "CVE-2019-3870", "CVE-2019-3880"], "modified": "2019-11-15T03:20:51", "id": "FEDORA:2E1DE608BFF0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OKPYHDFI7HRELVXBE5J4MTGSI35AKFBI/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "suse": [{"lastseen": "2018-08-17T15:01:24", "description": "This update for samba fixes the following issues:\n\n The following security vulnerabilities were fixed:\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it;\n (bsc#1095048)\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with\n escapes crashes; (bsc#1095056)\n - CVE-2018-10919: Confidential attribute disclosure via substring search;\n (bsc#1095057)\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer\n overflow; (bsc#1103411)\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user\n without a SPN; (bsc#1103414)\n\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-08-17T12:12:13", "type": "suse", "title": "Security update for samba (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-10918"], "modified": "2018-08-17T12:12:13", "id": "OPENSUSE-SU-2018:2400-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-08/msg00059.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-17T15:01:24", "description": "This update for samba fixes the following issues:\n\n The following security vulnerability was fixed:\n\n - CVE-2018-10858: Fixed insufficient input validation on client directory\n listing in libsmbclient; (bsc#1103411);\n\n The following other change was made:\n\n - s3: winbind: Fix 'winbind normalize names' in wb_getpwsid();\n - winbind: honor &quot;winbind use default domain&quot; with empty domain\n (bsc#1087303)\n - winbind: do not modify credentials in NTLM passthru (bsc#1068059)\n - net: fix net ads keytab handling (bsc#1067700)\n - fix vfs_ceph flock stub\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n", "cvss3": {}, "published": "2018-08-17T12:07:57", "type": "suse", "title": "Security update for samba (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-10858"], "modified": "2018-08-17T12:07:57", "id": "OPENSUSE-SU-2018:2396-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-08/msg00056.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "ibm": [{"lastseen": "2023-02-22T01:46:44", "description": "## Summary\n\nThere are multiple security vulnerabilities in Samba that affect IBM Spectrum Protect Plus. These vulnerabilities may result in potential information disclosure, denial of service, or execution of arbitrary code on the system. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-1139](<https://vulners.com/cve/CVE-2018-1139>) \n**DESCRIPTION:** Samba could allow a remote attacker to obtain information, caused by the use of weak NTLMv1 authentication over an SMB1 transport. An attacker could exploit this vulnerability using man-in-the-middle techniques to read details passed between the samba server and client. \nCVSS Base Score: 5.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148707> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-1140](<https://vulners.com/cve/CVE-2018-1140>) \n**DESCRIPTION:** Samba is vulnerable to a denial of service, caused by missing NULL pointer checks on some of the input parameters to the implementation of LDP database. If Samba is in an Active Directory Domain Controller configuration, a remote attacker could exploit this vulnerability to cause the LDAP server and DNS server to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148706> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10858](<https://vulners.com/cve/CVE-2018-10858>) \n**DESCRIPTION:** Samba is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148710> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-10918](<https://vulners.com/cve/CVE-2018-10918>) \n**DESCRIPTION:** Samba is vulnerable to a denial of service, caused by a NULL pointer dereference when checking database outputs from the LDB database layer. If Samba is in an Active Directory Domain Controller configuration, a remote attacker could exploit this vulnerability to cause the \"samba\" process to crash. \nCVSS Base Score: 5.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148709> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10919](<https://vulners.com/cve/CVE-2018-10919>) \n**DESCRIPTION:** Samba could allow a remote attacker to obtain information, caused by missing access control checks in the Active Directory LDAP server. An attacker could exploit this vulnerability using authenticated LDAP search expressions to obtain confidential attribute values. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148708> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Spectrum Protect Plus versions 10.1.0 through 10.1.2.\n\n## Remediation/Fixes\n\n**_IBM Spectrum Protect Plus Release_**\n\n| **_First Fixing \nVRM Level_** | **_Platform_** | **_Link to Fix / Fix Availability Target_** \n---|---|---|--- \n \n10.1\n\n| 10.1.3 | Linux | \n\n[https://www.ibm.com/support/docview.wss?uid=ibm10743897](<https://www.ibm.com/support/docview.wss?uid=ibm10743897 >) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-26T19:00:01", "type": "ibm", "title": "Security Bulletin: Multiple Samba vulnerabilities affect IBM Spectrum Protect Plus (CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2019-02-26T19:00:01", "id": "C6ADA288A87D604AB7D198ABC38D3CC47C47074116F90BDEF9BF22DF090C9534", "href": "https://www.ibm.com/support/pages/node/796402", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:42:53", "description": "## Summary\n\nSamba is supported on IBM i. IBM i has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-10918](<https://vulners.com/cve/CVE-2018-10918>) \n**DESCRIPTION:** Samba is vulnerable to a denial of service, caused by a NULL pointer dereference when checking database outputs from the LDB database layer. If Samba is in an Active Directory Domain Controller configuration, a remote attacker could exploit this vulnerability to cause the \"samba\" process to crash. \nCVSS Base Score: 5.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148709> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1139](<https://vulners.com/cve/CVE-2018-1139>) \n**DESCRIPTION:** Samba could allow a remote attacker to obtain sensitive information, caused by the use of weak NTLMv1 authentication over an SMB1 transport. An attacker could exploit this vulnerability using man-in-the-middle techniques to read details passed between the samba server and client. \nCVSS Base Score: 5.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148707> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-10919](<https://vulners.com/cve/CVE-2018-10919>) \n**DESCRIPTION:** Samba could allow a remote attacker to obtain sensitive information, caused by missing access control checks in the Active Directory LDAP server. An attacker could exploit this vulnerability using authenticated LDAP search expressions to obtain confidential attribute values. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148708> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-10858](<https://vulners.com/cve/CVE-2018-10858>) \n**DESCRIPTION:** Samba is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148710> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-1140](<https://vulners.com/cve/CVE-2018-1140>) \n**DESCRIPTION:** Samba is vulnerable to a denial of service, caused by missing NULL pointer checks on some of the input parameters to the implementation of LDP database. If Samba is in an Active Directory Domain Controller configuration, a remote attacker could exploit this vulnerability to cause the LDAP server and DNS server to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148706> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nReleases 7.2 and 7.3 of IBM are affected.\n\n## Remediation/Fixes\n\nThe issue can be fixed by applying a PTF to the IBM i Operating System.\n\nReleases 7.2 and 7.3 of IBM i are supported and will be fixed.\n\n<https://www-945.ibm.com/support/fixcentral/>\n\nThe IBM i PTF numbers are:\n\n**Release 7.2 **\\- SI68291\n\n**Release 7.3** \\- SI68292\n\n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-18T14:26:38", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Samba affect IBM i", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2019-12-18T14:26:38", "id": "FF8DCAF5269CDB0552E4DD23632ECE05975BD0C298A785C73A2CD22105F5CB55", "href": "https://www.ibm.com/support/pages/node/730345", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:48:55", "description": "## Summary\n\nPublicly disclosed Samba vulnerabilities\n\n## Vulnerability Details\n\n**CVEID: ** [CVE-2018-10858](<https://vulners.com/cve/CVE-2018-10858>) \n**Description: **Samba is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n**CVSS Base Score: **7.3 \n**CVSS Temporal Score: ** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148710> for the current score \n**CVSS Environmental Score: ***Undefined \n**CVSS Vector: **CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L \n \n**CVEID: ** [CVE-2018-1139](<https://vulners.com/cve/CVE-2018-1139>) \n**Description: **Samba could allow a remote attacker to obtain sensitive information, caused by the use of weak NTLMv1 authentication over an SMB1 transport. An attacker could exploit this vulnerability using man-in-the-middle techniques to read details passed between the samba server and client. \n**CVSS Base Score: **5.4 \n**CVSS Temporal Score: ** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148707> for the current score \n**CVSS Environmental Score: ***Undefined \n**CVSS Vector: **CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N \n\n\n## Affected Products and Versions\n\n * IBM QRadar SIEM 7.3.0 - 7.3.1 Patch 7\n\n## Remediation/Fixes\n\n * [QRadar / QRM / QVM / QRIF / QNI 7.3.1 Patch 8](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Vulnerability+Manager&release=All&platform=All&function=fixId&fixids=7.3.1-QRADAR-QRSIEM-20190228154648&includeRequisites=1&includeSupersedes=0&downloadMethod=http>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-05T18:15:01", "type": "ibm", "title": "Security Bulletin: IBM QRadar SIEM is vulnerable to Publicly disclosed Samba vulnerabilities (CVE-2018-10858, CVE-2018-1139)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-1139"], "modified": "2019-03-05T18:15:01", "id": "DF2732B37749E838D568058735FFDC547A56C12DBE652124924CA2895A6EAA3F", "href": "https://www.ibm.com/support/pages/node/874886", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:42:52", "description": "## Summary\n\nSamba is supported on IBM i. IBM i has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2018-1050_](<https://vulners.com/cve/CVE-2018-1050>) \n**DESCRIPTION:** Samba is vulnerable to a denial of service, caused by missing null pointer checks on some of the input parameters. By sending specially RPC calls to the ''spoolss'' service, a remote attacker could exploit this vulnerability to cause the print spooler service to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/140206_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/140206>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2018-1057_](<https://vulners.com/cve/CVE-2018-1057>) \n**DESCRIPTION:** Samba could allow a remote authenticated attacker to bypass security restrictions, caused by the improper validation of permissions when modifying passwords by the LDAP server on an Active Directory (AD) domain controller (DC). An attacker could exploit this vulnerability to modify the passwords of other users including administrative users. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/140207_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/140207>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nReleases 7.2 and 7.3 of IBM i are affected. \n\n## Remediation/Fixes\n\nThe issue can be fixed by applying a PTF to the IBM i Operating System. \n \nReleases 7.2 and 7.3 of IBM i are supported and will be fixed. \n\n[_http://www-933.ibm.com/support/fixcentral/_](<http://www-933.ibm.com/support/fixcentral/>)\n\n \nThe IBM i PTF numbers are: \n \n**Release 7.2 \u2013 SI67329** \n**Release 7.3 \u2013 SI67330** \n \n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-18T14:26:38", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Samba affect IBM i", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-1057"], "modified": "2019-12-18T14:26:38", "id": "1470A0982BD933EDD6F15CD787E95F92B6D097998E834E22092FDC651BC388B0", "href": "https://www.ibm.com/support/pages/node/688009", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:46:21", "description": "## Summary\n\nA Samba vulnerability affects IBM Spectrum Scale SMB protocol access method to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-10858](<https://vulners.com/cve/CVE-2018-10858>) \n**DESCRIPTION:** Samba is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148710> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM Spectrum Scale V5.0.0.0 thru V5.0.2.0\n\nIBM Spectrum Scale V4.2.0.0 thru V4.2.3.10\n\nIBM Spectrum Scale V4.1.1.0 thru V4.1.1.20\n\n## Remediation/Fixes\n\nFor IBM Spectrum Scale V5.0.0.0 thru V5.0.2.0, apply V5.0.2.1 available from FixCentral at \n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&amp;product=ibm/StorageSoftware/IBM+Spectrum+Scale&amp;release=5.0.2&amp;platform=All&amp;function=all](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=5.0.2&platform=All&function=all>) \n \nFor IBM Spectrum Scale V4.2.0.0 thru V4.2.3.10, apply V4.2.3.11 available from FixCentral at \n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&amp;product=ibm/StorageSoftware/IBM+Spectrum+Scale&amp;release=4.2.3&amp;platform=All&amp;function=all](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=4.2.3&platform=All&function=all>) \n \nFor IBM Spectrum Scale V4.1.0.0 (GPFS) thru V4.1.1.20, apply V4.1.1.21 available from FixCentral at \n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%2Bdefined%2Bstorage&amp;product=ibm/StorageSoftware/IBM+Spectrum+Scale&amp;release=4.1.1&amp;platform=All&amp;function=all](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%2Bdefined%2Bstorage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=4.1.1&platform=All&function=all>) \n \nIf you cannot apply the latest level of service, contact IBM Service for an efix\n\n * IBM Specrum Scale V5.0.0.0 thru V5.0.2.0, reference APAR IJ09591\n * IBM Spectrum Scale 4.2.0.0 thru 4.2.3.10, reference APAR IJ09590\n * IBM Spectrum Scale 4.1.0.0 thru 4.1.1.20, reference APAR IJ09563\n\n \n \nTo contact IBM Service, see [_http://www.ibm.com/planetwide/_](<http://www.ibm.com/planetwide/>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-30T07:40:02", "type": "ibm", "title": "Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2018-10858)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2018-10-30T07:40:02", "id": "DB12F66FB174F7639D4040E533C9C3C2B38EB2659C60753763F3D5DF7F1BDD5D", "href": "https://www.ibm.com/support/pages/node/732876", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-07-18T15:45:39", "description": "The samba project reports :\n\nSamba releases 4.7.0 to 4.8.3 (inclusive) contain an error which allows authentication using NTLMv1 over an SMB1 transport (either directory or via NETLOGON SamLogon calls from a member server), even when NTLMv1 is explicitly disabled on the server.\n\nMissing input sanitization checks on some of the input parameters to LDB database layer cause the LDAP server and DNS server to crash when following a NULL pointer.\n\nSamba releases 3.2.0 to 4.8.3 (inclusive) contain an error in libsmbclient that could allow a malicious server to overwrite client heap memory by returning an extra long filename in a directory listing.\n\nMissing database output checks on the returned directory attributes from the LDB database layer cause the DsCrackNames call in the DRSUAPI server to crash when following a NULL pointer.\n\nAll versions of the Samba Active Directory LDAP server from 4.0.0 onwards are vulnerable to the disclosure of confidential attribute values, both of attributes where the schema SEARCH_FLAG_CONFIDENTIAL (0x80) searchFlags bit and where an explicit Access Control Entry has been specified on the ntSecurityDescriptor.", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "FreeBSD : samba -- multiple vulnerabilities (c4e9a427-9fc2-11e8-802a-000c29a1e3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:samba46", "p-cpe:/a:freebsd:freebsd:samba47", "p-cpe:/a:freebsd:freebsd:samba48", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C4E9A4279FC211E8802A000C29A1E3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/111722", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111722);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:47\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n\n script_name(english:\"FreeBSD : samba -- multiple vulnerabilities (c4e9a427-9fc2-11e8-802a-000c29a1e3ec)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The samba project reports :\n\nSamba releases 4.7.0 to 4.8.3 (inclusive) contain an error which\nallows authentication using NTLMv1 over an SMB1 transport (either\ndirectory or via NETLOGON SamLogon calls from a member server), even\nwhen NTLMv1 is explicitly disabled on the server.