CentOS Update for samba CESA-2009:1528 centos3 i386
2011-08-09T00:00:00
ID OPENVAS:1361412562310880865 Type openvas Reporter Copyright (c) 2011 Greenbone Networks GmbH Modified 2019-03-15T00:00:00
Description
The remote host is missing an update for the
###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for samba CESA-2009:1528 centos3 i386
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html");
script_oid("1.3.6.1.4.1.25623.1.0.880865");
script_version("$Revision: 14222 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $");
script_tag(name:"creation_date", value:"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)");
script_tag(name:"cvss_base", value:"4.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:N/A:P");
script_xref(name:"CESA", value:"2009:1528");
script_cve_id("CVE-2009-2906");
script_name("CentOS Update for samba CESA-2009:1528 centos3 i386");
script_tag(name:"summary", value:"The remote host is missing an update for the 'samba'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS3");
script_tag(name:"affected", value:"samba on CentOS 3");
script_tag(name:"insight", value:"Samba is a suite of programs used by machines to share files, printers, and
other information.
A denial of service flaw was found in the Samba smbd daemon. An
authenticated, remote user could send a specially-crafted response that
would cause an smbd child process to enter an infinite loop. An
authenticated, remote user could use this flaw to exhaust system resources
by opening multiple CIFS sessions. (CVE-2009-2906)
This update also fixes the following bug:
* the RHSA-2007:0354 update added code to escape input passed to scripts
that are run by Samba. This code was missing 'c' from the list of valid
characters, causing it to be escaped. With this update, the previous patch
has been updated to include 'c' in the list of valid characters.
(BZ#242754)
Users of Samba should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing this update,
the smb service will be restarted automatically.");
script_tag(name:"solution", value:"Please install the updated packages.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS3")
{
if ((res = isrpmvuln(pkg:"samba", rpm:"samba~3.0.9~1.3E.16", rls:"CentOS3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"samba-client", rpm:"samba-client~3.0.9~1.3E.16", rls:"CentOS3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"samba-common", rpm:"samba-common~3.0.9~1.3E.16", rls:"CentOS3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"samba-swat", rpm:"samba-swat~3.0.9~1.3E.16", rls:"CentOS3")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310880865", "bulletinFamily": "scanner", "title": "CentOS Update for samba CESA-2009:1528 centos3 i386", "description": "The remote host is missing an update for the ", "published": "2011-08-09T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880865", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2009:1528", "http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html"], "cvelist": ["CVE-2009-2906"], "type": "openvas", "lastseen": "2019-05-29T18:39:47", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2009-2906"], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "The remote host is missing an update for the ", "edition": 8, "enchantments": {"dependencies": {"modified": "2019-03-18T14:43:32", "references": [{"idList": ["SECURITYVULNS:DOC:22637", "SECURITYVULNS:VULN:10322"], "type": "securityvulns"}, {"idList": ["CENTOS_RHSA-2009-1528.NASL", "MANDRIVA_MDVSA-2009-277.NASL", "SLACKWARE_SSA_2009-276-01.NASL", "SUSE_CIFS-MOUNT-6519.NASL", "REDHAT-RHSA-2009-1528.NASL", "FEDORA_2009-10180.NASL", "SUSE_CIFS-MOUNT-6551.NASL", "SUSE_11_CIFS-MOUNT-091001.NASL", "ORACLELINUX_ELSA-2009-1528.NASL", "SAMBA_3_2_15.NASL"], "type": "nessus"}, {"idList": ["SAMBA:CVE-2009-2906"], "type": "samba"}, {"idList": ["RHSA-2009:1528", "RHSA-2009:1585", "RHSA-2009:1529"], "type": "redhat"}, {"idList": ["SSA-2009-276-01"], "type": "slackware"}, {"idList": ["DEBIAN:DSA-1908-1:D4D84"], "type": "debian"}, {"idList": ["USN-839-1"], "type": "ubuntu"}, {"idList": ["CVE-2009-2906"], "type": "cve"}, {"idList": ["ELSA-2009-1528", "ELSA-2009-1529"], "type": "oraclelinux"}, {"idList": ["CESA-2009:1529", "CESA-2009:1528"], "type": "centos"}, {"idList": ["VMSA-2010-0006"], "type": "vmware"}, {"idList": ["THREATPOST:4F867C686B7E31697E158FBD04A5DD35"], "type": "threatpost"}, {"idList": ["GLSA-201206-22"], "type": "gentoo"}, {"idList": ["SSV:12453"], "type": "seebug"}, {"idList": ["OPENVAS:136141256231066160", "OPENVAS:66033", "OPENVAS:66118", "OPENVAS:880865", "OPENVAS:136141256231066118", "OPENVAS:66071", "OPENVAS:66160", "OPENVAS:66054", "OPENVAS:65000", "OPENVAS:66079"], "type": "openvas"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "59fee27d2764be18e80a46c61fa38dfdd2e015847ba91bceaa2e4c9dd4ccf8bc", "hashmap": [{"hash": "6b905b312107fe9d17e0a525fef5cd88", "key": "title"}, {"hash": "0a853c04534f5fc89fda87e7d4937146", "key": "cvelist"}, {"hash": "1693b96dcccf4fbcd463bf8baaa2bf3f", "key": "description"}, {"hash": "5b3e78bf2118fdcf240d0771f3c6039e", "key": "reporter"}, {"hash": "bdcfe890489bb0482973a523aebd3584", "key": "published"}, {"hash": "03ff1a04ebb34d5a1f1a88aaa4c01b52", "key": "pluginID"}, {"hash": "8f8213e8b86855939d5beea715ce3045", "key": "naslFamily"}, {"hash": "73bbf381b8edf735b48a594ed23cc1bb", "key": "sourceData"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "4525bc09d1c4c408a417a5eb7b850972", "key": "modified"}, {"hash": "52565f5d851c967e991898fe1905d4fd", "key": "references"}, {"hash": "818c1a4a0d7349e62cb48e07bc8df7e1", "key": "href"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880865", "id": "OPENVAS:1361412562310880865", "lastseen": "2019-03-18T14:43:32", "modified": "2019-03-15T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310880865", "published": "2011-08-09T00:00:00", "references": ["2009:1528", "http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html"], "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba CESA-2009:1528 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880865\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1528\");\n script_cve_id(\"CVE-2009-2906\");\n script_name(\"CentOS Update for samba CESA-2009:1528 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"samba on CentOS 3\");\n script_tag(name:\"insight\", value:\"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A denial of service flaw was found in the Samba smbd daemon. An\n authenticated, remote user could send a specially-crafted response that\n would cause an smbd child process to enter an infinite loop. An\n authenticated, remote user could use this flaw to exhaust system resources\n by opening multiple CIFS sessions. (CVE-2009-2906)\n\n This update also fixes the following bug:\n\n * the RHSA-2007:0354 update added code to escape input passed to scripts\n that are run by Samba. This code was missing 'c' from the list of valid\n characters, causing it to be escaped. With this update, the previous patch\n has been updated to include 'c' in the list of valid characters.\n (BZ#242754)\n\n Users of Samba should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing this update,\n the smb service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "title": "CentOS Update for samba CESA-2009:1528 centos3 i386", "type": "openvas", "viewCount": 2}, "differentElements": ["cvss"], "edition": 8, "lastseen": "2019-03-18T14:43:32"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2009-2906"], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Check for the Version of samba", "edition": 5, "enchantments": {"dependencies": {"modified": "2019-03-08T14:14:36", "references": [{"idList": ["SECURITYVULNS:DOC:22637", "SECURITYVULNS:VULN:10322"], "type": "securityvulns"}, {"idList": ["SAMBA:CVE-2009-2906"], "type": "samba"}, {"idList": ["RHSA-2009:1528", "RHSA-2009:1585", "RHSA-2009:1529"], "type": "redhat"}, {"idList": ["FEDORA_2009-10172.NASL", "CENTOS_RHSA-2009-1528.NASL", "MANDRIVA_MDVSA-2009-277.NASL", "SLACKWARE_SSA_2009-276-01.NASL", "SUSE_CIFS-MOUNT-6519.NASL", "REDHAT-RHSA-2009-1528.NASL", "FEDORA_2009-10180.NASL", "SUSE_CIFS-MOUNT-6551.NASL", "SUSE_11_CIFS-MOUNT-091001.NASL", "ORACLELINUX_ELSA-2009-1528.NASL"], "type": "nessus"}, {"idList": ["SSA-2009-276-01"], "type": "slackware"}, {"idList": ["DEBIAN:DSA-1908-1:D4D84"], "type": "debian"}, {"idList": ["USN-839-1"], "type": "ubuntu"}, {"idList": ["CVE-2009-2906"], "type": "cve"}, {"idList": ["ELSA-2009-1528", "ELSA-2009-1529"], "type": "oraclelinux"}, {"idList": ["CESA-2009:1529", "CESA-2009:1528"], "type": "centos"}, {"idList": ["VMSA-2010-0006"], "type": "vmware"}, {"idList": ["THREATPOST:4F867C686B7E31697E158FBD04A5DD35"], "type": "threatpost"}, {"idList": ["GLSA-201206-22"], "type": "gentoo"}, {"idList": ["SSV:12453"], "type": "seebug"}, {"idList": ["OPENVAS:136141256231066160", "OPENVAS:66033", "OPENVAS:66118", "OPENVAS:880865", "OPENVAS:136141256231066054", "OPENVAS:136141256231066118", "OPENVAS:66160", "OPENVAS:66073", "OPENVAS:136141256231066073", "OPENVAS:66079"], "type": "openvas"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "59f96eef1d76427d14897cbdd5790b40d42308e492d23eef261cea1425d15999", "hashmap": [{"hash": "6b905b312107fe9d17e0a525fef5cd88", "key": "title"}, {"hash": "0a853c04534f5fc89fda87e7d4937146", "key": "cvelist"}, {"hash": "5b3e78bf2118fdcf240d0771f3c6039e", "key": "reporter"}, {"hash": "bdcfe890489bb0482973a523aebd3584", "key": "published"}, {"hash": "03ff1a04ebb34d5a1f1a88aaa4c01b52", "key": "pluginID"}, {"hash": "8f8213e8b86855939d5beea715ce3045", "key": "naslFamily"}, {"hash": "ecbe9d16f6a6e342e317b2b4714ba558", "key": "modified"}, {"hash": "bbb094ce69eef6e9f05b19b44d671fef", "key": "description"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "ab029e5aa0ff776521e3261b4a81fd65", "key": "sourceData"}, {"hash": "52565f5d851c967e991898fe1905d4fd", "key": "references"}, {"hash": "818c1a4a0d7349e62cb48e07bc8df7e1", "key": "href"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880865", "id": "OPENVAS:1361412562310880865", "lastseen": "2019-03-08T14:14:36", "modified": "2019-03-08T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310880865", "published": "2011-08-09T00:00:00", "references": ["2009:1528", "http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html"], "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba CESA-2009:1528 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A denial of service flaw was found in the Samba smbd daemon. An\n authenticated, remote user could send a specially-crafted response that\n would cause an smbd child process to enter an infinite loop. An\n authenticated, remote user could use this flaw to exhaust system resources\n by opening multiple CIFS sessions. (CVE-2009-2906)\n \n This update also fixes the following bug:\n \n * the RHSA-2007:0354 update added code to escape input passed to scripts\n that are run by Samba. This code was missing "c" from the list of valid\n characters, causing it to be escaped. With this update, the previous patch\n has been updated to include "c" in the list of valid characters.\n (BZ#242754)\n \n Users of Samba should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing this update,\n the smb service will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"samba on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880865\");\n script_version(\"$Revision: 14050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 10:08:09 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1528\");\n script_cve_id(\"CVE-2009-2906\");\n script_name(\"CentOS Update for samba CESA-2009:1528 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "CentOS Update for samba CESA-2009:1528 centos3 i386", "type": "openvas", "viewCount": 0}, "differentElements": ["description", "sourceData"], "edition": 5, "lastseen": "2019-03-08T14:14:36"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2009-2906"], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "The remote host is missing an update as announced in the referenced advisory for samba", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-03-12T14:24:41", "references": [{"idList": ["CENTOS_RHSA-2009-1528.NASL", "MANDRIVA_MDVSA-2009-277.NASL", "SLACKWARE_SSA_2009-276-01.NASL", "SUSE_11_0_CIFS-MOUNT-090930.NASL", "SUSE_CIFS-MOUNT-6519.NASL", "REDHAT-RHSA-2009-1528.NASL", "FEDORA_2009-10180.NASL", "SUSE_CIFS-MOUNT-6551.NASL", "SUSE_11_CIFS-MOUNT-091001.NASL", "ORACLELINUX_ELSA-2009-1528.NASL"], "type": "nessus"}, {"idList": ["SECURITYVULNS:DOC:22637", "SECURITYVULNS:VULN:10322"], "type": "securityvulns"}, {"idList": ["SAMBA:CVE-2009-2906"], "type": "samba"}, {"idList": ["RHSA-2009:1528", "RHSA-2009:1585", "RHSA-2009:1529"], "type": "redhat"}, {"idList": ["SSA-2009-276-01"], "type": "slackware"}, {"idList": ["DEBIAN:DSA-1908-1:D4D84"], "type": "debian"}, {"idList": ["USN-839-1"], "type": "ubuntu"}, {"idList": ["CVE-2009-2906"], "type": "cve"}, {"idList": ["ELSA-2009-1528", "ELSA-2009-1529"], "type": "oraclelinux"}, {"idList": ["CESA-2009:1529", "CESA-2009:1528"], "type": "centos"}, {"idList": ["VMSA-2010-0006"], "type": "vmware"}, {"idList": ["THREATPOST:4F867C686B7E31697E158FBD04A5DD35"], "type": "threatpost"}, {"idList": ["GLSA-201206-22"], "type": "gentoo"}, {"idList": ["SSV:12453"], "type": "seebug"}, {"idList": ["OPENVAS:136141256231066160", "OPENVAS:66033", "OPENVAS:66118", "OPENVAS:880865", "OPENVAS:136141256231066118", "OPENVAS:66071", "OPENVAS:66160", "OPENVAS:66054", "OPENVAS:65000", "OPENVAS:66079"], "type": "openvas"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "c5c91a5446cc289fae591529ec0435d5392d94bc946a29cd5b98b8953645887d", "hashmap": [{"hash": "6b905b312107fe9d17e0a525fef5cd88", "key": "title"}, {"hash": "0a853c04534f5fc89fda87e7d4937146", "key": "cvelist"}, {"hash": "8df551f28a425238d0f688d76c45d864", "key": "sourceData"}, {"hash": "e903d0290c5491f87faf20f117bbf5e3", "key": "description"}, {"hash": "5b3e78bf2118fdcf240d0771f3c6039e", "key": "reporter"}, {"hash": "bdcfe890489bb0482973a523aebd3584", "key": "published"}, {"hash": "03ff1a04ebb34d5a1f1a88aaa4c01b52", "key": "pluginID"}, {"hash": "8f8213e8b86855939d5beea715ce3045", "key": "naslFamily"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "72d5117c6309aeefe6221423612c3979", "key": "modified"}, {"hash": "52565f5d851c967e991898fe1905d4fd", "key": "references"}, {"hash": "818c1a4a0d7349e62cb48e07bc8df7e1", "key": "href"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880865", "id": "OPENVAS:1361412562310880865", "lastseen": "2019-03-12T14:24:41", "modified": "2019-03-11T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310880865", "published": "2011-08-09T00:00:00", "references": ["2009:1528", "http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html"], "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba CESA-2009:1528 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880865\");\n script_version(\"$Revision: 14098 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-11 16:47:16 +0100 (Mon, 11 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1528\");\n script_cve_id(\"CVE-2009-2906\");\n script_name(\"CentOS Update for samba CESA-2009:1528 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced in the referenced advisory for samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"samba on CentOS 3\");\n script_tag(name:\"insight\", value:\"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A denial of service flaw was found in the Samba smbd daemon. An\n authenticated, remote user could send a specially-crafted response that\n would cause an smbd child process to enter an infinite loop. An\n authenticated, remote user could use this flaw to exhaust system resources\n by opening multiple CIFS sessions. (CVE-2009-2906)\n\n This update also fixes the following bug:\n\n * the RHSA-2007:0354 update added code to escape input passed to scripts\n that are run by Samba. This code was missing 'c' from the list of valid\n characters, causing it to be escaped. With this update, the previous patch\n has been updated to include 'c' in the list of valid characters.\n (BZ#242754)\n\n Users of Samba should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing this update,\n the smb service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "title": "CentOS Update for samba CESA-2009:1528 centos3 i386", "type": "openvas", "viewCount": 1}, "differentElements": ["description", "modified", "sourceData"], "edition": 7, "lastseen": "2019-03-12T14:24:41"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2009-2906"], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Check for the Version of samba", "edition": 1, "enchantments": {"score": {"modified": "2018-04-06T11:36:53", "value": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N/"}}, "hash": "2f29e2e9fbd0e46e3bb354cb73bc246ad052c77e20409fcbb1c08433515002f7", "hashmap": [{"hash": "6b905b312107fe9d17e0a525fef5cd88", "key": "title"}, {"hash": "5e4f8b1ba3d09a3d8d7d863495342f1b", "key": "sourceData"}, {"hash": "0a853c04534f5fc89fda87e7d4937146", "key": "cvelist"}, {"hash": "4fb7fd6149697e74d091717ea3f1ca84", "key": "modified"}, {"hash": "5b3e78bf2118fdcf240d0771f3c6039e", "key": "reporter"}, {"hash": "bdcfe890489bb0482973a523aebd3584", "key": "published"}, {"hash": "03ff1a04ebb34d5a1f1a88aaa4c01b52", "key": "pluginID"}, {"hash": "8f8213e8b86855939d5beea715ce3045", "key": "naslFamily"}, {"hash": "bbb094ce69eef6e9f05b19b44d671fef", "key": "description"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "52565f5d851c967e991898fe1905d4fd", "key": "references"}, {"hash": "818c1a4a0d7349e62cb48e07bc8df7e1", "key": "href"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880865", "id": "OPENVAS:1361412562310880865", "lastseen": "2018-04-06T11:36:53", "modified": "2018-04-06T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310880865", "published": "2011-08-09T00:00:00", "references": ["2009:1528", "http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html"], "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba CESA-2009:1528 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A denial of service flaw was found in the Samba smbd daemon. An\n authenticated, remote user could send a specially-crafted response that\n would cause an smbd child process to enter an infinite loop. An\n authenticated, remote user could use this flaw to exhaust system resources\n by opening multiple CIFS sessions. (CVE-2009-2906)\n \n This update also fixes the following bug:\n \n * the RHSA-2007:0354 update added code to escape input passed to scripts\n that are run by Samba. This code was missing "c" from the list of valid\n characters, causing it to be escaped. With this update, the previous patch\n has been updated to include "c" in the list of valid characters.\n (BZ#242754)\n \n Users of Samba should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing this update,\n the smb service will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"samba on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880865\");\n script_version(\"$Revision: 9351 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:05:43 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1528\");\n script_cve_id(\"CVE-2009-2906\");\n script_name(\"CentOS Update for samba CESA-2009:1528 centos3 i386\");\n\n script_summary(\"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "CentOS Update for samba CESA-2009:1528 centos3 i386", "type": "openvas", "viewCount": 0}, "differentElements": ["sourceData"], "edition": 1, "lastseen": "2018-04-06T11:36:53"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2009-2906"], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "The remote host is missing an update as announced in the referenced advisory for samba", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-03-11T14:46:34", "references": [{"idList": ["SECURITYVULNS:DOC:22637", "SECURITYVULNS:VULN:10322"], "type": "securityvulns"}, {"idList": ["SAMBA:CVE-2009-2906"], "type": "samba"}, {"idList": ["RHSA-2009:1528", "RHSA-2009:1585", "RHSA-2009:1529"], "type": "redhat"}, {"idList": ["SSA-2009-276-01"], "type": "slackware"}, {"idList": ["DEBIAN:DSA-1908-1:D4D84"], "type": "debian"}, {"idList": ["USN-839-1"], "type": "ubuntu"}, {"idList": ["CVE-2009-2906"], "type": "cve"}, {"idList": ["CENTOS_RHSA-2009-1528.NASL", "MANDRIVA_MDVSA-2009-277.NASL", "SLACKWARE_SSA_2009-276-01.NASL", "SUSE_CIFS-MOUNT-6519.NASL", "REDHAT-RHSA-2009-1528.NASL", "FEDORA_2009-10180.NASL", "SUSE_CIFS-MOUNT-6551.NASL", "SUSE_11_CIFS-MOUNT-091001.NASL", "SUSE_11_1_CIFS-MOUNT-090930.NASL", "ORACLELINUX_ELSA-2009-1528.NASL"], "type": "nessus"}, {"idList": ["ELSA-2009-1528", "ELSA-2009-1529"], "type": "oraclelinux"}, {"idList": ["CESA-2009:1529", "CESA-2009:1528"], "type": "centos"}, {"idList": ["VMSA-2010-0006"], "type": "vmware"}, {"idList": ["THREATPOST:4F867C686B7E31697E158FBD04A5DD35"], "type": "threatpost"}, {"idList": ["GLSA-201206-22"], "type": "gentoo"}, {"idList": ["SSV:12453"], "type": "seebug"}, {"idList": ["OPENVAS:136141256231066160", "OPENVAS:66033", "OPENVAS:66118", "OPENVAS:880865", "OPENVAS:136141256231066054", "OPENVAS:136141256231066118", "OPENVAS:66160", "OPENVAS:66073", "OPENVAS:136141256231066073", "OPENVAS:66079"], "type": "openvas"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "3b1a48006ff70b6a3596c68cc400dc1a0d4cc258fd4647768bc7d7b2a270671a", "hashmap": [{"hash": "6b905b312107fe9d17e0a525fef5cd88", "key": "title"}, {"hash": "0a853c04534f5fc89fda87e7d4937146", "key": "cvelist"}, {"hash": "e903d0290c5491f87faf20f117bbf5e3", "key": "description"}, {"hash": "5b3e78bf2118fdcf240d0771f3c6039e", "key": "reporter"}, {"hash": "bdcfe890489bb0482973a523aebd3584", "key": "published"}, {"hash": "03ff1a04ebb34d5a1f1a88aaa4c01b52", "key": "pluginID"}, {"hash": "8f8213e8b86855939d5beea715ce3045", "key": "naslFamily"}, {"hash": "ecbe9d16f6a6e342e317b2b4714ba558", "key": "modified"}, {"hash": "2fa6df14bd0e79a45ca04c433006fdf6", "key": "sourceData"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "52565f5d851c967e991898fe1905d4fd", "key": "references"}, {"hash": "818c1a4a0d7349e62cb48e07bc8df7e1", "key": "href"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880865", "id": "OPENVAS:1361412562310880865", "lastseen": "2019-03-11T14:46:34", "modified": "2019-03-08T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310880865", "published": "2011-08-09T00:00:00", "references": ["2009:1528", "http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html"], "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba CESA-2009:1528 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880865\");\n script_version(\"$Revision: 14056 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:00:00 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1528\");\n script_cve_id(\"CVE-2009-2906\");\n script_name(\"CentOS Update for samba CESA-2009:1528 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced in the referenced advisory for samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"samba on CentOS 3\");\n script_tag(name:\"insight\", value:\"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A denial of service flaw was found in the Samba smbd daemon. An\n authenticated, remote user could send a specially-crafted response that\n would cause an smbd child process to enter an infinite loop. An\n authenticated, remote user could use this flaw to exhaust system resources\n by opening multiple CIFS sessions. (CVE-2009-2906)\n\n This update also fixes the following bug:\n\n * the RHSA-2007:0354 update added code to escape input passed to scripts\n that are run by Samba. This code was missing "c" from the list of valid\n characters, causing it to be escaped. With this update, the previous patch\n has been updated to include "c" in the list of valid characters.\n (BZ#242754)\n\n Users of Samba should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing this update,\n the smb service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "title": "CentOS Update for samba CESA-2009:1528 centos3 i386", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 6, "lastseen": "2019-03-11T14:46:34"}], "edition": 9, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "0a853c04534f5fc89fda87e7d4937146"}, {"key": "cvss", "hash": "3a24dfd360218a9ca36afb3843751b95"}, {"key": "description", "hash": "1693b96dcccf4fbcd463bf8baaa2bf3f"}, {"key": "href", "hash": "818c1a4a0d7349e62cb48e07bc8df7e1"}, {"key": "modified", "hash": "4525bc09d1c4c408a417a5eb7b850972"}, {"key": "naslFamily", "hash": "8f8213e8b86855939d5beea715ce3045"}, {"key": "pluginID", "hash": "03ff1a04ebb34d5a1f1a88aaa4c01b52"}, {"key": "published", "hash": "bdcfe890489bb0482973a523aebd3584"}, {"key": "references", "hash": "52565f5d851c967e991898fe1905d4fd"}, {"key": "reporter", "hash": "5b3e78bf2118fdcf240d0771f3c6039e"}, {"key": "sourceData", "hash": "73bbf381b8edf735b48a594ed23cc1bb"}, {"key": "title", "hash": "6b905b312107fe9d17e0a525fef5cd88"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "ea3d41711d3b4725541e030757c3e32435ec4007e4497de947af12b39ec147e4", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-2906"]}, {"type": "openvas", "idList": ["OPENVAS:66118", "OPENVAS:66160", "OPENVAS:880865", "OPENVAS:136141256231066118", "OPENVAS:136141256231066160", "OPENVAS:136141256231065000", "OPENVAS:66054", "OPENVAS:136141256231065009", "OPENVAS:65000", "OPENVAS:136141256231066073"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2009-1528.NASL", "CENTOS_RHSA-2009-1528.NASL", "REDHAT-RHSA-2009-1528.NASL", "SLACKWARE_SSA_2009-276-01.NASL", "SUSE_11_0_CIFS-MOUNT-090930.NASL", "SUSE_11_1_CIFS-MOUNT-090930.NASL", "SUSE_CIFS-MOUNT-6518.NASL", "SUSE_CIFS-MOUNT-6551.NASL", "MANDRIVA_MDVSA-2009-277.NASL", "SUSE_CIFS-MOUNT-6519.NASL"]}, {"type": "seebug", "idList": ["SSV:12453"]}, {"type": "samba", "idList": ["SAMBA:CVE-2009-2906"]}, {"type": "centos", "idList": ["CESA-2009:1528", "CESA-2009:1529"]}, {"type": "redhat", "idList": ["RHSA-2009:1528", "RHSA-2009:1585", "RHSA-2009:1529"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1528", "ELSA-2009-1529"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22637", "SECURITYVULNS:VULN:10322"]}, {"type": "slackware", "idList": ["SSA-2009-276-01"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1908-1:D4D84"]}, {"type": "ubuntu", "idList": ["USN-839-1"]}, {"type": "vmware", "idList": ["VMSA-2010-0006"]}, {"type": "gentoo", "idList": ["GLSA-201206-22"]}, {"type": "threatpost", "idList": ["THREATPOST:4F867C686B7E31697E158FBD04A5DD35"]}], "modified": "2019-05-29T18:39:47"}, "score": {"value": 6.9, "vector": "NONE", "modified": "2019-05-29T18:39:47"}, "vulnersScore": 6.9}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba CESA-2009:1528 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880865\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1528\");\n script_cve_id(\"CVE-2009-2906\");\n script_name(\"CentOS Update for samba CESA-2009:1528 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"samba on CentOS 3\");\n script_tag(name:\"insight\", value:\"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A denial of service flaw was found in the Samba smbd daemon. An\n authenticated, remote user could send a specially-crafted response that\n would cause an smbd child process to enter an infinite loop. An\n authenticated, remote user could use this flaw to exhaust system resources\n by opening multiple CIFS sessions. (CVE-2009-2906)\n\n This update also fixes the following bug:\n\n * the RHSA-2007:0354 update added code to escape input passed to scripts\n that are run by Samba. This code was missing 'c' from the list of valid\n characters, causing it to be escaped. With this update, the previous patch\n has been updated to include 'c' in the list of valid characters.\n (BZ#242754)\n\n Users of Samba should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing this update,\n the smb service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "CentOS Local Security Checks", "pluginID": "1361412562310880865", "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:10:00", "bulletinFamily": "NVD", "description": "smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.", "modified": "2018-10-30T16:25:00", "id": "CVE-2009-2906", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2906", "published": "2009-10-07T18:30:00", "title": "CVE-2009-2906", "type": "cve", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2019-02-21T01:12:37", "bulletinFamily": "scanner", "description": "Updated samba packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nSamba is a suite of programs used by machines to share files, printers, and other information.\n\nA denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially crafted response that would cause an smbd child process to enter an infinite loop. An authenticated, remote user could use this flaw to exhaust system resources by opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug :\n\n* the RHSA-2007:0354 update added code to escape input passed to scripts that are run by Samba. This code was missing 'c' from the list of valid characters, causing it to be escaped. With this update, the previous patch has been updated to include 'c' in the list of valid characters. (BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.", "modified": "2018-11-28T00:00:00", "id": "CENTOS_RHSA-2009-1528.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42265", "published": "2009-10-28T00:00:00", "title": "CentOS 3 : samba (CESA-2009:1528)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1528 and \n# CentOS Errata and Security Advisory 2009:1528 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42265);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/28 22:47:41\");\n\n script_cve_id(\"CVE-2009-2906\");\n script_bugtraq_id(36573);\n script_xref(name:\"RHSA\", value:\"2009:1528\");\n\n script_name(english:\"CentOS 3 : samba (CESA-2009:1528)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix a security issue and a bug are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially crafted response\nthat would cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system\nresources by opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug :\n\n* the RHSA-2007:0354 update added code to escape input passed to\nscripts that are run by Samba. This code was missing 'c' from the list\nof valid characters, causing it to be escaped. With this update, the\nprevious patch has been updated to include 'c' in the list of valid\ncharacters. (BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing this\nupdate, the smb service will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016198.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?032185e8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016199.