\n\nMissing input sanitization checks on some of the input parameters to\nLDB database layer cause the LDAP server and DNS server to crash when\nfollowing a NULL pointer.\n\nSamba releases 3.2.0 to 4.8.3 (inclusive) contain an error in\nlibsmbclient that could allow a malicious server to overwrite client\nheap memory by returning an extra long filename in a directory\nlisting.\n\nMissing database output checks on the returned directory attributes\nfrom the LDB database layer cause the DsCrackNames call in the DRSUAPI\nserver to crash when following a NULL pointer.\n\nAll versions of the Samba Active Directory LDAP server from 4.0.0\nonwards are vulnerable to the disclosure of confidential attribute\nvalues, both of attributes where the schema SEARCH_FLAG_CONFIDENTIAL\n(0x80) searchFlags bit and where an explicit Access Control Entry has\nbeen specified on the ntSecurityDescriptor.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-1139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-1140.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-10858.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-10918.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-10919.html\"\n );\n # https://vuxml.freebsd.org/freebsd/c4e9a427-9fc2-11e8-802a-000c29a1e3ec.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b8245a72\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba46\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba47\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba48\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"samba46<4.6.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba47<4.7.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba48<4.8.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-19T16:03:50", "description": "This update for samba fixes the following issues: The following security vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user without a SPN; (bsc#1103414)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2018:2318-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2020-03-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-devel", "p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt-devel", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard-devel", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi-devel", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials-devel", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors-devel", "p-cpe:/a:novell:suse_linux:libsamba-errors0", "p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb-devel", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-policy-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy0", "p-cpe:/a:novell:suse_linux:libsamba-util-devel", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamdb-devel", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient-devel", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf-devel", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap-devel", "p-cpe:/a:novell:suse_linux:libsmbldap2", "p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util-devel", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient-devel", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:samba-core-devel", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-2318-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120077", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2318-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120077);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/18\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2018:2318-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for samba fixes the following issues: The following\nsecurity vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't\n allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and\n DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via\n substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a\n subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames\n on a user without a SPN; (bsc#1103414)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103414\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10858/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10918/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10919/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1139/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1140/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182318-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9d1de0a9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-1555=1\n\nSUSE Linux Enterprise High Availability 15:zypper in -t patch\nSUSE-SLE-Product-HA-15-2018-1555=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-binding0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-binding0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-policy-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-policy0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap2-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap2-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-client-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-client-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-core-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-debugsource-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-libs-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-libs-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-winbind-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-winbind-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-binding0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-binding0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-policy-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-policy0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap2-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap2-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-client-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-client-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-core-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-debugsource-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-libs-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-libs-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-winbind-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-winbind-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:46:38", "description": "Update to Samba 4.7.9, Security fix for CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-08-22T00:00:00", "type": "nessus", "title": "Fedora 27 : 2:samba (2018-8e4d871867)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:samba", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-8E4D871867.NASL", "href": "https://www.tenable.com/plugins/nessus/112051", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-8e4d871867.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(112051);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n script_xref(name:\"FEDORA\", value:\"2018-8e4d871867\");\n\n script_name(english:\"Fedora 27 : 2:samba (2018-8e4d871867)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Samba 4.7.9, Security fix for CVE-2018-1139, CVE-2018-1140,\nCVE-2018-10858, CVE-2018-10918, CVE-2018-10919\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-8e4d871867\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:samba package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"samba-4.7.9-0.fc27\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-19T16:16:53", "description": "This update for samba fixes the following issues :\n\nThe following security vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user without a SPN; (bsc#1103414)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : samba (openSUSE-2019-617)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-tests", "p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac0", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt-devel", "p-cpe:/a:novell:opensuse:libndr-nbt0", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard-devel", "p-cpe:/a:novell:opensuse:libndr-standard0", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo", "p-cpe:/a:novell:opensuse:libndr0", "p-cpe:/a:novell:opensuse:libndr0-32bit", "p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi-devel", "p-cpe:/a:novell:opensuse:libnetapi0", "p-cpe:/a:novell:opensuse:libnetapi0-32bit", "p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials-devel", "p-cpe:/a:novell:opensuse:libsamba-credentials0", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors-devel", "p-cpe:/a:novell:opensuse:libsamba-errors0", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb-devel", "p-cpe:/a:novell:opensuse:libsamba-passdb0", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamba-policy0", "p-cpe:/a:novell:opensuse:libsamba-policy0-32bit", "p-cpe:/a:novell:opensuse:libsamba-policy0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util-devel", "p-cpe:/a:novell:opensuse:libsamba-util0", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb-devel", "p-cpe:/a:novell:opensuse:libsamdb0", "p-cpe:/a:novell:opensuse:libsamdb0-32bit", "p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient-devel", "p-cpe:/a:novell:opensuse:libsmbclient0", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf-devel", "p-cpe:/a:novell:opensuse:libsmbconf0", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap-devel", "p-cpe:/a:novell:opensuse:libsmbldap2", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util-devel", "p-cpe:/a:novell:opensuse:libtevent-util0", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient-devel", "p-cpe:/a:novell:opensuse:libwbclient0", "p-cpe:/a:novell:opensuse:libwbclient0-32bit", "p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:samba-ceph-debuginfo", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-debuginfo", "p-cpe:/a:novell:opensuse:samba-core-devel", "p-cpe:/a:novell:opensuse:samba-debuginfo", "p-cpe:/a:novell:opensuse:samba-debugsource", "p-cpe:/a:novell:opensuse:samba-dsdb-modules", "p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo", "p-cpe:/a:novell:opensuse:samba-kdc", "p-cpe:/a:novell:opensuse:samba-kdc-32bit", "p-cpe:/a:novell:opensuse:samba-kdc-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-kdc-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-debuginfo", "p-cpe:/a:novell:opensuse:samba-pidl", "p-cpe:/a:novell:opensuse:samba-python", "p-cpe:/a:novell:opensuse:samba-python-debuginfo", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:samba-test-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:samba-winbind-32bit", "p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-617.NASL", "href": "https://www.tenable.com/plugins/nessus/123268", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-617.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123268);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n\n script_name(english:\"openSUSE Security Update : samba (openSUSE-2019-617)\");\n script_summary(english:\"Check for the openSUSE-2019-617 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for samba fixes the following issues :\n\nThe following security vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't\n allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and\n DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via\n substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a\n subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames\n on a user without a SPN; (bsc#1103414)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103414\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-pcp-pmda-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-pcp-pmda-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-tests-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-tests-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-binding0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-binding0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap2-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap2-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-client-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-client-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-core-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-debugsource-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-dsdb-modules-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-dsdb-modules-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-kdc-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-kdc-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-libs-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-libs-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-pidl-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-python-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-python-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-test-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-test-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-winbind-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-winbind-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-policy0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-policy0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-ceph-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-client-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-kdc-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-kdc-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-debuginfo / ctdb-pcp-pmda / ctdb-pcp-pmda-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:00:50", "description": "Update to Samba 4.8.4, Security fix for CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : 2:samba / libldb (2018-bc22d6c7bc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:samba", "p-cpe:/a:fedoraproject:fedora:libldb", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-BC22D6C7BC.NASL", "href": "https://www.tenable.com/plugins/nessus/120746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-bc22d6c7bc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120746);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n script_xref(name:\"FEDORA\", value:\"2018-bc22d6c7bc\");\n\n script_name(english:\"Fedora 28 : 2:samba / libldb (2018-bc22d6c7bc)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Samba 4.8.4, Security fix for CVE-2018-1139, CVE-2018-1140,\nCVE-2018-10858, CVE-2018-10918, CVE-2018-10919\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc22d6c7bc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:samba and / or libldb packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"samba-4.8.4-0.fc28\", epoch:\"2\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"libldb-1.4.0-3.fc28.1.3.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:samba / libldb\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:12", "description": "This update for samba fixes the following issues :\n\nUpdate to samba version 4.7.11.\n\nSecurity issues fixed :\n\nCVE-2018-14629: Fixed CNAME loops in Samba AD DC DNS server (bsc#1116319).\n\nCVE-2018-16841: Fixed segfault on PKINIT when mis-matching principal (bsc#1116320).\n\nCVE-2018-16851: Fixed NULL pointer de-reference in Samba AD DC LDAP server (bsc#1116322).\n\nCVE-2018-16853: Mark MIT support for the AD DC experimental (bsc#1116324).\n\nNon-security issues fixed: Fixed do not take over stderr when there is no log file (bsc#1101499).\n\nFixed ctdb_mutex_ceph_rados_helper deadlock; (bsc#1102230).\n\nFixed ntlm authentications with 'winbind use default domain = yes';\n(bsc#1068059).\n\nFixed idmap_rid to have primary group other than 'Domain Users';\n(bsc#1087931).\n\nFixed windows domain with one way trust that was not working (bsc#1087303).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2018:4066-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16853"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ctdb-pcp-pmda", "p-cpe:/a:novell:suse_linux:ctdb-pcp-pmda-debuginfo", "p-cpe:/a:novell:suse_linux:ctdb-tests", "p-cpe:/a:novell:suse_linux:ctdb-tests-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-devel", "p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt-devel", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard-devel", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi-devel", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials-devel", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors-devel", "p-cpe:/a:novell:suse_linux:libsamba-errors0", "p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb-devel", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-policy-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy0", "p-cpe:/a:novell:suse_linux:libsamba-util-devel", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamdb-devel", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient-devel", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf-devel", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap-devel", "p-cpe:/a:novell:suse_linux:libsmbldap2", "p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util-devel", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient-devel", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:samba-core-devel", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:samba-python", "p-cpe:/a:novell:suse_linux:samba-test", "p-cpe:/a:novell:suse_linux:samba-test-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-4066-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120184", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:4066-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120184);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16853\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2018:4066-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for samba fixes the following issues :\n\nUpdate to samba version 4.7.11.\n\nSecurity issues fixed :\n\nCVE-2018-14629: Fixed CNAME loops in Samba AD DC DNS server\n(bsc#1116319).\n\nCVE-2018-16841: Fixed segfault on PKINIT when mis-matching principal\n(bsc#1116320).\n\nCVE-2018-16851: Fixed NULL pointer de-reference in Samba AD DC LDAP\nserver (bsc#1116322).\n\nCVE-2018-16853: Mark MIT support for the AD DC experimental\n(bsc#1116324).\n\nNon-security issues fixed: Fixed do not take over stderr when there is\nno log file (bsc#1101499).\n\nFixed ctdb_mutex_ceph_rados_helper deadlock; (bsc#1102230).\n\nFixed ntlm authentications with 'winbind use default domain = yes';\n(bsc#1068059).\n\nFixed idmap_rid to have primary group other than 'Domain Users';\n(bsc#1087931).\n\nFixed windows domain with one way trust that was not working\n(bsc#1087303).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14629/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16841/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16851/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16853/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20184066-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d47dd622\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Packagehub Subpackages 15:zypper in\n-t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2018-2888=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2018-2888=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-2888=1\n\nSUSE Linux Enterprise High Availability 15:zypper in -t patch\nSUSE-SLE-Product-HA-15-2018-2888=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16853\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb-pcp-pmda-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ctdb-pcp-pmda-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ctdb-pcp-pmda-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ctdb-tests-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ctdb-tests-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-binding0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-binding0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-policy-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-policy0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap2-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap2-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-client-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-client-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-core-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-debugsource-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-libs-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-libs-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-python-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-test-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-test-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-winbind-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-winbind-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ctdb-pcp-pmda-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ctdb-pcp-pmda-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ctdb-tests-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ctdb-tests-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-binding0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-binding0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-policy-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-policy0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap2-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap2-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-client-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-client-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-core-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-debugsource-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-libs-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-libs-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-python-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-test-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-test-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-winbind-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-winbind-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:44:09", "description": "The version of Samba running on the remote host is 4.6.x prior to 4.6.16, or 4.7.x prior to 4.7.9, or 4.8.x prior to 4.8.4. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {}, "published": "2018-08-17T00:00:00", "type": "nessus", "title": "4.6.x < 4.6.16 / 4.7.x < 4.7.9 / 4.8.x < 4.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2019-11-04T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_4_6_15.NASL", "href": "https://www.tenable.com/plugins/nessus/111974", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111974);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/04\");\n\n script_cve_id(\n \"CVE-2018-1139\",\n \"CVE-2018-1140\",\n \"CVE-2018-10858\",\n \"CVE-2018-10918\",\n \"CVE-2018-10919\"\n );\n script_bugtraq_id(\n 105081,\n 105082,\n 105083,\n 105084,\n 105085\n );\n\n script_name(english:\"4.6.x < 4.6.16 / 4.7.x < 4.7.9 / 4.8.x < 4.8.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Samba.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Samba running on the remote host is 4.6.x prior to \n4.6.16, or 4.7.x prior to 4.7.9, or 4.8.x prior to 4.8.4. It is,\ntherefore, affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-1139.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-1140.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-10919.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-10918.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-10858.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Samba version 4.6.16 / 4.7.9 / 4.8.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\nlanman = get_kb_item_or_exit(\"SMB/NativeLanManager\");\n\nif (\"Samba \" >!< lanman) audit(AUDIT_NOT_LISTEN, \"Samba\", port);\n\nversion = lanman - 'Samba ';\n\nif (version =~ \"^4(\\.[0-8])?$\")\n audit(AUDIT_VER_NOT_GRANULAR, \"Samba\", port, version);\n\nfix = NULL;\n\nregexes = make_array(-2, \"a(\\d+)\", -1, \"rc(\\d+)\");\n\n# Affected :\n# Note versions prior to 4.4 are EoL\n# 4.6.x < 4.6.16\n# 4.7.x < 4.7.9\n# 4.8.x < 4.8.4\nif (version =~ \"^4\\.6\\.\")\n fix = '4.6.16';\nelse if (version =~ \"^4\\.7\\.\")\n fix = '4.7.9';\nelse if (version =~ \"^4\\.8\\.\")\n fix = '4.8.4';\n\nif ( !isnull(fix) &&\n (ver_compare(ver:version, fix:fix, regexes:regexes) < 0) &&\n (ver_compare(ver:version, fix:'4.0.0', regexes:regexes) >= 0) )\n{\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_report_v4(port:port, severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Samba\", port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:44:38", "description": "This update for samba fixes the following issues :\n\nThe following security vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user without a SPN; (bsc#1103414)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2018-08-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : samba (openSUSE-2018-891)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-tests", "p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac0", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt-devel", "p-cpe:/a:novell:opensuse:libndr-nbt0", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard-devel", "p-cpe:/a:novell:opensuse:libndr-standard0", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo", "p-cpe:/a:novell:opensuse:libndr0", "p-cpe:/a:novell:opensuse:libndr0-32bit", "p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi-devel", "p-cpe:/a:novell:opensuse:libnetapi0", "p-cpe:/a:novell:opensuse:libnetapi0-32bit", "p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials-devel", "p-cpe:/a:novell:opensuse:libsamba-credentials0", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors-devel", "p-cpe:/a:novell:opensuse:libsamba-errors0", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb-devel", "p-cpe:/a:novell:opensuse:libsamba-passdb0", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamba-policy0", "p-cpe:/a:novell:opensuse:libsamba-policy0-32bit", "p-cpe:/a:novell:opensuse:libsamba-policy0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util-devel", "p-cpe:/a:novell:opensuse:libsamba-util0", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb-devel", "p-cpe:/a:novell:opensuse:libsamdb0", "p-cpe:/a:novell:opensuse:libsamdb0-32bit", "p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient-devel", "p-cpe:/a:novell:opensuse:libsmbclient0", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf-devel", "p-cpe:/a:novell:opensuse:libsmbconf0", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap-devel", "p-cpe:/a:novell:opensuse:libsmbldap2", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util-devel", "p-cpe:/a:novell:opensuse:libtevent-util0", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient-devel", "p-cpe:/a:novell:opensuse:libwbclient0", "p-cpe:/a:novell:opensuse:libwbclient0-32bit", "p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:samba-ceph-debuginfo", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-debuginfo", "p-cpe:/a:novell:opensuse:samba-core-devel", "p-cpe:/a:novell:opensuse:samba-debuginfo", "p-cpe:/a:novell:opensuse:samba-debugsource", "p-cpe:/a:novell:opensuse:samba-dsdb-modules", "p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo", "p-cpe:/a:novell:opensuse:samba-kdc", "p-cpe:/a:novell:opensuse:samba-kdc-32bit", "p-cpe:/a:novell:opensuse:samba-kdc-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-kdc-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-debuginfo", "p-cpe:/a:novell:opensuse:samba-pidl", "p-cpe:/a:novell:opensuse:samba-python", "p-cpe:/a:novell:opensuse:samba-python-debuginfo", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:samba-test-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:samba-winbind-32bit", "p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-891.NASL", "href": "https://www.tenable.com/plugins/nessus/112000", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-891.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(112000);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n\n script_name(english:\"openSUSE Security Update : samba (openSUSE-2018-891)\");\n script_summary(english:\"Check for the openSUSE-2018-891 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for samba fixes the following issues :\n\nThe following security vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't\n allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and\n DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via\n substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a\n subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames\n on a user without a SPN; (bsc#1103414)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103414\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-pcp-pmda-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-pcp-pmda-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-tests-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-tests-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-binding0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-binding0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap2-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap2-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-client-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-client-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-core-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-debugsource-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-dsdb-modules-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-dsdb-modules-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-kdc-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-kdc-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-libs-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-libs-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-pidl-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-python-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-python-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-test-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-test-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-winbind-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-winbind-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-policy0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-policy0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-ceph-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-client-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-kdc-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-kdc-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-debuginfo / ctdb-pcp-pmda / ctdb-pcp-pmda-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:05", "description": "Update to Samba 4.8.7\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : 2:samba (2018-c2a93f8e1b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16853"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:samba", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-C2A93F8E1B.NASL", "href": "https://www.tenable.com/plugins/nessus/120763", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-c2a93f8e1b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120763);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16853\");\n script_xref(name:\"FEDORA\", value:\"2018-c2a93f8e1b\");\n\n script_name(english:\"Fedora 28 : 2:samba (2018-c2a93f8e1b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Samba 4.8.7\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-c2a93f8e1b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:samba package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16853\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"samba-4.8.7-0.fc28\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:46:14", "description": "Svyatoslav Phirsov discovered that the Samba libsmbclient library incorrectly handled extra long filenames. A malicious server could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-10858)\n\nVolker Mauel discovered that Samba incorrectly handled database output. When used as an Active Directory Domain Controller, a remote authenticated attacker could use this issue to cause Samba to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-10918)\n\nPhillip Kuhrt discovered that the Samba LDAP server incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. (CVE-2018-10919)\n\nVivek Das discovered that Samba incorrectly handled NTLMv1 being explicitly disabled on the server. A remote user could possibly be authenticated using NTLMv1, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-1139).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Samba vulnerabilities (USN-3738-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libsmbclient", "p-cpe:/a:canonical:ubuntu_linux:samba", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-3738-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111748", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3738-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111748);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\");\n script_xref(name:\"USN\", value:\"3738-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Samba vulnerabilities (USN-3738-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Svyatoslav Phirsov discovered that the Samba libsmbclient library\nincorrectly handled extra long filenames. A malicious server could use\nthis issue to cause Samba to crash, resulting in a denial of service,\nor possibly execute arbitrary code. (CVE-2018-10858)\n\nVolker Mauel discovered that Samba incorrectly handled database\noutput. When used as an Active Directory Domain Controller, a remote\nauthenticated attacker could use this issue to cause Samba to crash,\nresulting in a denial of service. This issue only affected Ubuntu\n18.04 LTS. (CVE-2018-10918)\n\nPhillip Kuhrt discovered that the Samba LDAP server incorrectly\nhandled certain confidential attribute values. A remote authenticated\nattacker could possibly use this issue to obtain certain sensitive\ninformation. (CVE-2018-10919)\n\nVivek Das discovered that Samba incorrectly handled NTLMv1 being\nexplicitly disabled on the server. A remote user could possibly be\nauthenticated using NTLMv1, contrary to expectations. This issue only\naffected Ubuntu 18.04 LTS. (CVE-2018-1139).