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?73e33031\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"samba-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"samba-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"samba-client-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"samba-client-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"samba-common-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"samba-common-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"samba-swat-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"samba-swat-3.0.9-1.3E.16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:19:23", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2009:1528 :\n\nUpdated samba packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nSamba is a suite of programs used by machines to share files, printers, and other information.\n\nA denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially crafted response that would cause an smbd child process to enter an infinite loop. An authenticated, remote user could use this flaw to exhaust system resources by opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug :\n\n* the RHSA-2007:0354 update added code to escape input passed to scripts that are run by Samba. This code was missing 'c' from the list of valid characters, causing it to be escaped. With this update, the previous patch has been updated to include 'c' in the list of valid characters. (BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.", "modified": "2019-01-02T00:00:00", "id": "ORACLELINUX_ELSA-2009-1528.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67946", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 : samba (ELSA-2009-1528)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1528 and \n# Oracle Linux Security Advisory ELSA-2009-1528 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67946);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/01/02 16:37:55\");\n\n script_cve_id(\"CVE-2009-2906\");\n script_bugtraq_id(36573);\n script_xref(name:\"RHSA\", value:\"2009:1528\");\n\n script_name(english:\"Oracle Linux 3 : samba (ELSA-2009-1528)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1528 :\n\nUpdated samba packages that fix a security issue and a bug are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially crafted response\nthat would cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system\nresources by opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug :\n\n* the RHSA-2007:0354 update added code to escape input passed to\nscripts that are run by Samba. This code was missing 'c' from the list\nof valid characters, causing it to be escaped. With this update, the\nprevious patch has been updated to include 'c' in the list of valid\ncharacters. (BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing this\nupdate, the smb service will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-October/001218.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"samba-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"samba-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"samba-client-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"samba-client-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"samba-common-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"samba-common-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"samba-swat-3.0.9-1.3E.16\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"samba-swat-3.0.9-1.3E.16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba / samba-client / samba-common / samba-swat\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:38", "bulletinFamily": "scanner", "description": "Updated samba packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nSamba is a suite of programs used by machines to share files, printers, and other information.\n\nA denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially crafted response that would cause an smbd child process to enter an infinite loop. An authenticated, remote user could use this flaw to exhaust system resources by opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug :\n\n* the RHSA-2007:0354 update added code to escape input passed to scripts that are run by Samba. This code was missing 'c' from the list of valid characters, causing it to be escaped. With this update, the previous patch has been updated to include 'c' in the list of valid characters. (BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.", "modified": "2019-01-02T00:00:00", "id": "REDHAT-RHSA-2009-1528.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42285", "published": "2009-10-28T00:00:00", "title": "RHEL 3 : samba (RHSA-2009:1528)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1528. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42285);\n script_version (\"1.24\");\n script_cvs_date(\"Date: 2019/01/02 16:37:55\");\n\n script_cve_id(\"CVE-2009-2906\");\n script_bugtraq_id(36573);\n script_xref(name:\"RHSA\", value:\"2009:1528\");\n\n script_name(english:\"RHEL 3 : samba (RHSA-2009:1528)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix a security issue and a bug are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSamba is a suite of programs used by machines to share files,\nprinters, and other information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially crafted response\nthat would cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system\nresources by opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug :\n\n* the RHSA-2007:0354 update added code to escape input passed to\nscripts that are run by Samba. This code was missing 'c' from the list\nof valid characters, causing it to be escaped. With this update, the\nprevious patch has been updated to include 'c' in the list of valid\ncharacters. (BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing this\nupdate, the smb service will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1528\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1528\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"samba-3.0.9-1.3E.16\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"samba-client-3.0.9-1.3E.16\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"samba-common-3.0.9-1.3E.16\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"samba-swat-3.0.9-1.3E.16\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba / samba-client / samba-common / samba-swat\");\n }\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:38", "bulletinFamily": "scanner", "description": "samba's make_connection_snum() handles certain input incorrectly, which may lead to disclosure of the root directory. CVE-2009-2813 has been assigned to this issue. Additionally an information disclosure vulnerability in mount.cifs has been fixed (CVE-2009-2948) as well as a DoS condition (CVE-2009-2906).", "modified": "2014-06-13T00:00:00", "id": "SUSE_CIFS-MOUNT-6519.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42321", "published": "2009-10-30T00:00:00", "title": "openSUSE 10 Security Update : cifs-mount (cifs-mount-6519)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update cifs-mount-6519.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42321);\n script_version (\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:06:05 $\");\n\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2906\", \"CVE-2009-2948\");\n\n script_name(english:\"openSUSE 10 Security Update : cifs-mount (cifs-mount-6519)\");\n script_summary(english:\"Check for the cifs-mount-6519 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"samba's make_connection_snum() handles certain input incorrectly,\nwhich may lead to disclosure of the root directory. CVE-2009-2813 has\nbeen assigned to this issue. Additionally an information disclosure\nvulnerability in mount.cifs has been fixed (CVE-2009-2948) as well as\na DoS condition (CVE-2009-2906).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cifs-mount packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cifs-mount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldapsmb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmsrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmsrpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbsharemodes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbsharemodes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-krb-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-vscan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"cifs-mount-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ldapsmb-1.34b-110.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libmsrpc-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libmsrpc-devel-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libsmbclient-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libsmbclient-devel-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libsmbsharemodes-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libsmbsharemodes-devel-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"samba-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"samba-client-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"samba-devel-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"samba-krb-printing-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"samba-python-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"samba-vscan-0.3.6b-181.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"samba-winbind-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"libsmbclient-32bit-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"samba-32bit-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"samba-client-32bit-3.0.32-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.0.32-0.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:36", "bulletinFamily": "scanner", "description": "samba's make_connection_snum() handles certain input incorrectly, which may lead to disclosure of the root directory. CVE-2009-2813 has been assigned to this issue. Additionally an information disclosure vulnerability in mount.cifs has been fixed (CVE-2009-2948) as well as a DoS condition (CVE-2009-2906).", "modified": "2014-06-13T00:00:00", "id": "SUSE_11_1_CIFS-MOUNT-090930.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42231", "published": "2009-10-23T00:00:00", "title": "openSUSE Security Update : cifs-mount (cifs-mount-1354)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update cifs-mount-1354.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42231);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:49:33 $\");\n\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2906\", \"CVE-2009-2948\");\n\n script_name(english:\"openSUSE Security Update : cifs-mount (cifs-mount-1354)\");\n script_summary(english:\"Check for the cifs-mount-1354 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"samba's make_connection_snum() handles certain input incorrectly,\nwhich may lead to disclosure of the root directory. CVE-2009-2813 has\nbeen assigned to this issue. Additionally an information disclosure\nvulnerability in mount.cifs has been fixed (CVE-2009-2948) as well as\na DoS condition (CVE-2009-2906).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539517\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cifs-mount packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cifs-mount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldapsmb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbsharemodes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-krb-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-vscan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"cifs-mount-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ldapsmb-1.34b-6.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libnetapi-devel-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libnetapi0-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libsmbclient-devel-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libsmbclient0-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libsmbsharemodes-devel-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libsmbsharemodes0-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libtalloc-devel-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libtalloc1-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libtdb-devel-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libtdb1-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libwbclient-devel-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libwbclient0-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"samba-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"samba-client-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"samba-devel-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"samba-krb-printing-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"samba-vscan-0.3.6b-6.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"samba-winbind-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libtalloc1-32bit-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libtdb1-32bit-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"samba-32bit-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"samba-client-32bit-3.2.7-11.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.2.7-11.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:37", "bulletinFamily": "scanner", "description": "samba's make_connection_snum() handles certain input incorrectly, which may lead to disclosure of the root directory. CVE-2009-2813 has been assigned to this issue. Additionally an information disclosure vulnerability in mount.cifs has been fixed (CVE-2009-2948) as well as a DoS condition. (CVE-2009-2906)", "modified": "2013-02-10T00:00:00", "id": "SUSE_CIFS-MOUNT-6518.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42235", "published": "2009-10-23T00:00:00", "title": "SuSE 10 Security Update : Samba (ZYPP Patch Number 6518)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42235);\n script_version (\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2013/02/10 03:36:17 $\");\n\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2906\", \"CVE-2009-2948\");\n\n script_name(english:\"SuSE 10 Security Update : Samba (ZYPP Patch Number 6518)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"samba's make_connection_snum() handles certain input incorrectly,\nwhich may lead to disclosure of the root directory. CVE-2009-2813 has\nbeen assigned to this issue. Additionally an information disclosure\nvulnerability in mount.cifs has been fixed (CVE-2009-2948) as well as\na DoS condition. (CVE-2009-2906)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2813.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2906.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2948.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6518.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"cifs-mount-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"libsmbclient-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"libsmbclient-devel-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"samba-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"samba-client-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"samba-krb-printing-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"samba-vscan-0.3.6b-42.85.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"samba-winbind-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"libsmbclient-32bit-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"samba-32bit-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"samba-client-32bit-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"cifs-mount-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libmsrpc-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libmsrpc-devel-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libsmbclient-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libsmbclient-devel-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"samba-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"samba-client-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"samba-krb-printing-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"samba-python-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"samba-vscan-0.3.6b-42.85.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"samba-winbind-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"libsmbclient-32bit-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"samba-32bit-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"samba-client-32bit-3.0.32-0.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.0.32-0.16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:35", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities has been found and corrected in samba :\n\nThe SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows File Sharing is enabled, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories (CVE-2009-2813).\n\nsmbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet (CVE-2009-2906).\n\nmount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or\n-v option (CVE-2009-2948).\n\nThe versions of samba shipping with Mandriva Linux CS4/MES5/2008.1/2009.0/2009.1 have been updated to the latest version that includes the fixes for these issues. Additionally for 2009.1 the version upgrade provides many upstream bug fixes such as improved Windows(tm) 7 support. The version for CS3 has been patched to address these security issues.", "modified": "2019-01-02T00:00:00", "id": "MANDRIVA_MDVSA-2009-277.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42132", "published": "2009-10-15T00:00:00", "title": "Mandriva Linux Security Advisory : samba (MDVSA-2009:277)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:277. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42132);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2906\", \"CVE-2009-2948\");\n script_bugtraq_id(36363, 36572, 36573);\n script_xref(name:\"MDVSA\", value:\"2009:277\");\n\n script_name(english:\"Mandriva Linux Security Advisory : samba (MDVSA-2009:277)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in samba :\n\nThe SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows\nFile Sharing is enabled, does not properly handle errors in resolving\npathnames, which allows remote authenticated users to bypass intended\nsharing restrictions, and read, create, or modify files, in certain\ncircumstances involving user accounts that lack home directories\n(CVE-2009-2813).\n\nsmbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8,\nand 3.4 before 3.4.2 allows remote authenticated users to cause a\ndenial of service (infinite loop) via an unanticipated oplock break\nnotification reply packet (CVE-2009-2906).\n\nmount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before\n3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root,\ndoes not properly enforce permissions, which allows local users to\nread part of the credentials file and obtain the password by\nspecifying the path to the credentials file and using the --verbose or\n-v option (CVE-2009-2948).\n\nThe versions of samba shipping with Mandriva Linux\nCS4/MES5/2008.1/2009.0/2009.1 have been updated to the latest version\nthat includes the fixes for these issues. Additionally for 2009.1 the\nversion upgrade provides many upstream bug fixes such as improved\nWindows(tm) 7 support. The version for CS3 has been patched to address\nthese security issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2009-2813.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2009-2906.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2009-2948.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64netapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64netapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbsharemodes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64talloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64talloc1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64tdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64tdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbclient0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbclient0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbsharemodes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtalloc1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mount-cifs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nss_wins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-vscan-icap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-devel-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-static-devel-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libsmbclient0-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libsmbclient0-devel-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libsmbclient0-static-devel-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"mount-cifs-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nss_wins-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"samba-client-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"samba-common-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"samba-doc-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"samba-server-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"samba-swat-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"samba-vscan-icap-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"samba-winbind-3.0.37-0.1mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64netapi-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64netapi0-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64smbclient0-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64smbclient0-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64smbclient0-static-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64smbsharemodes-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64smbsharemodes0-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64talloc-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64talloc1-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64tdb-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64tdb1-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64wbclient-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64wbclient0-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libnetapi-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libnetapi0-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libsmbclient0-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libsmbclient0-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libsmbclient0-static-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libsmbsharemodes-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libsmbsharemodes0-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libtalloc-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libtalloc1-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libtdb-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libtdb1-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libwbclient-devel-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libwbclient0-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mount-cifs-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nss_wins-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"samba-client-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"samba-common-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"samba-doc-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"samba-server-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"samba-swat-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"samba-winbind-3.2.15-0.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64netapi-devel-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64netapi0-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-devel-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64smbclient0-static-devel-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64smbsharemodes-devel-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64smbsharemodes0-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wbclient-devel-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wbclient0-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libnetapi-devel-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libnetapi0-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libsmbclient0-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libsmbclient0-devel-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libsmbclient0-static-devel-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libsmbsharemodes-devel-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libsmbsharemodes0-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwbclient-devel-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwbclient0-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"mount-cifs-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nss_wins-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"samba-client-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"samba-common-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"samba-doc-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"samba-server-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"samba-swat-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"samba-winbind-3.3.8-0.1mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:32", "bulletinFamily": "scanner", "description": "According to its banner, the version of Samba server on the remote host is earlier than 3.0.37 / 3.2.15 / 3.3.8 / 3.4.2. Such versions are potentially affected by multiple issues :\n\n - If a user in '/etc/passwd' is misconfigured to have an empty home directory, then connecting to the home share of this user will use the root of the file system as the home directory. (CVE-2009-2813)\n\n - Specially crafted SMB requests on authenticated SMB connections can send smbd into a 100% loop, causing a denial of service. (CVE-2009-2906)\n\n - When 'mount.cifs' is installed as a setuid program, a user can pass it a credential or password path to which he or she does not have access and then use the '--verbose' option to view the first line of that file.\n (CVE-2009-2948)", "modified": "2018-11-15T00:00:00", "id": "SAMBA_3_2_15.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41970", "published": "2009-10-02T00:00:00", "title": "Samba < 3.0.37 / 3.2.15 / 3.3.8 / 3.4.2 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41970);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/11/15 20:50:23\");\n\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2906\", \"CVE-2009-2948\");\n script_bugtraq_id(36572, 36573);\n\n script_name(english:\"Samba < 3.0.37 / 3.2.15 / 3.3.8 / 3.4.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Samba\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote Samba server may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Samba server on the remote\nhost is earlier than 3.0.37 / 3.2.15 / 3.3.8 / 3.4.2. Such versions\nare potentially affected by multiple issues :\n\n - If a user in '/etc/passwd' is misconfigured to have an\n empty home directory, then connecting to the home share\n of this user will use the root of the file system as the\n home directory. (CVE-2009-2813)\n\n - Specially crafted SMB requests on authenticated\n SMB connections can send smbd into a 100% loop, causing\n a denial of service. (CVE-2009-2906)\n\n - When 'mount.cifs' is installed as a setuid program, a\n user can pass it a credential or password path to which\n he or she does not have access and then use the\n '--verbose' option to view the first line of that file.\n (CVE-2009-2948)\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2009-2906.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2009-2948.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2009-2813.html\");\n\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Samba 3.0.37 / 3.2.15 / 3.3.8 / 3.4.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/02\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/samba\", \"SMB/NativeLanManager\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nlanman = get_kb_item(\"SMB/NativeLanManager\");\nif (isnull(lanman)) exit(1, \"The 'SMB/NativeLanManager' KB item is missing.\");\nif (\"Samba \" >!< lanman) exit(0, \"The host is not using Samba.\");\n\nif (\n lanman =~ \"Samba 3\\.0\\.([0-9]|[0-2][0-9]|3[0-6])([^0-9]|$)\" ||\n lanman =~ \"Samba 3\\.2\\.([0-9]|1[0-4])([^0-9]|$)\" ||\n lanman =~ \"Samba 3\\.3\\.[0-7]([^0-9]|$)\" ||\n lanman =~ \"Samba 3\\.4\\.[01]([^0-9]|$)\"\n)\n{\n if (report_verbosity > 0)\n {\n report = string(\n \"\\n\",\n \"The remote Samba server appears to be :\\n\",\n \"\\n\",\n \" \", lanman, \"\\n\"\n );\n security_warning(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_warning(get_kb_item(\"SMB/transport\"));\n}\nexit(0, \"The host is not affected because \" + lanman + \" is installed.\");\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:13:54", "bulletinFamily": "scanner", "description": "samba's make_connection_snum() handles certain input incorrectly, which may lead to disclosure of the root directory. CVE-2009-2813 has been assigned to this issue. Additionally an information disclosure vulnerability in mount.cifs has been fixed (CVE-2009-2948) as well as a DoS condition. (CVE-2009-2906)", "modified": "2013-02-10T00:00:00", "id": "SUSE_CIFS-MOUNT-6551.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=49833", "published": "2010-10-11T00:00:00", "title": "SuSE 10 Security Update : Samba (ZYPP Patch Number 6551)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(49833);\n script_version (\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2013/02/10 03:36:17 $\");\n\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2906\", \"CVE-2009-2948\");\n\n script_name(english:\"SuSE 10 Security Update : Samba (ZYPP Patch Number 6551)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"samba's make_connection_snum() handles certain input incorrectly,\nwhich may lead to disclosure of the root directory. CVE-2009-2813 has\nbeen assigned to this issue. Additionally an information disclosure\nvulnerability in mount.cifs has been fixed (CVE-2009-2948) as well as\na DoS condition. (CVE-2009-2906)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2813.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2906.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2948.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6551.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"cifs-mount-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"ldapsmb-1.34b-25.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"libsmbclient-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"libsmbclient-devel-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"samba-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"samba-client-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"samba-krb-printing-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"samba-vscan-0.3.6b-43.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"samba-winbind-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"libsmbclient-32bit-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"samba-32bit-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"samba-client-32bit-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"cifs-mount-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"ldapsmb-1.34b-25.