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3738-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libsmbclient and / or samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libsmbclient\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.14.04.16\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"samba\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.14.04.16\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libsmbclient\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.16.04.15\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"samba\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.16.04.15\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libsmbclient\", pkgver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"samba\", pkgver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:32", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues :\n\n - CVE-2018-14629 Florian Stuelpner discovered that Samba is vulnerable to infinite query recursion caused by CNAME loops, resulting in denial of service.\n\n https://www.samba.org/samba/security/CVE-2018-14629.html\n\n - CVE-2018-16841 Alex MacCuish discovered that a user with a valid certificate or smart card can crash the Samba AD DC's KDC when configured to accept smart-card authentication.\n\n https://www.samba.org/samba/security/CVE-2018-16841.html\n\n - CVE-2018-16851 Garming Sam of the Samba Team and Catalyst discovered a NULL pointer dereference vulnerability in the Samba AD DC LDAP server allowing a user able to read more than 256MB of LDAP entries to crash the Samba AD DC's LDAP server.\n\n https://www.samba.org/samba/security/CVE-2018-16851.html", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "nessus", "title": "Debian DSA-4345-1 : samba - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851"], "modified": "2020-06-25T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:samba", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4345.NASL", "href": "https://www.tenable.com/plugins/nessus/119268", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4345. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119268);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/25\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\");\n script_xref(name:\"DSA\", value:\"4345\");\n\n script_name(english:\"Debian DSA-4345-1 : samba - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS\nfile, print, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues :\n\n - CVE-2018-14629\n Florian Stuelpner discovered that Samba is vulnerable to\n infinite query recursion caused by CNAME loops,\n resulting in denial of service.\n\n https://www.samba.org/samba/security/CVE-2018-14629.html\n\n - CVE-2018-16841\n Alex MacCuish discovered that a user with a valid\n certificate or smart card can crash the Samba AD DC's\n KDC when configured to accept smart-card authentication.\n\n https://www.samba.org/samba/security/CVE-2018-16841.html\n\n - CVE-2018-16851\n Garming Sam of the Samba Team and Catalyst discovered a\n NULL pointer dereference vulnerability in the Samba AD\n DC LDAP server allowing a user able to read more than\n 256MB of LDAP entries to crash the Samba AD DC's LDAP\n server.\n\n https://www.samba.org/samba/security/CVE-2018-16851.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-14629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-14629.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16841.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16851.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/samba\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/samba\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4345\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the samba packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2:4.5.12+dfsg-2+deb9u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"ctdb\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-winbind\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpam-winbind\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libparse-pidl-perl\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsmbclient\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsmbclient-dev\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwbclient-dev\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwbclient0\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-samba\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"registry-tools\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-common\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-common-bin\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-dev\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-dsdb-modules\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-libs\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-testsuite\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-vfs-modules\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"smbclient\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"winbind\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:43", "description": "Florian Stuelpner discovered that Samba incorrectly handled CNAME records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-14629)\n\nAlex MacCuish discovered that Samba incorrectly handled memory when configured to accept smart-card authentication. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-16841)\n\nGarming Sam discovered that Samba incorrectly handled memory when processing LDAP searches. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.\n(CVE-2018-16851).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-11-28T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : Samba vulnerabilities (USN-3827-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:samba", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10"], "id": "UBUNTU_USN-3827-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119254", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3827-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119254);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\");\n script_xref(name:\"USN\", value:\"3827-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : Samba vulnerabilities (USN-3827-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Florian Stuelpner discovered that Samba incorrectly handled CNAME\nrecords. A remote attacker could use this issue to cause Samba to\ncrash, resulting in a denial of service. (CVE-2018-14629)\n\nAlex MacCuish discovered that Samba incorrectly handled memory when\nconfigured to accept smart-card authentication. A remote attacker\ncould possibly use this issue to cause Samba to crash, resulting in a\ndenial of service. (CVE-2018-16841)\n\nGarming Sam discovered that Samba incorrectly handled memory when\nprocessing LDAP searches. A remote attacker could possibly use this\nissue to cause Samba to crash, resulting in a denial of service.\n(CVE-2018-16851).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3827-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected samba package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"samba\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.14.04.19\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"samba\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.16.04.18\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"samba\", pkgver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"samba\", pkgver:\"2:4.8.4+dfsg-2ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:27:26", "description": "Update to Samba 4.9.3\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 29 : 2:samba (2018-e423e8743f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:samba", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2018-E423E8743F.NASL", "href": "https://www.tenable.com/plugins/nessus/120862", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-e423e8743f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120862);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_xref(name:\"FEDORA\", value:\"2018-e423e8743f\");\n\n script_name(english:\"Fedora 29 : 2:samba (2018-e423e8743f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Samba 4.9.3\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-e423e8743f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:samba package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16857\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"samba-4.9.3-0.fc29\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:09", "description": "New samba packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2018-333-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857"], "modified": "2020-06-24T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:samba", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2018-333-01.NASL", "href": "https://www.tenable.com/plugins/nessus/119280", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2018-333-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119280);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/24\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_xref(name:\"SSA\", value:\"2018-333-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2018-333-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New samba packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.507711\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c18ee90c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected samba package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16857\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i486\", pkgnum:\"2_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i486\", pkgnum:\"2_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i586\", pkgnum:\"2_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"samba\", pkgver:\"4.9.3\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.9.3\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:48:37", "description": "Updated samba packages that fix several security issues and provide several bug fixes and an enhancement are now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer indirection in printer server process (CVE-2018-1050)\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red Hat) as the original reporter of CVE-2018-1139.\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Previously, sharing a subdirectory of a Gluster volume failed with an I/O error when the shadow_copy2 vfs object was specified. This occurred because Gluster volumes are remote file systems, and shadow_copy2 only detected share paths in the local file system. This update forces the value of shadow:mountpath to '/', skipping the code related to mount point detection, and preventing this problem.\nHowever, this fix requires that the glusterfs vfs object is listed after the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)\n\n* As of Red Hat Gluster Storage 3.4, the libldb package is no longer shipped as an independent package in the Red Hat Gluster Storage Samba channel. The capabilities of the libldb package are now provided by a combination of the samba-client and samba-client-libs packages. In addition, the sub-packages previously provided by libldb are now provided by the samba-client and samba-client-libs packages. The samba-client sub-package provides ldb-tools, and the samba-client-libs sub-package provides pyldb. (BZ# 1592794)\n\nEnhancement(s) :\n\n* Red Hat Gluster Storage volumes exported using SMB can now be mounted on macOS clients using Finder. Configuration instructions are provided as part of the Red Hat Gluster Storage 3.4 documentation.\n(BZ#1446125) Red Hat strongly recommends upgrading to these updated packages.\n\nDisabled on 2018/11/06. Detection of Gluster Storage Server on RHEL 6 is no longer possible due to changes in Gluster package versioning.", "cvss3": {}, "published": "2018-09-06T00:00:00", "type": "nessus", "title": "RHEL 6 : Storage Server (RHSA-2018:2612) (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ctdb", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:libtalloc", "p-cpe:/a:redhat:enterprise_linux:libtalloc-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libtalloc-devel", "p-cpe:/a:redhat:enterprise_linux:libtdb", "p-cpe:/a:redhat:enterprise_linux:libtdb-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libtdb-devel", "p-cpe:/a:redhat:enterprise_linux:libtevent", "p-cpe:/a:redhat:enterprise_linux:libtevent-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libtevent-devel", "p-cpe:/a:redhat:enterprise_linux:libwbclient", "p-cpe:/a:redhat:enterprise_linux:libwbclient-devel", "p-cpe:/a:redhat:enterprise_linux:pytalloc", "p-cpe:/a:redhat:enterprise_linux:pytalloc-devel", "p-cpe:/a:redhat:enterprise_linux:python-tdb", "p-cpe:/a:redhat:enterprise_linux:python-tevent", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-client-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-common-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common-tools", "p-cpe:/a:redhat:enterprise_linux:samba-dc", "p-cpe:/a:redhat:enterprise_linux:samba-dc-libs", "p-cpe:/a:redhat:enterprise_linux:samba-debuginfo", "p-cpe:/a:redhat:enterprise_linux:samba-devel", "p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing", "p-cpe:/a:redhat:enterprise_linux:samba-libs", "p-cpe:/a:redhat:enterprise_linux:samba-pidl", "p-cpe:/a:redhat:enterprise_linux:samba-python", "p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules", "p-cpe:/a:redhat:enterprise_linux:tdb-tools", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2018-2612.NASL", "href": "https://www.tenable.com/plugins/nessus/117319", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2612. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/11/06. Detection of Gluster Storage Server on\n# RHEL 6 is no longer possible due to changes in Gluster package versioning. \n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117319);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"RHSA\", value:\"2018:2612\");\n\n script_name(english:\"RHEL 6 : Storage Server (RHSA-2018:2612) (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix several security issues and provide\nseveral bug fixes and an enhancement are now available for Red Hat\nGluster Storage 3.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) protocol and the related Common Internet File System (CIFS)\nprotocol, which allow PC-compatible machines to share files, printers,\nand various information.\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\n* samba: NULL pointer indirection in printer server process\n(CVE-2018-1050)\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red\nHat) as the original reporter of CVE-2018-1139.\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nBug Fix(es) :\n\n* Previously, sharing a subdirectory of a Gluster volume failed with\nan I/O error when the shadow_copy2 vfs object was specified. This\noccurred because Gluster volumes are remote file systems, and\nshadow_copy2 only detected share paths in the local file system. This\nupdate forces the value of shadow:mountpath to '/', skipping the code\nrelated to mount point detection, and preventing this problem.\nHowever, this fix requires that the glusterfs vfs object is listed\nafter the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)\n\n* As of Red Hat Gluster Storage 3.4, the libldb package is no longer\nshipped as an independent package in the Red Hat Gluster Storage Samba\nchannel. The capabilities of the libldb package are now provided by a\ncombination of the samba-client and samba-client-libs packages. In\naddition, the sub-packages previously provided by libldb are now\nprovided by the samba-client and samba-client-libs packages. The\nsamba-client sub-package provides ldb-tools, and the samba-client-libs\nsub-package provides pyldb. (BZ# 1592794)\n\nEnhancement(s) :\n\n* Red Hat Gluster Storage volumes exported using SMB can now be\nmounted on macOS clients using Finder. Configuration instructions are\nprovided as part of the Red Hat Gluster Storage 3.4 documentation.\n(BZ#1446125) Red Hat strongly recommends upgrading to these updated\npackages.\n\nDisabled on 2018/11/06. Detection of Gluster Storage Server on RHEL 6\nis no longer possible due to changes in Gluster package versioning.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2018-2612.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2018-1050.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2018-1139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2018-10858.