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libmsrpc-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libmsrpc-devel-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libsmbclient-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libsmbclient-devel-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"samba-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"samba-client-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"samba-krb-printing-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"samba-python-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"samba-vscan-0.3.6b-43.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"samba-winbind-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"libsmbclient-32bit-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"samba-32bit-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"samba-client-32bit-3.0.36-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.0.36-0.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:36", "bulletinFamily": "scanner", "description": "samba's make_connection_snum() handles certain input incorrectly, which may lead to disclosure of the root directory. CVE-2009-2813 has been assigned to this issue. Additionally an information disclosure vulnerability in mount.cifs has been fixed (CVE-2009-2948) as well as a DoS condition (CVE-2009-2906).", "modified": "2014-06-13T00:00:00", "id": "SUSE_11_0_CIFS-MOUNT-090930.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42228", "published": "2009-10-23T00:00:00", "title": "openSUSE Security Update : cifs-mount (cifs-mount-1354)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update cifs-mount-1354.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42228);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:38:12 $\");\n\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2906\", \"CVE-2009-2948\");\n\n script_name(english:\"openSUSE Security Update : cifs-mount (cifs-mount-1354)\");\n script_summary(english:\"Check for the cifs-mount-1354 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"samba's make_connection_snum() handles certain input incorrectly,\nwhich may lead to disclosure of the root directory. CVE-2009-2813 has\nbeen assigned to this issue. Additionally an information disclosure\nvulnerability in mount.cifs has been fixed (CVE-2009-2948) as well as\na DoS condition (CVE-2009-2906).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539517\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cifs-mount packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cifs-mount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldapsmb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbsharemodes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-krb-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"cifs-mount-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ldapsmb-1.34b-195.12\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libnetapi-devel-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libnetapi0-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libsmbclient-devel-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libsmbclient0-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libsmbsharemodes-devel-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libsmbsharemodes0-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libtalloc-devel-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libtalloc1-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libtdb-devel-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libtdb1-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libwbclient-devel-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libwbclient0-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"samba-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"samba-client-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"samba-devel-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"samba-krb-printing-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"samba-winbind-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libtalloc1-32bit-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libtdb1-32bit-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"samba-32bit-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"samba-client-32bit-3.2.4-4.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.2.4-4.7\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-05-29T18:34:59", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2009:1528\n\n\nSamba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially-crafted response that\nwould cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system resources\nby opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug:\n\n* the RHSA-2007:0354 update added code to escape input passed to scripts\nthat are run by Samba. This code was missing \"c\" from the list of valid\ncharacters, causing it to be escaped. With this update, the previous patch\nhas been updated to include \"c\" in the list of valid characters.\n(BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing this update,\nthe smb service will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016198.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016199.html\n\n**Affected packages:**\nsamba\nsamba-client\nsamba-common\nsamba-swat\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1528.html", "modified": "2009-10-27T19:29:03", "published": "2009-10-27T19:28:07", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html", "id": "CESA-2009:1528", "title": "samba security update", "type": "centos", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:25", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2009:1529\n\n\nSamba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially-crafted response that\nwould cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system resources\nby opening multiple CIFS sessions. (CVE-2009-2906)\n\nAn uninitialized data access flaw was discovered in the smbd daemon when\nusing the non-default \"dos filemode\" configuration option in \"smb.conf\". An\nauthenticated, remote user with write access to a file could possibly use\nthis flaw to change an access control list for that file, even when such\naccess should have been denied. (CVE-2009-1888)\n\nA flaw was discovered in the way Samba handled users without a home\ndirectory set in the back-end password database (e.g. \"/etc/passwd\"). If a\nshare for the home directory of such a user was created (e.g. using the\nautomated \"[homes]\" share), any user able to access that share could see\nthe whole file system, possibly bypassing intended access restrictions.\n(CVE-2009-2813)\n\nThe mount.cifs program printed CIFS passwords as part of its debug output\nwhen running in verbose mode. When mount.cifs had the setuid bit set, a\nlocal, unprivileged user could use this flaw to disclose passwords from a\nfile that would otherwise be inaccessible to that user. Note: mount.cifs\nfrom the samba packages distributed by Red Hat does not have the setuid bit\nset. This flaw only affected systems where the setuid bit was manually set\nby an administrator. (CVE-2009-2948)\n\nUsers of Samba should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing this update,\nthe smb service will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016200.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016201.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016276.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016277.html\n\n**Affected packages:**\nsamba\nsamba-client\nsamba-common\nsamba-swat\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1529.html", "modified": "2009-10-30T15:44:00", "published": "2009-10-27T20:23:21", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016200.html", "id": "CESA-2009:1529", "title": "samba security update", "type": "centos", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "samba": [{"lastseen": "2019-05-29T17:19:10", "bulletinFamily": "software", "description": "Smbd is susceptible to a remote DoS attack by an authenticated remote client.\nIf the client sends a reply to an oplock break notification that Samba does not expect it can cause smbd to spin the CPU repeatedly trying to process the unexpected packet and being unable to finish the processing. This is unlikely to happen with normal client activity (although not impossible).", "modified": "2009-10-01T00:00:00", "published": "2009-10-01T00:00:00", "id": "SAMBA:CVE-2009-2906", "href": "https://www.samba.org/samba/security/CVE-2009-2906.html", "title": "Remote DoS against smbd on authenticated connections ", "type": "samba", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2017-07-25T10:57:06", "bulletinFamily": "scanner", "description": "The remote host is missing updates to samba announced in\nadvisory CESA-2009:1528.", "modified": "2017-07-10T00:00:00", "published": "2009-11-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66160", "id": "OPENVAS:66160", "title": "CentOS Security Advisory CESA-2009:1528 (samba)", "type": "openvas", "sourceData": "#CESA-2009:1528 66160 2\n# $Id: ovcesa2009_1528.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1528 (samba)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1528\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1528\nhttps://rhn.redhat.com/errata/RHSA-2009-1528.html\";\ntag_summary = \"The remote host is missing updates to samba announced in\nadvisory CESA-2009:1528.\";\n\n\n\nif(description)\n{\n script_id(66160);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-2906\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1528 (samba)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:56:15", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1528.\n\nSamba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially-crafted response that\nwould cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system resources\nby opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug:\n\n* the RHSA-2007:0354 update added code to escape input passed to scripts\nthat are run by Samba. This code was missing c from the list of valid\ncharacters, causing it to be escaped. With this update, the previous patch\nhas been updated to include c in the list of valid characters.\n(BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing this update,\nthe smb service will be restarted automatically.", "modified": "2017-07-12T00:00:00", "published": "2009-11-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66118", "id": "OPENVAS:66118", "title": "RedHat Security Advisory RHSA-2009:1528", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1528.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1528 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1528.\n\nSamba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially-crafted response that\nwould cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system resources\nby opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug:\n\n* the RHSA-2007:0354 update added code to escape input passed to scripts\nthat are run by Samba. This code was missing c from the list of valid\ncharacters, causing it to be escaped. With this update, the previous patch\nhas been updated to include c in the list of valid characters.\n(BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing this update,\nthe smb service will be restarted automatically.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66118);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-2906\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1528\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1528.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~3.0.9~1.3E.16\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:01", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1528.\n\nSamba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially-crafted response that\nwould cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system resources\nby opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug:\n\n* the RHSA-2007:0354 update added code to escape input passed to scripts\nthat are run by Samba. This code was missing c from the list of valid\ncharacters, causing it to be escaped. With this update, the previous patch\nhas been updated to include c in the list of valid characters.\n(BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing this update,\nthe smb service will be restarted automatically.", "modified": "2018-04-06T00:00:00", "published": "2009-11-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066118", "id": "OPENVAS:136141256231066118", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1528", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1528.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1528 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1528.\n\nSamba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially-crafted response that\nwould cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system resources\nby opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug:\n\n* the RHSA-2007:0354 update added code to escape input passed to scripts\nthat are run by Samba. This code was missing c from the list of valid\ncharacters, causing it to be escaped. With this update, the previous patch\nhas been updated to include c in the list of valid characters.\n(BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing this update,\nthe smb service will be restarted automatically.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66118\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-2906\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1528\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1528.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~3.0.9~1.3E.16\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:52", "bulletinFamily": "scanner", "description": "Check for the Version of samba", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880865", "id": "OPENVAS:880865", "title": "CentOS Update for samba CESA-2009:1528 centos3 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba CESA-2009:1528 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Samba is a suite of programs used by machines to share files, printers, and\n other information.\n\n A denial of service flaw was found in the Samba smbd daemon. An\n authenticated, remote user could send a specially-crafted response that\n would cause an smbd child process to enter an infinite loop. An\n authenticated, remote user could use this flaw to exhaust system resources\n by opening multiple CIFS sessions. (CVE-2009-2906)\n \n This update also fixes the following bug:\n \n * the RHSA-2007:0354 update added code to escape input passed to scripts\n that are run by Samba. This code was missing "c" from the list of valid\n characters, causing it to be escaped. With this update, the previous patch\n has been updated to include "c" in the list of valid characters.\n (BZ#242754)\n \n Users of Samba should upgrade to these updated packages, which contain a\n backported patch to correct this issue. After installing this update,\n the smb service will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"samba on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-October/016198.html\");\n script_id(880865);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1528\");\n script_cve_id(\"CVE-2009-2906\");\n script_name(\"CentOS Update for samba CESA-2009:1528 centos3 i386\");\n\n script_summary(\"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:15", "bulletinFamily": "scanner", "description": "The remote host is missing updates to samba announced in\nadvisory CESA-2009:1528.", "modified": "2018-04-06T00:00:00", "published": "2009-11-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066160", "id": "OPENVAS:136141256231066160", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1528 (samba)", "sourceData": "#CESA-2009:1528 66160 2\n# $Id: ovcesa2009_1528.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1528 (samba)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1528\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1528\nhttps://rhn.redhat.com/errata/RHSA-2009-1528.html\";\ntag_summary = \"The remote host is missing updates to samba announced in\nadvisory CESA-2009:1528.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66160\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-2906\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1528 (samba)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.9~1.3E.16\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:38", "bulletinFamily": "scanner", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-276-01.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65009", "id": "OPENVAS:65009", "title": "Slackware Advisory SSA:2009-276-01 samba ", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_276_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0,\n12.1, 12.2, 13.0, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-276-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-276-01\";\n \nif(description)\n{\n script_id(65009);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2948\", \"CVE-2009-2906\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2009-276-01 samba \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.37-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.37-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.37-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.37-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.37-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.0.37-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.2.15-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"samba\", ver:\"3.2.15-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:49", "bulletinFamily": "scanner", "description": "The remote host is missing an update to samba\nannounced via advisory MDVSA-2009:277.", "modified": "2018-04-06T00:00:00", "published": "2009-10-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066033", "id": "OPENVAS:136141256231066033", "title": "Mandrake Security Advisory MDVSA-2009:277 (samba)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_277.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:277 (samba)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in samba:\n\nThe SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows\nFile Sharing is enabled, does not properly handle errors in resolving\npathnames, which allows remote authenticated users to bypass intended\nsharing restrictions, and read, create, or modify files, in certain\ncircumstances involving user accounts that lack home directories\n(CVE-2009-2813).\n\nsmbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8,\nand 3.4 before 3.4.2 allows remote authenticated users to cause a\ndenial of service (infinite loop) via an unanticipated oplock break\nnotification reply packet (CVE-2009-2906).\n\nmount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before\n3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root,\ndoes not properly enforce permissions, which allows local users to\nread part of the credentials file and obtain the password by specifying\nthe path to the credentials file and using the --verbose or -v option\n(CVE-2009-2948).\n\nThe versions of samba shipping with Mandriva Linux\nCS4/MES5/2008.1/2009.0/2009.1 have been updated to the latest version\nthat includes the fixes for these issues. Additionally for 2009.1\nthe version upgrade provides many upstream bug fixes such as improved\nWindows(tm) 7 support. The version for CS3 has been patched to address\nthese security issues.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,\n Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:277\nhttp://www.samba.org/samba/security/CVE-2009-2813.html\nhttp://www.samba.org/samba/security/CVE-2009-2906.html\nhttp://www.samba.org/samba/security/CVE-2009-2948.html\";\ntag_summary = \"The remote host is missing an update to samba\nannounced via advisory MDVSA-2009:277.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66033\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-19 21:50:22 +0200 (Mon, 19 Oct 2009)\");\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2906\", \"CVE-2009-2948\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:277 (samba)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-vscan-icap\", rpm:\"samba-vscan-icap~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.0.37~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbsharemodes0\", rpm:\"libsmbsharemodes0~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbsharemodes-devel\", rpm:\"libsmbsharemodes-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtalloc1\", rpm:\"libtalloc1~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtalloc-devel\", rpm:\"libtalloc-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtdb1\", rpm:\"libtdb1~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtdb-devel\", rpm:\"libtdb-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64netapi0\", rpm:\"lib64netapi0~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64netapi-devel\", rpm:\"lib64netapi-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbsharemodes0\", rpm:\"lib64smbsharemodes0~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbsharemodes-devel\", rpm:\"lib64smbsharemodes-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64talloc1\", rpm:\"lib64talloc1~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64talloc-devel\", rpm:\"lib64talloc-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64tdb1\", rpm:\"lib64tdb1~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64tdb-devel\", rpm:\"lib64tdb-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64wbclient0\", rpm:\"lib64wbclient0~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64wbclient-devel\", rpm:\"lib64wbclient-devel~3.2.15~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbsharemodes0\", rpm:\"libsmbsharemodes0~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbsharemodes-devel\", rpm:\"libsmbsharemodes-devel~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64netapi0\", rpm:\"lib64netapi0~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64netapi-devel\", rpm:\"lib64netapi-devel~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbsharemodes0\", rpm:\"lib64smbsharemodes0~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbsharemodes-devel\", rpm:\"lib64smbsharemodes-devel~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64wbclient0\", rpm:\"lib64wbclient0~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64wbclient-devel\", rpm:\"lib64wbclient-devel~3.3.8~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-passdb-xml\", rpm:\"samba-passdb-xml~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-smbldap-tools\", rpm:\"samba-smbldap-tools~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-vscan-antivir\", rpm:\"samba-vscan-antivir~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-vscan-clamav\", rpm:\"samba-vscan-clamav~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-vscan-icap\", rpm:\"samba-vscan-icap~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.0.14a~6.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-vscan-icap\", rpm:\"samba-vscan-icap~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.0.37~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-devel\", rpm:\"libsmbclient0-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0-static-devel\", rpm:\"libsmbclient0-static-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbsharemodes0\", rpm:\"libsmbsharemodes0~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbsharemodes-devel\", rpm:\"libsmbsharemodes-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtalloc1\", rpm:\"libtalloc1~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtalloc-devel\", rpm:\"libtalloc-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtdb1\", rpm:\"libtdb1~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtdb-devel\", rpm:\"libtdb-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mount-cifs\", rpm:\"mount-cifs~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss_wins\", rpm:\"nss_wins~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-server\", rpm:\"samba-server~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64netapi0\", rpm:\"lib64netapi0~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64netapi-devel\", rpm:\"lib64netapi-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0\", rpm:\"lib64smbclient0~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-devel\", rpm:\"lib64smbclient0-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbclient0-static-devel\", rpm:\"lib64smbclient0-static-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbsharemodes0\", rpm:\"lib64smbsharemodes0~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64smbsharemodes-devel\", rpm:\"lib64smbsharemodes-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64talloc1\", rpm:\"lib64talloc1~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64talloc-devel\", rpm:\"lib64talloc-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64tdb1\", rpm:\"lib64tdb1~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64tdb-devel\", rpm:\"lib64tdb-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64wbclient0\", rpm:\"lib64wbclient0~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64wbclient-devel\", rpm:\"lib64wbclient-devel~3.2.15~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:10", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n cifs-mount\n ldapsmb\n libsmbclient0\n libtalloc1\n libtdb1\n libwbclient0\n samba\n samba-client\n samba-krb-printing\n samba-winbind\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66079", "id": "OPENVAS:66079", "title": "SLES11: Security update for Samba", "type": "openvas", "sourceData": "#\n#VID dbedb3fb1fc74639fa0c893e6c0ad7f6\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Samba\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n cifs-mount\n ldapsmb\n libsmbclient0\n libtalloc1\n libtdb1\n libwbclient0\n samba\n samba-client\n samba-krb-printing\n samba-winbind\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=539517\");\n script_id(66079);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2948\", \"CVE-2009-2906\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_name(\"SLES11: Security update for Samba\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"cifs-mount\", rpm:\"cifs-mount~3.2.7~11.8.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ldapsmb\", rpm:\"ldapsmb~1.34b~11.8.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~3.2.7~11.8.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtalloc1\", rpm:\"libtalloc1~3.2.7~11.8.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtdb1\", rpm:\"libtdb1~3.2.7~11.8.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~3.2.7~11.8.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.2.7~11.8.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.2.7~11.8.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-krb-printing\", rpm:\"samba-krb-printing~3.2.7~11.8.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.2.7~11.8.2\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:52", "bulletinFamily": "scanner", "description": "The remote host is missing an update to samba\nannounced via advisory FEDORA-2009-10180.", "modified": "2018-04-06T00:00:00", "published": "2009-10-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065000", "id": "OPENVAS:136141256231065000", "title": "Fedora Core 11 FEDORA-2009-10180 (samba)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_10180.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-10180 (samba)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nSecurity Release, fixes CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906\n\nChangeLog:\n\n* Thu Oct 1 2009 Guenther Deschner - 3.4.2-0.42\n- Update to 3.4.2\n- Security Release, fixes CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906\n* Wed Sep 9 2009 Guenther Deschner - 3.4.1.0-41\n- Update to 3.4.1\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update samba' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10180\";\ntag_summary = \"The remote host is missing an update to samba\nannounced via advisory FEDORA-2009-10180.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65000\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-06 02:49:40 +0200 (Tue, 06 Oct 2009)\");\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2948\", \"CVE-2009-2906\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-10180 (samba)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=523752\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=526074\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=526645\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-domainjoin-gui\", rpm:\"samba-domainjoin-gui~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind-devel\", rpm:\"samba-winbind-devel~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:57", "bulletinFamily": "scanner", "description": "The remote host is missing an update to samba\nannounced via advisory FEDORA-2009-10180.", "modified": "2017-07-10T00:00:00", "published": "2009-10-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65000", "id": "OPENVAS:65000", "title": "Fedora Core 11 FEDORA-2009-10180 (samba)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_10180.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-10180 (samba)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nSecurity Release, fixes CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906\n\nChangeLog:\n\n* Thu Oct 1 2009 Guenther Deschner - 3.4.2-0.42\n- Update to 3.4.2\n- Security Release, fixes CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906\n* Wed Sep 9 2009 Guenther Deschner - 3.4.1.0-41\n- Update to 3.4.1\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update samba' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10180\";\ntag_summary = \"The remote host is missing an update to samba\nannounced via advisory FEDORA-2009-10180.\";\n\n\n\nif(description)\n{\n script_id(65000);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-06 02:49:40 +0200 (Tue, 06 Oct 2009)\");\n script_cve_id(\"CVE-2009-2813\", \"CVE-2009-2948\", \"CVE-2009-2906\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-10180 (samba)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=523752\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=526074\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=526645\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-domainjoin-gui\", rpm:\"samba-domainjoin-gui~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-winbind-devel\", rpm:\"samba-winbind-devel~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~3.4.2~0.42.