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pytalloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pytalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tdb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Detection of Gluster Storage Server on RHEL 6 is no longer possible due to changes in Gluster package versioning.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2612\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"glusterfs-3.12.2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Storage Server\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ctdb-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libsmbclient-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtalloc-2.1.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtalloc-debuginfo-2.1.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtalloc-devel-2.1.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtdb-1.3.15-4.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtdb-debuginfo-1.3.15-4.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtdb-devel-1.3.15-4.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtevent-0.9.35-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtevent-debuginfo-0.9.35-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtevent-devel-0.9.35-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libwbclient-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"pytalloc-2.1.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"pytalloc-devel-2.1.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-tdb-1.3.15-4.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-tevent-0.9.35-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-client-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-client-libs-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"samba-common-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-common-libs-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-common-tools-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-dc-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-debuginfo-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-devel-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-libs-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"samba-pidl-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-python-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tdb-tools-1.3.15-4.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / libsmbclient / libsmbclient-devel / libtalloc / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:53:27", "description": "From Red Hat Security Advisory 2018:3056 :\n\nAn update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das (Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", "cvss3": {}, "published": "2018-11-07T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : samba (ELSA-2018-3056)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2021-04-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libwbclient", "p-cpe:/a:oracle:linux:libwbclient-devel", "p-cpe:/a:oracle:linux:samba", "p-cpe:/a:oracle:linux:samba-client", "p-cpe:/a:oracle:linux:samba-client-libs", "p-cpe:/a:oracle:linux:samba-common", "p-cpe:/a:oracle:linux:samba-common-libs", "p-cpe:/a:oracle:linux:samba-common-tools", "p-cpe:/a:oracle:linux:samba-dc", "p-cpe:/a:oracle:linux:samba-dc-libs", "p-cpe:/a:oracle:linux:samba-devel", "p-cpe:/a:oracle:linux:samba-krb5-printing", "p-cpe:/a:oracle:linux:samba-libs", "p-cpe:/a:oracle:linux:samba-pidl", "p-cpe:/a:oracle:linux:samba-python", "p-cpe:/a:oracle:linux:samba-python-test", "p-cpe:/a:oracle:linux:samba-test", "p-cpe:/a:oracle:linux:samba-test-libs", "p-cpe:/a:oracle:linux:samba-vfs-glusterfs", "p-cpe:/a:oracle:linux:samba-winbind", "p-cpe:/a:oracle:linux:samba-winbind-clients", "p-cpe:/a:oracle:linux:samba-winbind-krb5-locator", "p-cpe:/a:oracle:linux:ctdb", "p-cpe:/a:oracle:linux:ctdb-tests", "p-cpe:/a:oracle:linux:libsmbclient", "p-cpe:/a:oracle:linux:libsmbclient-devel", "p-cpe:/a:oracle:linux:samba-winbind-modules", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2018-3056.NASL", "href": "https://www.tenable.com/plugins/nessus/118766", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:3056 and \n# Oracle Linux Security Advisory ELSA-2018-3056 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118766);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/14\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"RHSA\", value:\"2018:3056\");\n\n script_name(english:\"Oracle Linux 7 : samba (ELSA-2018-3056)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2018:3056 :\n\nAn update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) protocol and the related Common Internet File System (CIFS)\nprotocol, which allow PC-compatible machines to share files, printers,\nand various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process\n(CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das\n(Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.6 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-November/008199.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ctdb-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ctdb-tests-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libsmbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libwbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-client-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-client-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-common-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-common-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-common-tools-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-dc-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-pidl-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-python-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-python-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-test-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-winbind-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.8.3-4.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-tests / libsmbclient / libsmbclient-devel / libwbclient / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-19T16:53:37", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has samba packages installed that are affected by multiple vulnerabilities:\n\n - A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.\n (CVE-2018-1050)\n\n - A flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.\n (CVE-2018-1139)\n\n - A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.\n (CVE-2018-10858)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Multiple Vulnerabilities (NS-SA-2019-0069)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0069_SAMBA.NASL", "href": "https://www.tenable.com/plugins/nessus/127271", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0069. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127271);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-1139\", \"CVE-2018-10858\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Multiple Vulnerabilities (NS-SA-2019-0069)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has samba packages installed that are affected by\nmultiple vulnerabilities:\n\n - A null pointer dereference flaw was found in Samba RPC\n external printer service. An attacker could use this\n flaw to cause the printer spooler service to crash.\n (CVE-2018-1050)\n\n - A flaw was found in the way samba allowed the use of\n weak NTLMv1 authentication even when NTLMv1 was\n explicitly disabled. A man-in-the-middle attacker could\n use this flaw to read the credential and other details\n passed between the samba server and client.\n (CVE-2018-1139)\n\n - A heap-buffer overflow was found in the way samba\n clients processed extra long filename in a directory\n listing. A malicious samba server could use this flaw to\n cause arbitrary code execution on a samba client.\n (CVE-2018-10858)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0069\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL samba packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"ctdb-4.8.3-4.el7\",\n \"ctdb-tests-4.8.3-4.el7\",\n \"libsmbclient-4.8.3-4.el7\",\n \"libsmbclient-devel-4.8.3-4.el7\",\n \"libwbclient-4.8.3-4.el7\",\n \"libwbclient-devel-4.8.3-4.el7\",\n \"samba-4.8.3-4.el7\",\n \"samba-client-4.8.3-4.el7\",\n \"samba-client-libs-4.8.3-4.el7\",\n \"samba-common-4.8.3-4.el7\",\n \"samba-common-libs-4.8.3-4.el7\",\n \"samba-common-tools-4.8.3-4.el7\",\n \"samba-dc-4.8.3-4.el7\",\n \"samba-dc-libs-4.8.3-4.el7\",\n \"samba-debuginfo-4.8.3-4.el7\",\n \"samba-devel-4.8.3-4.el7\",\n \"samba-krb5-printing-4.8.3-4.el7\",\n \"samba-libs-4.8.3-4.el7\",\n \"samba-pidl-4.8.3-4.el7\",\n \"samba-python-4.8.3-4.el7\",\n \"samba-python-test-4.8.3-4.el7\",\n \"samba-test-4.8.3-4.el7\",\n \"samba-test-libs-4.8.3-4.el7\",\n \"samba-vfs-glusterfs-4.8.3-4.el7\",\n \"samba-winbind-4.8.3-4.el7\",\n \"samba-winbind-clients-4.8.3-4.el7\",\n \"samba-winbind-krb5-locator-4.8.3-4.el7\",\n \"samba-winbind-modules-4.8.3-4.el7\"\n ],\n \"CGSL MAIN 5.04\": [\n \"ctdb-4.8.3-4.el7\",\n \"ctdb-tests-4.8.3-4.el7\",\n \"libsmbclient-4.8.3-4.el7\",\n \"libsmbclient-devel-4.8.3-4.el7\",\n \"libwbclient-4.8.3-4.el7\",\n \"libwbclient-devel-4.8.3-4.el7\",\n \"samba-4.8.3-4.el7\",\n \"samba-client-4.8.3-4.el7\",\n \"samba-client-libs-4.8.3-4.el7\",\n \"samba-common-4.8.3-4.el7\",\n \"samba-common-libs-4.8.3-4.el7\",\n \"samba-common-tools-4.8.3-4.el7\",\n \"samba-dc-4.8.3-4.el7\",\n \"samba-dc-libs-4.8.3-4.el7\",\n \"samba-debuginfo-4.8.3-4.el7\",\n \"samba-devel-4.8.3-4.el7\",\n \"samba-krb5-printing-4.8.3-4.el7\",\n \"samba-libs-4.8.3-4.el7\",\n \"samba-pidl-4.8.3-4.el7\",\n \"samba-python-4.8.3-4.el7\",\n \"samba-python-test-4.8.3-4.el7\",\n \"samba-test-4.8.3-4.el7\",\n \"samba-test-libs-4.8.3-4.el7\",\n \"samba-vfs-glusterfs-4.8.3-4.el7\",\n \"samba-winbind-4.8.3-4.el7\",\n \"samba-winbind-clients-4.8.3-4.el7\",\n \"samba-winbind-krb5-locator-4.8.3-4.el7\",\n \"samba-winbind-modules-4.8.3-4.el7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:47:35", "description": "Updated samba packages that fix several security issues and provide several bug fixes and an enhancement are now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer indirection in printer server process (CVE-2018-1050)\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red Hat) as the original reporter of CVE-2018-1139.\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Previously, sharing a subdirectory of a Gluster volume failed with an I/O error when the shadow_copy2 vfs object was specified. This occurred because Gluster volumes are remote file systems, and shadow_copy2 only detected share paths in the local file system. This update forces the value of shadow:mountpath to '/', skipping the code related to mount point detection, and preventing this problem.\nHowever, this fix requires that the glusterfs vfs object is listed after the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)\n\n* As of Red Hat Gluster Storage 3.4, the libldb package is no longer shipped as an independent package in the Red Hat Gluster Storage Samba channel. The capabilities of the libldb package are now provided by a combination of the samba-client and samba-client-libs packages. In addition, the sub-packages previously provided by libldb are now provided by the samba-client and samba-client-libs packages. The samba-client sub-package provides ldb-tools, and the samba-client-libs sub-package provides pyldb. (BZ# 1592794)\n\nEnhancement(s) :\n\n* Red Hat Gluster Storage volumes exported using SMB can now be mounted on macOS clients using Finder. Configuration instructions are provided as part of the Red Hat Gluster Storage 3.4 documentation.\n(BZ#1446125)\n\nRed Hat strongly recommends upgrading to these updated packages.", "cvss3": {}, "published": "2018-09-06T00:00:00", "type": "nessus", "title": "RHEL 7 : Storage Server (RHSA-2018:2613)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ctdb", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:libtalloc", "p-cpe:/a:redhat:enterprise_linux:libtalloc-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libtalloc-devel", "p-cpe:/a:redhat:enterprise_linux:libtevent", "p-cpe:/a:redhat:enterprise_linux:libtevent-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libtevent-devel", "p-cpe:/a:redhat:enterprise_linux:libwbclient", "p-cpe:/a:redhat:enterprise_linux:libwbclient-devel", "p-cpe:/a:redhat:enterprise_linux:pytalloc", "p-cpe:/a:redhat:enterprise_linux:pytalloc-devel", "p-cpe:/a:redhat:enterprise_linux:python-tdb", "p-cpe:/a:redhat:enterprise_linux:python-tevent", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-client-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-common-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common-tools", "p-cpe:/a:redhat:enterprise_linux:samba-dc", "p-cpe:/a:redhat:enterprise_linux:samba-dc-libs", "p-cpe:/a:redhat:enterprise_linux:samba-debuginfo", "p-cpe:/a:redhat:enterprise_linux:samba-devel", "p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing", "p-cpe:/a:redhat:enterprise_linux:samba-libs", "p-cpe:/a:redhat:enterprise_linux:samba-pidl", "p-cpe:/a:redhat:enterprise_linux:samba-python", "p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules", "p-cpe:/a:redhat:enterprise_linux:tdb-tools", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-2613.NASL", "href": "https://www.tenable.com/plugins/nessus/117320", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2613. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117320);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"RHSA\", value:\"2018:2613\");\n\n script_name(english:\"RHEL 7 : Storage Server (RHSA-2018:2613)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix several security issues and provide\nseveral bug fixes and an enhancement are now available for Red Hat\nGluster Storage 3.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) protocol and the related Common Internet File System (CIFS)\nprotocol, which allow PC-compatible machines to share files, printers,\nand various information.\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\n* samba: NULL pointer indirection in printer server process\n(CVE-2018-1050)\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red\nHat) as the original reporter of CVE-2018-1139.\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nBug Fix(es) :\n\n* Previously, sharing a subdirectory of a Gluster volume failed with\nan I/O error when the shadow_copy2 vfs object was specified. This\noccurred because Gluster volumes are remote file systems, and\nshadow_copy2 only detected share paths in the local file system. This\nupdate forces the value of shadow:mountpath to '/', skipping the code\nrelated to mount point detection, and preventing this problem.\nHowever, this fix requires that the glusterfs vfs object is listed\nafter the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)\n\n* As of Red Hat Gluster Storage 3.4, the libldb package is no longer\nshipped as an independent package in the Red Hat Gluster Storage Samba\nchannel. The capabilities of the libldb package are now provided by a\ncombination of the samba-client and samba-client-libs packages. In\naddition, the sub-packages previously provided by libldb are now\nprovided by the samba-client and samba-client-libs packages. The\nsamba-client sub-package provides ldb-tools, and the samba-client-libs\nsub-package provides pyldb. (BZ# 1592794)\n\nEnhancement(s) :\n\n* Red Hat Gluster Storage volumes exported using SMB can now be\nmounted on macOS clients using Finder. Configuration instructions are\nprovided as part of the Red Hat Gluster Storage 3.4 documentation.\n(BZ#1446125)\n\nRed Hat strongly recommends upgrading to these updated packages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-1050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-1139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10858\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pytalloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pytalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tdb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2613\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"glusterfs-3.12.2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Storage Server\");\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ctdb-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libsmbclient-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtalloc-2.1.11-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtalloc-debuginfo-2.1.11-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtalloc-devel-2.1.11-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtevent-0.9.35-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtevent-debuginfo-0.9.35-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtevent-devel-0.9.35-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libwbclient-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pytalloc-2.1.11-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pytalloc-devel-2.1.11-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-tdb-1.3.15-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-tevent-0.9.35-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-client-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-client-libs-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-common-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-common-libs-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-common-tools-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-dc-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-debuginfo-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-devel-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-libs-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-pidl-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-python-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"tdb-tools-1.3.15-4.