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T18:34:29", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 36573\r\nCVE ID: CVE-2009-2906\r\n\r\nSamba\u662f\u4e00\u5957\u5b9e\u73b0SMB\uff08Server Messages Block\uff09\u534f\u8bae\u3001\u8de8\u5e73\u53f0\u8fdb\u884c\u6587\u4ef6\u5171\u4eab\u548c\u6253\u5370\u5171\u4eab\u670d\u52a1\u7684\u7a0b\u5e8f\u3002\r\n\r\n\u5982\u679c\u5ba2\u6237\u7aef\u5411Samba\u670d\u52a1\u5668\u53d1\u9001\u4e86\u975e\u9884\u671f\u7684oplock\u6682\u505c\u901a\u77e5\u56de\u590d\u7684\u8bdd\uff0csmbd\u5c31\u4f1a\u53cd\u590d\u5bf9CPU\u8fdb\u884c\u65cb\u8f6c\uff08spin\uff09\uff0c\u5c1d\u8bd5\u5904\u7406\u8be5\u62a5\u6587\uff0c\u4f46\u65e0\u6cd5\u5b8c\u6210\u5904\u7406\u3002\u8fd9\u662f\u4e00\u79cd\u62d2\u7edd\u670d\u52a1\u7684\u60c5\u51b5\u3002\n\nSamba Samba 3.4\r\nSamba Samba 3.2\r\nSamba Samba 3.0\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nSamba\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.samba.org/samba/ftp/stable/samba-3.0.37.tar.gz\r\nhttp://www.samba.org/samba/ftp/stable/samba-3.2.15.tar.gz\r\nhttp://www.samba.org/samba/ftp/stable/samba-3.4.2.tar.gz", "modified": "2009-10-12T00:00:00", "published": "2009-10-12T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12453", "id": "SSV:12453", "title": "Samba Oplock\u6682\u505c\u901a\u77e5\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": ""}], "redhat": [{"lastseen": "2019-08-13T18:45:23", "bulletinFamily": "unix", "description": "Samba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially-crafted response that\nwould cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system resources\nby opening multiple CIFS sessions. (CVE-2009-2906)\n\nThis update also fixes the following bug:\n\n* the RHSA-2007:0354 update added code to escape input passed to scripts\nthat are run by Samba. This code was missing \"c\" from the list of valid\ncharacters, causing it to be escaped. With this update, the previous patch\nhas been updated to include \"c\" in the list of valid characters.\n(BZ#242754)\n\nUsers of Samba should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing this update,\nthe smb service will be restarted automatically.", "modified": "2018-05-26T04:26:18", "published": "2009-10-27T04:00:00", "id": "RHSA-2009:1528", "href": "https://access.redhat.com/errata/RHSA-2009:1528", "type": "redhat", "title": "(RHSA-2009:1528) Moderate: samba security and bug fix update", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T14:34:44", "bulletinFamily": "unix", "description": "Samba is a suite of programs used by machines to share files, printers, and\nother information. These samba3x packages provide Samba 3.3, which is a\nTechnology Preview for Red Hat Enterprise Linux 5. These packages cannot be\ninstalled in parallel with the samba packages. Note: Technology Previews\nare not intended for production use.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially-crafted response that\nwould cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system resources\nby opening multiple CIFS sessions. (CVE-2009-2906)\n\nAn uninitialized data access flaw was discovered in the smbd daemon when\nusing the non-default \"dos filemode\" configuration option in \"smb.conf\". An\nauthenticated, remote user with write access to a file could possibly use\nthis flaw to change an access control list for that file, even when such\naccess should have been denied. (CVE-2009-1888)\n\nA flaw was discovered in the way Samba handled users without a home\ndirectory set in the back-end password database (e.g. \"/etc/passwd\"). If a\nshare for the home directory of such a user was created (e.g. using the\nautomated \"[homes]\" share), any user able to access that share could see\nthe whole file system, possibly bypassing intended access restrictions.\n(CVE-2009-2813)\n\nThe mount.cifs program printed CIFS passwords as part of its debug output\nwhen running in verbose mode. When mount.cifs had the setuid bit set, a\nlocal, unprivileged user could use this flaw to disclose passwords from a\nfile that would otherwise be inaccessible to that user. Note: mount.cifs\nfrom the samba3x packages distributed by Red Hat does not have the setuid\nbit set. This flaw only affected systems where the setuid bit was manually\nset by an administrator. (CVE-2009-2948)\n\nThis update also fixes the following bugs:\n\n* the samba3x packages contained missing and conflicting license\ninformation. License information was missing for the libtalloc, libtdb, and\ntdb-tools packages. The samba3x-common package provided a COPYING file;\nhowever, it stated the license was GPLv2, while RPM metadata stated the\nlicenses were either GPLv3 or LGPLv3. This update adds the correct\nlicensing information to the samba3x-common, libsmbclient, libtalloc,\nlibtdb, and tdb-tools packages. (BZ#528633)\n\n* the upstream Samba version in the samba3x packages distributed with the\nRHEA-2009:1399 update contained broken implementations of the Netlogon\ncredential chain and SAMR access checks security subsystems. This prevented\nSamba from acting as a domain controller: Client systems could not join the\ndomain; users could not authenticate; and systems could not access the user\nand group list. (BZ#524551)\n\n* this update resolves interoperability issues with Windows 7 and Windows\nServer 2008 R2. (BZ#529022)\n\nThese packages upgrade Samba from version 3.3.5 to version 3.3.8. Refer to\nthe Samba Release Notes for a list of changes between versions:\nhttp://samba.org/samba/history/\n\nUsers of samba3x should upgrade to these updated packages, which resolve\nthese issues. After installing this update, the smb service will be\nrestarted automatically.", "modified": "2017-07-28T03:25:15", "published": "2009-11-16T05:00:00", "id": "RHSA-2009:1585", "href": "https://access.redhat.com/errata/RHSA-2009:1585", "type": "redhat", "title": "(RHSA-2009:1585) Moderate: samba3x security and bug fix update", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:15", "bulletinFamily": "unix", "description": "Samba is a suite of programs used by machines to share files, printers, and\nother information.\n\nA denial of service flaw was found in the Samba smbd daemon. An\nauthenticated, remote user could send a specially-crafted response that\nwould cause an smbd child process to enter an infinite loop. An\nauthenticated, remote user could use this flaw to exhaust system resources\nby opening multiple CIFS sessions. (CVE-2009-2906)\n\nAn uninitialized data access flaw was discovered in the smbd daemon when\nusing the non-default \"dos filemode\" configuration option in \"smb.conf\". An\nauthenticated, remote user with write access to a file could possibly use\nthis flaw to change an access control list for that file, even when such\naccess should have been denied. (CVE-2009-1888)\n\nA flaw was discovered in the way Samba handled users without a home\ndirectory set in the back-end password database (e.g. \"/etc/passwd\"). If a\nshare for the home directory of such a user was created (e.g. using the\nautomated \"[homes]\" share), any user able to access that share could see\nthe whole file system, possibly bypassing intended access restrictions.\n(CVE-2009-2813)\n\nThe mount.cifs program printed CIFS passwords as part of its debug output\nwhen running in verbose mode. When mount.cifs had the setuid bit set, a\nlocal, unprivileged user could use this flaw to disclose passwords from a\nfile that would otherwise be inaccessible to that user. Note: mount.cifs\nfrom the samba packages distributed by Red Hat does not have the setuid bit\nset. This flaw only affected systems where the setuid bit was manually set\nby an administrator. (CVE-2009-2948)\n\nUsers of Samba should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing this update,\nthe smb service will be restarted automatically.", "modified": "2017-09-08T11:55:37", "published": "2009-10-27T04:00:00", "id": "RHSA-2009:1529", "href": "https://access.redhat.com/errata/RHSA-2009:1529", "type": "redhat", "title": "(RHSA-2009:1529) Moderate: samba security update", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:44", "bulletinFamily": "unix", "description": "[3.0.9-1.3E.16]\n- Security Release, fixes CVE-2009-2906\n- resolves: #526657\n[3.0.9-X]\n- Fix user facing cosmetic bug in patch for CVE-2007-2447\n- resolves: #242754", "modified": "2009-10-27T00:00:00", "published": "2009-10-27T00:00:00", "id": "ELSA-2009-1528", "href": "http://linux.oracle.com/errata/ELSA-2009-1528.html", "title": "samba security and bug fix update", "type": "oraclelinux", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:04", "bulletinFamily": "unix", "description": "[3.0.33-3.15.el5]\n- Security Release, fixes CVE-2009-1888, CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906\n- resolves: #526660", "modified": "2009-10-27T00:00:00", "published": "2009-10-27T00:00:00", "id": "ELSA-2009-1529", "href": "http://linux.oracle.com/errata/ELSA-2009-1529.html", "title": "samba security update", "type": "oraclelinux", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:34", "bulletinFamily": "software", "description": "Local privileged files access, DoS, unauthorized remote access.", "modified": "2009-10-14T00:00:00", "published": "2009-10-14T00:00:00", "id": "SECURITYVULNS:VULN:10322", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10322", "title": "Samba multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:32", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1908-1 security@debian.org\r\nhttp://www.debian.org/security/ Nico Golde\r\nOctober 14th, 2009 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : samba\r\nVulnerability : several\r\nProblem type : local/remote\r\nDebian-specific: no\r\nDebian bug : none\r\nCVE ID : CVE-2009-2948 CVE-2009-2906 CVE-2009-2813\r\n\r\nSeveral vulnerabilities have been discovered in samba, an implementation of\r\nthe SMB/CIFS protocol for Unix systems, providing support for cross-platform\r\nfile and printer sharing with other operating systems and more. The Common\r\nVulnerabilities and Exposures project identifies the following problems:\r\n\r\nThe mount.cifs utility is missing proper checks for file permissions when\r\nused in verbose mode. This allows local users to partly disclose the\r\ncontent of arbitrary files by specifying the file as credentials file and\r\nattempting to mount a samba share (CVE-2009-2948).\r\n\r\nA reply to an oplock break notification which samba doesn't expect could\r\nlead to the service getting stuck in an infinite loop. An attacker\r\ncan use this to perform denial of service attacks via a specially crafted\r\nSMB request (CVE-2009-2906).\r\n\r\nA lack of error handling in case no home diretory was configured/specified\r\nfor the user could lead to file disclosure. In case the automated [homes]\r\nshare is enabled or an explicit share is created with that username, samba\r\nfails to enforce sharing restrictions which results in an attacker being\r\nable to access the file system from the root directory (CVE-2009-2813).\r\n\r\n\r\nFor the oldstable distribution (etch), this problem will be fixed soon.\r\n\r\nFor the stable distribution (lenny), this problem has been fixed in\r\nversion 2:3.2.5-4lenny7.\r\n\r\nFor the testing distribution (squeeze), this problem will be fixed soon.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 2:3.4.2-1.\r\n\r\n\r\nWe recommend that you upgrade your samba packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nDebian (stable)\r\n- ---------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7.dsc\r\n Size/MD5 checksum: 1830 7cc3718e19bbad5aa7099889c6c503a5\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5.orig.tar.gz\r\n Size/MD5 checksum: 50276407 0f7539e09803ae60a2912e70adf1c747\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7.diff.gz\r\n Size/MD5 checksum: 235342 836141a1924843383cc385e544c933e5\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/samba-doc_3.2.5-4lenny7_all.deb\r\n Size/MD5 checksum: 7952438 630b57065388404b8a9fe3e9e111dc47\r\n http://security.debian.org/pool/updates/main/s/samba/samba-doc-pdf_3.2.5-4lenny7_all.deb\r\n Size/MD5 checksum: 6252326 cded2ecbaa3fd39bd215dbb4ec666d4c\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 1945142 a6804ba408657cc4c89c80b0d6e4b8a4\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 1078442 0bedbb5cdb5ca36f52d2e1d1a6015804\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 3273896 082fdadedaf0234b97a8aefc1ef62d8a\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 2572542 ed15d1a7aa9c065986a8e896d63479e2\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 4830106 58ed5cd28d4c43d07195d013cf25553f\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 1461944 71adea7a3b47b65f8df4f3dc5efc4422\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 81488 d521efbda414cf6d4a588873442eb987\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 5730522 cca571adc80b833e7d9c45d5dd7fa103\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 637762 b526ea1ed9ca51d132a7685ec8320eea\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 1333234 36e35a3c252fabcfd2ec0ba8407323ca\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 3736262 9dc1a726efda21fa112ef2641c9b1f6a\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_alpha.deb\r\n Size/MD5 checksum: 6953202 b3e8de8b127bcd1f5dda4db61ed44b20\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 3274278 b732915df239ea1a9fff196250d6d383\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 1493684 460ed93756df58adfa57870d06c9aaff\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 627686 70379a8e6ce3b5d6de6af6b895d30619\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 3728204 ac7fb1f7d07628d0452d10e62b2d661d\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 1083940 5ca50cf6abd792b51e501f846f782231\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 5646144 09130baf353097710d6df8a6586875d7\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 1953358 e7c3f85d21b94e62baf0bc5849d8a7ed\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 80522 507bc24d176289793eadd28f4623e331\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 1358910 6ec7ccedec85f92e175b99c6abfb76ba\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 1995586 be70b626e522a6d10947717cc4dad784\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 7007462 b3a959d7475adb2d8aefc1d590690744\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_amd64.deb\r\n Size/MD5 checksum: 4775388 b2adb39f3d76b691a747126efd40452a\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 561128 0d9cc7d736f2ac3af0037fb0538885bb\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 2398710 a2a88432efcb034fad0cfc36130938f6\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 6177100 b465429510298d684d16f33d977ec1c3\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 3353238 d7e4a1fb9ecb639471baa485dc629653\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 79216 da72ebd5740459cd44c6d5735883f203\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 4267492 62425ac8d76f5879b900622026883d94\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 1315868 8b3019c57cfeeb28509ca96f7d0358fa\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 972222 1197d9bb33cfb181d99f03102b751cbf\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 5041464 6db94424b23399cf83de0ae1968efba0\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 1203924 f8a743cc5f4afb87f8b9cb883252c6f2\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 1817072 72fddd524748b9e9206c135e81c698dc\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_arm.deb\r\n Size/MD5 checksum: 2892294 b43b907010b9373ec7957a570d9a80ec\r\n\r\narmel architecture (ARM EABI)\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 2910452 fd7f3ad0731784dccdc5b3b467513469\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 6214560 94dff8a518547e92fb165c02dae9baec\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 5070850 b4a9ac34be34928672ce800c899ac042\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 