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / libsmbclient / libsmbclient-devel / libtalloc / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:55:27", "description": "An update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das (Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", "cvss3": {}, "published": "2018-12-17T00:00:00", "type": "nessus", "title": "CentOS 7 : samba (CESA-2018:3056)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2020-03-27T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ctdb", "p-cpe:/a:centos:centos:ctdb-tests", "p-cpe:/a:centos:centos:libsmbclient", "p-cpe:/a:centos:centos:libsmbclient-devel", "p-cpe:/a:centos:centos:libwbclient", "p-cpe:/a:centos:centos:libwbclient-devel", "p-cpe:/a:centos:centos:samba", "p-cpe:/a:centos:centos:samba-client", "p-cpe:/a:centos:centos:samba-client-libs", "p-cpe:/a:centos:centos:samba-common", "p-cpe:/a:centos:centos:samba-common-libs", "p-cpe:/a:centos:centos:samba-common-tools", "p-cpe:/a:centos:centos:samba-dc", "p-cpe:/a:centos:centos:samba-dc-libs", "p-cpe:/a:centos:centos:samba-devel", "p-cpe:/a:centos:centos:samba-krb5-printing", "p-cpe:/a:centos:centos:samba-libs", "p-cpe:/a:centos:centos:samba-pidl", "p-cpe:/a:centos:centos:samba-python", "p-cpe:/a:centos:centos:samba-python-test", "p-cpe:/a:centos:centos:samba-test", "p-cpe:/a:centos:centos:samba-test-libs", "p-cpe:/a:centos:centos:samba-vfs-glusterfs", "p-cpe:/a:centos:centos:samba-winbind", "p-cpe:/a:centos:centos:samba-winbind-clients", "p-cpe:/a:centos:centos:samba-winbind-krb5-locator", "p-cpe:/a:centos:centos:samba-winbind-modules", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2018-3056.NASL", "href": "https://www.tenable.com/plugins/nessus/119691", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:3056 and \n# CentOS Errata and Security Advisory 2018:3056 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119691);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/27\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"RHSA\", value:\"2018:3056\");\n\n script_name(english:\"CentOS 7 : samba (CESA-2018:3056)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) protocol and the related Common Internet File System (CIFS)\nprotocol, which allow PC-compatible machines to share files, printers,\nand various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process\n(CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das\n(Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.6 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2018-December/005789.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5856e51f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ctdb-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ctdb-tests-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libsmbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libwbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-client-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-client-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-common-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-common-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-common-tools-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-dc-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-pidl-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-python-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-python-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-test-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.8.3-4.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-tests / libsmbclient / libsmbclient-devel / libwbclient / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:17", "description": "The version of Samba running on the remote host is 4.7.x prior to 4.7.12, or 4.8.x prior to 4.8.7, or 4.9.x prior to 4.9.3. It is, therefore, affected by multiple vulnerabilities.\n\nNotes: \n - Refer to vendor advisories for possible workarounds.\n - CVE-2018-16852 and CVE-2018-16857 only apply to 4.9.x.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-30T00:00:00", "type": "nessus", "title": "Samba 4.7.x < 4.7.12 / 4.8.x < 4.8.7 / 4.9.x < 4.9.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857"], "modified": "2019-11-01T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_4_7_12.NASL", "href": "https://www.tenable.com/plugins/nessus/119306", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119306);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-14629\",\n \"CVE-2018-16841\",\n \"CVE-2018-16851\",\n \"CVE-2018-16852\",\n \"CVE-2018-16853\",\n \"CVE-2018-16857\"\n );\n\n script_name(english:\"Samba 4.7.x < 4.7.12 / 4.8.x < 4.8.7 / 4.9.x < 4.9.3 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Samba.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Samba running on the remote host is 4.7.x prior to\n4.7.12, or 4.8.x prior to 4.8.7, or 4.9.x prior to 4.9.3. It is,\ntherefore, affected by multiple vulnerabilities.\n\nNotes: \n - Refer to vendor advisories for possible workarounds.\n - CVE-2018-16852 and CVE-2018-16857 only apply to 4.9.x.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-14629.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-16841.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-16851.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-16852.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-16853.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-16857.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-4.7.12.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-4.8.7.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-4.9.3.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Samba version 4.7.12 / 4.8.7 / 4.9.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16857\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/30\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp = vcf::samba::get_app_info();\nvcf::check_granularity(app_info:app, sig_segments:3);\n\n# Note: versions < 4.7 are EOL\nconstraints = \n[\n {\"min_version\" : \"4.7.0\", \"fixed_version\" : \"4.7.12\"},\n {\"min_version\" : \"4.8.0\", \"fixed_version\" : \"4.8.7\"},\n {\"min_version\" : \"4.9.0\", \"fixed_version\" : \"4.9.3\"}\n];\n\nvcf::check_version_and_report(app_info:app, constraints:constraints, severity:SECURITY_WARNING, strict:FALSE);", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:54:41", "description": "A NULL pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.(CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.(CVE-2018-10858)\n\nA flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.(CVE-2018-1139)", "cvss3": {}, "published": "2018-12-20T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : samba (ALAS-2018-1126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2020-03-27T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ctdb", "p-cpe:/a:amazon:linux:ctdb-tests", "p-cpe:/a:amazon:linux:libsmbclient", "p-cpe:/a:amazon:linux:libsmbclient-devel", "p-cpe:/a:amazon:linux:libwbclient", "p-cpe:/a:amazon:linux:libwbclient-devel", "p-cpe:/a:amazon:linux:samba", "p-cpe:/a:amazon:linux:samba-client", "p-cpe:/a:amazon:linux:samba-client-libs", "p-cpe:/a:amazon:linux:samba-common", "p-cpe:/a:amazon:linux:samba-common-libs", "p-cpe:/a:amazon:linux:samba-common-tools", "p-cpe:/a:amazon:linux:samba-dc", "p-cpe:/a:amazon:linux:samba-dc-libs", "p-cpe:/a:amazon:linux:samba-debuginfo", "p-cpe:/a:amazon:linux:samba-devel", "p-cpe:/a:amazon:linux:samba-krb5-printing", "p-cpe:/a:amazon:linux:samba-libs", "p-cpe:/a:amazon:linux:samba-pidl", "p-cpe:/a:amazon:linux:samba-python", "p-cpe:/a:amazon:linux:samba-python-test", "p-cpe:/a:amazon:linux:samba-test", "p-cpe:/a:amazon:linux:samba-test-libs", "p-cpe:/a:amazon:linux:samba-vfs-glusterfs", "p-cpe:/a:amazon:linux:samba-winbind", "p-cpe:/a:amazon:linux:samba-winbind-clients", "p-cpe:/a:amazon:linux:samba-winbind-krb5-locator", "p-cpe:/a:amazon:linux:samba-winbind-modules", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2018-1126.NASL", "href": "https://www.tenable.com/plugins/nessus/119781", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-1126.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119781);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/27\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"ALAS\", value:\"2018-1126\");\n\n script_name(english:\"Amazon Linux 2 : samba (ALAS-2018-1126)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was found in Samba RPC external\nprinter service. An attacker could use this flaw to cause the printer\nspooler service to crash.(CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed\nextra long filename in a directory listing. A malicious samba server\ncould use this flaw to cause arbitrary code execution on a samba\nclient.(CVE-2018-10858)\n\nA flaw was found in the way samba allowed the use of weak NTLMv1\nauthentication even when NTLMv1 was explicitly disabled. A\nman-in-the-middle attacker could use this flaw to read the credential\nand other details passed between the samba server and\nclient.(CVE-2018-1139)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-1126.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update samba' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"ctdb-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"ctdb-tests-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libsmbclient-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libsmbclient-devel-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libwbclient-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libwbclient-devel-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-client-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-client-libs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-common-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-common-libs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-common-tools-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-dc-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-dc-libs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-debuginfo-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-devel-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-krb5-printing-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-libs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-pidl-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-python-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-python-test-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-test-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-test-libs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-winbind-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-winbind-clients-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-winbind-krb5-locator-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-winbind-modules-4.8.3-4.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-tests / libsmbclient / libsmbclient-devel / libwbclient / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:49:29", "description": "An update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das (Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", "cvss3": {}, "published": "2018-10-31T00:00:00", "type": "nessus", "title": "RHEL 7 : samba (RHSA-2018:3056)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2022-02-01T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ctdb", "p-cpe:/a:redhat:enterprise_linux:ctdb-tests", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:libwbclient", "p-cpe:/a:redhat:enterprise_linux:libwbclient-devel", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-client-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-common-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common-tools", "p-cpe:/a:redhat:enterprise_linux:samba-dc", "p-cpe:/a:redhat:enterprise_linux:samba-dc-libs", "p-cpe:/a:redhat:enterprise_linux:samba-debuginfo", "p-cpe:/a:redhat:enterprise_linux:samba-devel", "p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing", "p-cpe:/a:redhat:enterprise_linux:samba-libs", "p-cpe:/a:redhat:enterprise_linux:samba-pidl", "p-cpe:/a:redhat:enterprise_linux:samba-python", "p-cpe:/a:redhat:enterprise_linux:samba-python-test", "p-cpe:/a:redhat:enterprise_linux:samba-test", "p-cpe:/a:redhat:enterprise_linux:samba-test-libs", "p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-3056.NASL", "href": "https://www.tenable.com/plugins/nessus/118519", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:3056. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118519);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/01\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-1139\", \"CVE-2018-10858\");\n script_xref(name:\"RHSA\", value:\"2018:3056\");\n\n script_name(english:\"RHEL 7 : samba (RHSA-2018:3056)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) protocol and the related Common Internet File System (CIFS)\nprotocol, which allow PC-compatible machines to share files, printers,\nand various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process\n(CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das\n(Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.6 Release Notes linked from the References section.\");\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3395ff0b\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:3056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-1050\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-1139\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10858\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:3056\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"ctdb-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ctdb-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"ctdb-tests-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ctdb-tests-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libsmbclient-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libsmbclient-devel-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libwbclient-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libwbclient-devel-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-client-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-client-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-client-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-common-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-common-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-common-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-common-tools-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-common-tools-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-dc-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-dc-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-dc-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-debuginfo-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-devel-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-krb5-printing-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-pidl-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-python-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-python-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-python-test-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-python-test-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-test-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-test-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-test-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-winbind-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-winbind-clients-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-winbind-krb5-locator-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-winbind-modules-4.8.3-4.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-tests / libsmbclient / libsmbclient-devel / libwbclient / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:53:19", "description": "Security Fix(es) :\n\n - samba: Weak authentication protocol regression (CVE-2018-1139)\n\n - samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n - samba: NULL pointer dereference in printer server process (CVE-2018-1050)", "cvss3": {}, "published": "2018-11-27T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : samba on SL7.x x86_64 (20181030)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2020-07-01T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:libsmbclient", "p-cpe:/a:fermilab:scientific_linux:libsmbclient-devel", "p-cpe:/a:fermilab:scientific_linux:libwbclient", "p-cpe:/a:fermilab:scientific_linux:libwbclient-devel", "p-cpe:/a:fermilab:scientific_linux:samba", "p-cpe:/a:fermilab:scientific_linux:samba-client", "p-cpe:/a:fermilab:scientific_linux:samba-client-libs", "p-cpe:/a:fermilab:scientific_linux:samba-common", "p-cpe:/a:fermilab:scientific_linux:samba-common-libs", "p-cpe:/a:fermilab:scientific_linux:samba-common-tools", "p-cpe:/a:fermilab:scientific_linux:samba-dc", "p-cpe:/a:fermilab:scientific_linux:samba-dc-libs", "p-cpe:/a:fermilab:scientific_linux:samba-debuginfo", "p-cpe:/a:fermilab:scientific_linux:samba-devel", "p-cpe:/a:fermilab:scientific_linux:samba-krb5-printing", "p-cpe:/a:fermilab:scientific_linux:samba-libs", "p-cpe:/a:fermilab:scientific_linux:samba-pidl", "p-cpe:/a:fermilab:scientific_linux:samba-python", "p-cpe:/a:fermilab:scientific_linux:samba-python-test", "p-cpe:/a:fermilab:scientific_linux:samba-test", "p-cpe:/a:fermilab:scientific_linux:samba-test-libs", "p-cpe:/a:fermilab:scientific_linux:samba-vfs-glusterfs", "p-cpe:/a:fermilab:scientific_linux:samba-winbind", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-clients", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-krb5-locator", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-modules", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20181030_SAMBA_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/119198", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119198);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/01\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n\n script_name(english:\"Scientific Linux Security Update : samba on SL7.x x86_64 (20181030)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security Fix(es) :\n\n - samba: Weak authentication protocol regression\n (CVE-2018-1139)\n\n - samba: Insufficient input validation in libsmbclient\n (CVE-2018-10858)\n\n - samba: NULL pointer dereference in printer server\n process (CVE-2018-1050)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1811&L=scientific-linux-errata&F=&S=&P=5438\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2de83bcc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libsmbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libwbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-client-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-client-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"samba-common-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-common-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-common-tools-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-dc-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-debuginfo-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"samba-pidl-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-python-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-python-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-test-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-winbind-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.8.3-4.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / libwbclient / libwbclient-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-19T16:05:17", "description": "A NULL pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash. (CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. (CVE-2018-10858)\n\nA flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.\n(CVE-2018-1139)", "cvss3": {}, "published": "2019-01-25T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : samba (ALAS-2018-1126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2020-02-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ctdb", "p-cpe:/a:amazon:linux:ctdb-tests", "p-cpe:/a:amazon:linux:libsmbclient", "p-cpe:/a:amazon:linux:libsmbclient-devel", "p-cpe:/a:amazon:linux:libwbclient", "p-cpe:/a:amazon:linux:libwbclient-devel", "p-cpe:/a:amazon:linux:samba", "p-cpe:/a:amazon:linux:samba-client", "p-cpe:/a:amazon:linux:samba-client-libs", "p-cpe:/a:amazon:linux:samba-common", "p-cpe:/a:amazon:linux:samba-common-libs", "p-cpe:/a:amazon:linux:samba-common-tools", "p-cpe:/a:amazon:linux:samba-debuginfo", "p-cpe:/a:amazon:linux:samba-devel", "p-cpe:/a:amazon:linux:samba-krb5-printing", "p-cpe:/a:amazon:linux:samba-libs", "p-cpe:/a:amazon:linux:samba-pidl", "p-cpe:/a:amazon:linux:samba-python", "p-cpe:/a:amazon:linux:samba-python-test", "p-cpe:/a:amazon:linux:samba-test", "p-cpe:/a:amazon:linux:samba-test-libs", "p-cpe:/a:amazon:linux:samba-winbind", "p-cpe:/a:amazon:linux:samba-winbind-clients", "p-cpe:/a:amazon:linux:samba-winbind-krb5-locator", "p-cpe:/a:amazon:linux:samba-winbind-modules", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1126.NASL", "href": "https://www.tenable.com/plugins/nessus/121359", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1126.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121359);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/20\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"ALAS\", value:\"2018-1126\");\n\n script_name(english:\"Amazon Linux AMI : samba (ALAS-2018-1126)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was found in Samba RPC external\nprinter service. An attacker could use this flaw to cause the printer\nspooler service to crash. (CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed\nextra long filename in a directory listing. A malicious samba server\ncould use this flaw to cause arbitrary code execution on a samba\nclient. (CVE-2018-10858)\n\nA flaw was found in the way samba allowed the use of weak NTLMv1\nauthentication even when NTLMv1 was explicitly disabled. A\nman-in-the-middle attacker could use this flaw to read the credential\nand other details passed between the samba server and client.\n(CVE-2018-1139)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1126.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update samba' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ctdb-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ctdb-tests-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libsmbclient-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libsmbclient-devel-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libwbclient-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libwbclient-devel-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-client-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-client-libs-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-common-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-common-libs-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-common-tools-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-debuginfo-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-devel-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-krb5-printing-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-libs-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-pidl-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-python-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-python-test-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-test-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-test-libs-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-winbind-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-winbind-clients-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-winbind-krb5-locator-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-winbind-modules-4.8.3-4.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-tests / libsmbclient / libsmbclient-devel / libwbclient / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:32", "description": "The samba project reports :\n\nAll versions of Samba from 4.0.0 onwards are vulnerable to infinite query recursion caused by CNAME loops. Any dns record can be added via ldap by an unprivileged user using the ldbadd tool, so this is a security issue.\n\nWhen configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ.\n\nDuring the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process.\n\nDuring the processing of an DNS zone in the DNS management DCE/RPC server, the internal DNS server or the Samba DLZ plugin for BIND9, if the DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will follow a NULL pointer and terminate\n\nA user in a Samba AD domain can crash the KDC when Samba is built in the non-default MIT Kerberos configuration.\n\nAD DC Configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all.", "cvss3": {}, "published": "2018-11-28T00:00:00", "type": "nessus", "title": "FreeBSD : samba -- multiple vulnerabilities (54976998-f248-11e8-81e2-005056a311d1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857"], "modified": "2020-06-25T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:samba46", "p-cpe:/a:freebsd:freebsd:samba47", "p-cpe:/a:freebsd:freebsd:samba48", "p-cpe:/a:freebsd:freebsd:samba49", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_54976998F24811E881E2005056A311D1.NASL", "href": "https://www.tenable.com/plugins/nessus/119246", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119246);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/25\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n\n script_name(english:\"FreeBSD : samba -- multiple vulnerabilities (54976998-f248-11e8-81e2-005056a311d1)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The samba project reports :\n\nAll versions of Samba from 4.0.0 onwards are vulnerable to infinite\nquery recursion caused by CNAME loops. Any dns record can be added via\nldap by an unprivileged user using the ldbadd tool, so this is a\nsecurity issue.\n\nWhen configured to accept smart-card authentication, Samba's KDC will\ncall talloc_free() twice on the same memory if the principal in a\nvalidly signed certificate does not match the principal in the AS-REQ.\n\nDuring the processing of an LDAP search before Samba's AD DC returns\nthe LDAP entries to the client, the entries are cached in a single\nmemory object with a maximum size of 256MB. When this size is reached,\nthe Samba process providing the LDAP service will follow the NULL\npointer, terminating the process.\n\nDuring the processing of an DNS zone in the DNS management DCE/RPC\nserver, the internal DNS server or the Samba DLZ plugin for BIND9, if\nthe DSPROPERTY_ZONE_MASTER_SERVERS property or\nDSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will\nfollow a NULL pointer and terminate\n\nA user in a Samba AD domain can crash the KDC when Samba is built in\nthe non-default MIT Kerberos configuration.\n\nAD DC Configurations watching for bad passwords (to restrict brute\nforcing of passwords) in a window of more than 3 minutes may not watch\nfor bad passwords at all.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-14629.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16841.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16851.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16852.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16853.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16857.html\"\n );\n # https://vuxml.freebsd.org/freebsd/54976998-f248-11e8-81e2-005056a311d1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ec8b9b49\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16857\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba46\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba47\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba48\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba49\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"samba46<=4.6.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba47<4.7.12\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba48<4.8.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba49<4.9.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-19T15:09:10", "description": "The remote host is affected by the vulnerability described in GLSA-202003-52 (Samba: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could possibly execute arbitrary code, cause a Denial of Service condition, conduct a man-in-the-middle attack, or obtain sensitive information.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2020-03-26T00:00:00", "type": "nessus", "title": "GLSA-202003-52 : Samba: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2018-16860", "CVE-2019-10197", "CVE-2019-14861", "CVE-2019-14870", "CVE-2019-14902", "CVE-2019-14907", "CVE-2019-19344"], "modified": "2022-05-16T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:samba", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202003-52.NASL", "href": "https://www.tenable.com/plugins/nessus/134927", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202003-52.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134927);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\", \"CVE-2018-16860\", \"CVE-2019-10197\", \"CVE-2019-14861\", \"CVE-2019-14870\", \"CVE-2019-14902\", \"CVE-2019-14907\", \"CVE-2019-19344\");\n script_xref(name:\"GLSA\", value:\"202003-52\");\n\n script_name(english:\"GLSA-202003-52 : Samba: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202003-52\n(Samba: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Samba. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code, cause a Denial\n of Service condition, conduct a man-in-the-middle attack, or obtain\n sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202003-52\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Samba 4.9.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-4.9.18'\n All Samba 4.10.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-4.10.13'\n All Samba 4.11.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-4.11.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-fs/samba\", unaffected:make_list(\"rge 4.9.18\", \"rge 4.10.13\", \"rge 4.11.6\"), vulnerable:make_list(\"lt 4.11.6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:43:01", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues :\n\nCVE-2018-14629\n\nFlorian Stuelpner discovered that Samba is vulnerable to infinite query recursion caused by CNAME loops, resulting in denial of service.\n\nCVE-2018-16851\n\nGarming Sam of the Samba Team and Catalyst discovered a NULL pointer dereference vulnerability in the Samba AD DC LDAP server allowing a user able to read more than 256MB of LDAP entries to crash the Samba AD DC's LDAP server.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 2:4.2.14+dfsg-0+deb8u11.\n\nWe recommend that you upgrade your samba packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-12-17T00:00:00", "type": "nessus", "title": "Debian DLA-1607-1 : samba security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14629", "CVE-2018-16851"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnss-winbind", "p-cpe:/a:debian:debian_linux:libpam-smbpass", "p-cpe:/a:debian:debian_linux:libpam-winbind", "p-cpe:/a:debian:debian_linux:libparse-pidl-perl", "p-cpe:/a:debian:debian_linux:libsmbclient", "p-cpe:/a:debian:debian_linux:libsmbclient-dev", "p-cpe:/a:debian:debian_linux:libsmbsharemodes-dev", "p-cpe:/a:debian:debian_linux:libsmbsharemodes0", "p-cpe:/a:debian:debian_linux:libwbclient-dev", "p-cpe:/a:debian:debian_linux:libwbclient0", "p-cpe:/a:debian:debian_linux:python-samba", "p-cpe:/a:debian:debian_linux:registry-tools", "p-cpe:/a:debian:debian_linux:samba", "p-cpe:/a:debian:debian_linux:samba-common", "p-cpe:/a:debian:debian_linux:samba-common-bin", "p-cpe:/a:debian:debian_linux:samba-dbg", "p-cpe:/a:debian:debian_linux:samba-dev", "p-cpe:/a:debian:debian_linux:samba-doc", "p-cpe:/a:debian:debian_linux:samba-dsdb-modules", "p-cpe:/a:debian:debian_linux:samba-libs", "p-cpe:/a:debian:debian_linux:samba-testsuite", "p-cpe:/a:debian:debian_linux:samba-vfs-modules", "p-cpe:/a:debian:debian_linux:smbclient", "p-cpe:/a:debian:debian_linux:winbind", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1607.NASL", "href": "https://www.tenable.com/plugins/nessus/119694", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1607-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119694);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16851\");\n\n script_name(english:\"Debian DLA-1607-1 : samba security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS\nfile, print, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues :\n\nCVE-2018-14629\n\nFlorian Stuelpner discovered that Samba is vulnerable to infinite\nquery recursion caused by CNAME loops, resulting in denial of service.\n\nCVE-2018-16851\n\nGarming Sam of the Samba Team and Catalyst discovered a NULL pointer\ndereference vulnerability in the Samba AD DC LDAP server allowing a\nuser able to read more than 256MB of LDAP entries to crash the Samba\nAD DC's LDAP server.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2:4.2.14+dfsg-0+deb8u11.\n\nWe recommend that you upgrade your samba packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/12/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/samba\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpam-smbpass\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpam-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libparse-pidl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbsharemodes-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:registry-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-common-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-vfs-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:smbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libnss-winbind\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpam-smbpass\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpam-winbind\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libparse-pidl-perl\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbclient\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbclient-dev\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbsharemodes-dev\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbsharemodes0\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwbclient-dev\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwbclient0\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-samba\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"registry-tools\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-common\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-common-bin\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-dbg\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-dev\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-doc\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-dsdb-modules\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-libs\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-testsuite\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-vfs-modules\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"smbclient\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"winbind\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:45:12", "description": "New samba packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.", "cvss3": {}, "published": "2018-08-20T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2018-229-02)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2018-11-29T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:samba", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2018-229-02.NASL", "href": "https://www.tenable.com/plugins/nessus/111996", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2018-229-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111996);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/29 13:47:55\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10919\");\n script_xref(name:\"SSA\", value:\"2018-229-02\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2018-229-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New samba packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.467546\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?05579742\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected samba package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"samba\", pkgver:\"4.8.4\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.8.4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:43:23", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues :\n\n - CVE-2018-10858 Svyatoslav Phirsov discovered that insufficient input validation in libsmbclient allowed a malicious Samba server to write to the client's heap memory.\n\n - CVE-2018-10919 Phillip Kuhrt discovered that Samba when acting as an Active Domain controller disclosed some sensitive attributes.", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "Debian DSA-4271-1 : samba - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2018-11-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:samba", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4271.NASL", "href": "https://www.tenable.com/plugins/nessus/111706", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4271. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111706);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10919\");\n script_xref(name:\"DSA\", value:\"4271\");\n\n script_name(english:\"Debian DSA-4271-1 : samba - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS\nfile, print, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues :\n\n - CVE-2018-10858\n Svyatoslav Phirsov discovered that insufficient input\n validation in libsmbclient allowed a malicious Samba\n server to write to the client's heap memory.\n\n - CVE-2018-10919\n Phillip Kuhrt discovered that Samba when acting as an\n Active Domain controller disclosed some sensitive\n attributes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-10858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-10919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/samba\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/samba\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4271\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the samba packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2:4.5.12+dfsg-2+deb9u3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"ctdb\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-winbind\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpam-winbind\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libparse-pidl-perl\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsmbclient\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsmbclient-dev\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwbclient-dev\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwbclient0\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-samba\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"registry-tools\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-common\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-common-bin\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-dev\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-dsdb-modules\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-libs\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-testsuite\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-vfs-modules\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"smbclient\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"winbind\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:11:25", "description": "Various vulnerabilities were discovered in Samba, SMB/CIFS file, print, and login server/client for Unix\n\nCVE-2017-9461\n\nsmbd in Samba had a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.\n\nCVE-2018-1050\n\nSamba was vulnerable to a denial of service attack when the RPC spoolss service was configured to be run as an external daemon.\nMissing input sanitization checks on some of the input parameters to spoolss RPC calls could have caused the print spooler service to crash.\n\nCVE-2018-1057\n\nOn a Samba 4 AD DC the LDAP server of Samba incorrectly validated permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).\n\nThanks to the Ubuntu security team for having backported the rather invasive changeset to Samba in Ubuntu 14.04 (which we could use to patch Samba in Debian jessie LTS).\n\nCVE-2019-3880\n\nA flaw was found in the way Samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could have used this flaw to create a new registry hive file anywhere they had unix permissions which could have lead to creation of a new file in the Samba share.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 2:4.2.14+dfsg-0+deb8u12.\n\nWe recommend that you upgrade your samba packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-10T00:00:00", "type": "nessus", "title": "Debian DLA-1754-1 : samba security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9461", "CVE-2018-1050", "CVE-2018-1057", "CVE-2019-3880"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnss-winbind", "p-cpe:/a:debian:debian_linux:libpam-smbpass", "p-cpe:/a:debian:debian_linux:libpam-winbind", "p-cpe:/a:debian:debian_linux:libparse-pidl-perl", "p-cpe:/a:debian:debian_linux:libsmbclient", "p-cpe:/a:debian:debian_linux:libsmbclient-dev", "p-cpe:/a:debian:debian_linux:libsmbsharemodes-dev", "p-cpe:/a:debian:debian_linux:libsmbsharemodes0", "p-cpe:/a:debian:debian_linux:libwbclient-dev", "p-cpe:/a:debian:debian_linux:libwbclient0", "p-cpe:/a:debian:debian_linux:python-samba", "p-cpe:/a:debian:debian_linux:registry-tools", "p-cpe:/a:debian:debian_linux:samba", "p-cpe:/a:debian:debian_linux:samba-common", "p-cpe:/a:debian:debian_linux:samba-common-bin", "p-cpe:/a:debian:debian_linux:samba-dbg", "p-cpe:/a:debian:debian_linux:samba-dev", "p-cpe:/a:debian:debian_linux:samba-doc", "p-cpe:/a:debian:debian_linux:samba-dsdb-modules", "p-cpe:/a:debian:debian_linux:samba-libs", "p-cpe:/a:debian:debian_linux:samba-testsuite", "p-cpe:/a:debian:debian_linux:samba-vfs-modules", "p-cpe:/a:debian:debian_linux:smbclient", "p-cpe:/a:debian:debian_linux:winbind", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1754.NASL", "href": "https://www.tenable.com/plugins/nessus/123959", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1754-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123959);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-9461\", \"CVE-2018-1050\", \"CVE-2018-1057\", \"CVE-2019-3880\");\n\n script_name(english:\"Debian DLA-1754-1 : samba security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various vulnerabilities were discovered in Samba, SMB/CIFS file,\nprint, and login server/client for Unix\n\nCVE-2017-9461\n\nsmbd in Samba had a denial of service vulnerability (fd_open_atomic\ninfinite loop with high CPU usage and memory consumption) due to\nwrongly handling dangling symlinks.\n\nCVE-2018-1050\n\nSamba was vulnerable to a denial of service attack when the RPC\nspoolss service was configured to be run as an external daemon.\nMissing input sanitization checks on some of the input parameters to\nspoolss RPC calls could have caused the print spooler service to\ncrash.\n\nCVE-2018-1057\n\nOn a Samba 4 AD DC the LDAP server of Samba incorrectly validated\npermissions to modify passwords over LDAP allowing authenticated users\nto change any other users' passwords, including administrative users\nand privileged service accounts (eg Domain Controllers).\n\nThanks to the Ubuntu security team for having backported the\nrather invasive changeset to Samba in Ubuntu 14.04 (which we\ncould use to patch Samba in Debian jessie LTS).\n\nCVE-2019-3880\n\nA flaw was found in the way Samba implemented an RPC endpoint\nemulating the Windows registry service API. An unprivileged attacker\ncould have used this flaw to create a new registry hive file anywhere\nthey had unix permissions which could have lead to creation of a new\nfile in the Samba share.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2:4.2.14+dfsg-0+deb8u12.\n\nWe recommend that you upgrade your samba packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/samba\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1057\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpam-smbpass\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpam-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libparse-pidl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbsharemodes-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:registry-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-common-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-vfs-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:smbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libnss-winbind\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpam-smbpass\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpam-winbind\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libparse-pidl-perl\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbclient\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbclient-dev\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbsharemodes-dev\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbsharemodes0\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwbclient-dev\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwbclient0\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-samba\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"registry-tools\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-common\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-common-bin\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-dbg\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-dev\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-doc\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-dsdb-modules\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-libs\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-testsuite\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-vfs-modules\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"smbclient\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"winbind\", reference:\"2:4.2.14+dfsg-0+deb8u12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:12:09", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.\n (CVE-2018-1050)\n\n - A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.(CVE-2018-10858)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.3 : samba (EulerOS-SA-2019-1273)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:2.5.3", "p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs"], "id": "EULEROS_SA-2019-1273.NASL", "href": "https://www.tenable.com/plugins/nessus/123741", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123741);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1050\",\n \"CVE-2018-10858\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.3 : samba (EulerOS-SA-2019-1273)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A null pointer dereference flaw was found in Samba RPC\n external printer service. An attacker could use this\n flaw to cause the printer spooler service to crash.\n (CVE-2018-1050)\n\n - A heap-buffer overflow was found in the way samba\n clients processed extra long filename in a directory\n listing. A malicious samba server could use this flaw\n to cause arbitrary code execution on a samba\n client.(CVE-2018-10858)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1273\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5fbe1d94\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.3\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.3\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.6.2-8.h6\",\n \"libwbclient-4.6.2-8.h6\",\n \"samba-client-libs-4.6.2-8.h6\",\n \"samba-common-4.6.2-8.h6\",\n \"samba-common-libs-4.6.2-8.h6\",\n \"samba-common-tools-4.6.2-8.h6\",\n \"samba-libs-4.6.2-8.h6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:12:24", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n - samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : samba (EulerOS-SA-2019-1150)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:huawei:euleros:2.0", "p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-python", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules"], "id": "EULEROS_SA-2019-1150.NASL", "href": "https://www.tenable.com/plugins/nessus/123624", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123624);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1050\",\n \"CVE-2018-10858\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : samba (EulerOS-SA-2019-1150)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - samba: Insufficient input validation in libsmbclient\n (CVE-2018-10858)\n\n - samba: NULL pointer dereference in printer server\n process (CVE-2018-1050)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1150\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?badcc9b9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.7.1-9.h2.eulerosv2r7\",\n \"libwbclient-4.7.1-9.h2.eulerosv2r7\",\n \"samba-4.7.1-9.h2.eulerosv2r7\",\n \"samba-client-4.7.1-9.h2.eulerosv2r7\",\n \"samba-client-libs-4.7.1-9.h2.eulerosv2r7\",\n \"samba-common-4.7.1-9.h2.eulerosv2r7\",\n \"samba-common-libs-4.7.1-9.h2.eulerosv2r7\",\n \"samba-common-tools-4.7.1-9.h2.eulerosv2r7\",\n \"samba-libs-4.7.1-9.h2.eulerosv2r7\",\n \"samba-python-4.7.1-9.h2.eulerosv2r7\",\n \"samba-winbind-4.7.1-9.h2.eulerosv2r7\",\n \"samba-winbind-clients-4.7.1-9.h2.eulerosv2r7\",\n \"samba-winbind-modules-4.7.1-9.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T12:27:07", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon.\n Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.(CVE-2018-1050)\n\n - A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.\n Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.(CVE-2018-10858)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-06T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : samba (EulerOS-SA-2019-1342)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-python", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1342.NASL", "href": "https://www.tenable.com/plugins/nessus/124628", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(&#x