981922 ae00524832d05f9aa8c06686c9e4e461\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 1323868 be4570e7c8720bf0c756b4eac3cd3fe0\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 3372252 012baecc35e1becc8a07d81adc262d65\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 4294422 0c6add94f7e453817388fa9e529b82bd\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 2424800 db72d33ac4229f163053c1f4ea18480e\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 78816 d0ac45bb3404ac4fa9972bf47ec91cac\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 1823568 48f417418296b035f611572d4504ffbd\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 1210432 d58cf1719fc208e76cec7c28cb594da7\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_armel.deb\r\n Size/MD5 checksum: 564066 43f4da7801d6e972fae31ce287ded998\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 2067740 1f3465310bfa420ca5d3dca47fb61876\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 6687014 bd2920b6f871c5cfc573454993b99bd3\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 4653108 91139f0c545ded0f434912e577cc655b\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 1375386 2f9657458e85625ffa4f762df7ca9a87\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 80862 32248cce30e50a58171439955e8c1b31\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 5501106 2c9166906405f03cb05d509b871ee48b\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 3177446 f061d9d8f7e5276ff6f6bf98ecea456e\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 631654 1dd17d4d9edc8fc60707db89643a8aea\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 3610032 ea72fc29881895beab6c09e20dce4eb9\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 1046340 b118ec013c5588b8baaea5d1b0e920a8\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 2229186 b1f09642dd40089211dbaa22d9e234fd\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_hppa.deb\r\n Size/MD5 checksum: 1412786 3ffb5d639b595a3af2d1661439f7559d\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 984354 610ff7af9bdec786dc66dfc71e6d906d\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 2930762 16cc9438cc5a7bac68f842aaff01cb44\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 6302570 8508f2837d10ed9e791690764c887482\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 2081416 a97abc97a1ccbebc475cf94ab984fac0\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 561714 b61348ec0f3adb19990550cab9b7e40b\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 3405124 904fba778279f57af680c3a25d316c89\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 4295250 e783fb6625c27e5d4dbdf0b5072345db\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 78984 0a4c138021591e75544c95a70a79f5e4\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 5067188 9b7a2c22ef8ebab7db2da88e77d61607\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 1825116 d70821ed19cb8118f76529c844c967de\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 1199768 f33cfc38a35e53f9a278279d10cb9296\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_i386.deb\r\n Size/MD5 checksum: 1349920 a34c0d26610af3d6a5e8c0c9e35f6acf\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 4386438 ec0ed107b01d00462e6a4dd9fa914a6f\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 5832230 d73c656dac14065b3a1f13201510eb20\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 1724092 9b5c69cdc6911c755a8e6b12d048d1ba\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 84004 bc0fe8f98f03b5d665810cb5ade516e9\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 752072 c462e06b2ff50d6abbc6fa5ba6c14dba\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 1561116 91986263af0fd80f2a8d220e626ea4e9\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 8294752 bfea15cf71e6f3503e8601b7b7a51ff4\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 1939328 a3d3f802ed54267a93a61eed49d48b7e\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 2400926 961af2d58aeff2eb54b6316b56b0d71b\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 1280080 63385632efbd6d173e452b75ac295e7d\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 6933470 666a61b68183f3afc017cb3658d25049\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_ia64.deb\r\n Size/MD5 checksum: 3915410 a7ae5b73317aff391dbfffe447ee8958\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 2507514 c8d996cba28f6d76d187774f844b01aa\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 4203042 d48c2d45cd762dc2bad73ca9c089d3c9\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 572688 4c689c9090845e6784d96eafdd1d1dd5\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 1205342 92c7d350a6958c60b719dc1bca25e23c\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 3238756 9c2d7e67ffcb7f6f9010e2a4cf3e5e16\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 942044 b994c97405ec4963b68189a0ba00067b\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 4998666 1648dd4cfec7bc14cbd41320b44fbb16\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 2809438 f4ad77583575756d14629fd98c8166f5\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 79288 10a8cdeed703948d1dd5e836897558f1\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 2182258 5183531629f1c99dd71f253832bab233\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 5840974 cb82df1024f5c10770ac98afe89e48a3\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_mips.deb\r\n Size/MD5 checksum: 1093592 8e55a6342da60f19c3c95a55a1d90164\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 2128338 f27eefe417a4831ed071ee2a34949e47\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 569280 584e1b162cb0452b814d34aa618d9b85\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 79204 69f192c04fa40eb5e2fc37c1cdb1b0ac\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 5801134 d3791aacacfcadd4caf909dd9b62fe31\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 1081720 b19e32963b224825b1f6335e28bc6d6b\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 2792976 e3d2772a8cf2274a26190043d0c9694a\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 2387806 e5f53727f8ccdca5bfb82efbd5601c7e\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 4967334 3dfdbd6e944b31808bb38bbe3ee3fe35\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 1196484 bc9d17cd36558e526efd2e3870f2b0e4\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 3219234 d4615fd079aecae1ed4753c4449aea75\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 4177874 10909deb34148f33c2a92ecb6cfd8c72\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_mipsel.deb\r\n Size/MD5 checksum: 936880 1e742c0aa5a77a995fa174a9b02913c4\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 2988566 40620c503ca952eeeb73bde777a14435\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 6294542 feab7c9b74b13b06b6977d637623c728\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 2079372 4886a2d8d7664280dae64605c891996b\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 1712666 75b337ef8fb0e52f71cf2e9b18faa1d4\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 3423452 da023922a04344c534ee88e0e0292900\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 5187664 0ddd64379049fadd254da0045e04d307\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 595048 b08157624bc5ebe37b5a2c343649bb83\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 1333642 98613e2a5c876333295cc0aab31ad250\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 989426 e1b15a1a53be2bd09010c1dd0eeddcf8\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 1239864 1aafcfc867e23a3b84f58e29f5a4b163\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 4403350 c2b90fc3fb94dcd324f9da7a38a7c878\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_powerpc.deb\r\n Size/MD5 checksum: 80476 3ac690ddd20c773e1437d21572c37a2e\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 2061206 694599e2dae140a04c53be168ebbf163\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 1389672 25b0b8754be83bae0984de459f7cf319\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 641924 989f56ac5c323f74b34512dcf48412a0\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 1935682 032e63baf547b194e2af89da342be617\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 1258028 5884f69e4c3fc4567c8f2392b4cae88d\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 4740858 01348d4fe49f9f8b07eb98b77a447c4d\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 1056846 85573ee68987c713bf2abf1c676bcd6a\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 6706474 c2cd5c961d23f7ec513b2cb0efa469a8\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 5647644 c123e43888dace888b100f4d61cef627\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 80832 c96484d5c2588fb90a23df5869463554\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 3204582 0254ff9259bae547b7d8673124473e19\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_s390.deb\r\n Size/MD5 checksum: 3650302 0716bdcda1c0b080e30fbc2b4af03e6b\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 1202198 76ec9e4b183e72139b216321ef0dbc6f\r\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 975366 ce9edebb6cdbbfce4ed44dc376960d3a\r\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 4322338 398acf0f34e81b674ec8cf4149bf4534\r\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 2924672 52a6813bc6e557daa5f2ec523942ebcc\r\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 5116574 63e4f4faadf3223fdd904e546aab6a22\r\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 3372416 73b1333d568d87529e8d3072ebd4c509\r\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 581590 2dcac90d984a7b08083be093befa1472\r\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 1303976 731b1a1f9a65e1ec887c0fbdfcc867d3\r\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 1996180 13724133b88e237853164fedd89c356b\r\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 79152 1ffe88781e928339aa16c594f9f224f0\r\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 6172106 37c0d2de6d73127751cf1670ee468944\r\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_sparc.deb\r\n Size/MD5 checksum: 2020578 f161d329079cb0df6cbc30ed97191e15\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niEYEARECAAYFAkrVMdkACgkQHYflSXNkfP9M2gCfYiJgY6BAzamJbQtFFmHVlahf\r\nbJ0AoIRB9v/za2CX4Oa7b55cwncVleN+\r\n=63e/\r\n-----END PGP SIGNATURE-----", "modified": "2009-10-14T00:00:00", "published": "2009-10-14T00:00:00", "id": "SECURITYVULNS:DOC:22637", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22637", "title": "[SECURITY] [DSA 1908-1] New samba packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "slackware": [{"lastseen": "2019-05-30T07:37:17", "bulletinFamily": "unix", "description": "New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0,\n12.1, 12.2, 13.0, and -current to fix security issues.\n\nMore details about the issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/samba-3.2.15-i486-1_slack13.0.txz:\n This update fixes the following security issues.\n A misconfigured /etc/passwd with no defined home directory could allow\n security restrictions to be bypassed.\n mount.cifs could allow a local user to read the first line of an arbitrary\n file if installed setuid. (On Slackware, it was not installed setuid)\n Specially crafted SMB requests could cause a denial of service.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/samba-3.0.37-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/samba-3.0.37-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/samba-3.0.37-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/samba-3.0.37-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/samba-3.0.37-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/samba-3.0.37-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/samba-3.2.15-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/samba-3.2.15-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/samba-3.2.15-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-3.4.2-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/samba-3.4.2-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 10.0 package:\ne02ad43f20e3c31e50cf28363541db9c samba-3.0.37-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\nbac29aae3e5f23bd815f4452c2954dc6 samba-3.0.37-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\n60ac24589c806850e7a74a09302a4ed9 samba-3.0.37-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\n58eaa3f9cb2c677f8b0a6249863685e6 samba-3.0.37-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n8f68ccdee93cb131b395d9b3eeae1674 samba-3.0.37-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\nea18bf39fa98cd52cf90fc593ee3ddf8 samba-3.0.37-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nedb0b282ea777c2edabd8147d83f6978 samba-3.2.15-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n9a848ba2af68ee2d01dd7440b4b49405 samba-3.2.15-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\ne84b39e9ee6353e0a682e71a88e97b00 samba-3.2.15-x86_64-1_slack13.0.txz\n\nSlackware -current package:\n968d2bfd83f13d40e630c14fab19a676 samba-3.4.2-i486-1.txz\n\nSlackware x86_64 -current package:\n8b80e5bcd2b603a42e92185501823d26 samba-3.4.2-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg samba-3.2.15-i486-1_slack13.0.txz\n\nThen, if Samba is running restart it:\n\n > /etc/rc.d/rc.samba restart", "modified": "2009-10-04T00:01:26", "published": "2009-10-04T00:01:26", "id": "SSA-2009-276-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439", "title": "samba", "type": "slackware", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:22:26", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA-1908-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nOctober 14th, 2009 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : samba\nVulnerability : several\nProblem type : local/remote\nDebian-specific: no\nDebian bug : none\nCVE ID : CVE-2009-2948 CVE-2009-2906 CVE-2009-2813\n\nSeveral vulnerabilities have been discovered in samba, an implementation of\nthe SMB/CIFS protocol for Unix systems, providing support for cross-platform\nfile and printer sharing with other operating systems and more. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nThe mount.cifs utility is missing proper checks for file permissions when\nused in verbose mode. This allows local users to partly disclose the\ncontent of arbitrary files by specifying the file as credentials file and\nattempting to mount a samba share (CVE-2009-2948).\n\nA reply to an oplock break notification which samba doesn't expect could\nlead to the service getting stuck in an infinite loop. An attacker\ncan use this to perform denial of service attacks via a specially crafted\nSMB request (CVE-2009-2906).\n\nA lack of error handling in case no home diretory was configured/specified\nfor the user could lead to file disclosure. In case the automated [homes]\nshare is enabled or an explicit share is created with that username, samba\nfails to enforce sharing restrictions which results in an attacker being\nable to access the file system from the root directory (CVE-2009-2813).\n\n\nFor the oldstable distribution (etch), this problem will be fixed soon.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2:3.2.5-4lenny7.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:3.4.2-1.\n\n\nWe recommend that you upgrade your samba packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7.dsc\n Size/MD5 checksum: 1830 7cc3718e19bbad5aa7099889c6c503a5\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5.orig.tar.gz\n Size/MD5 checksum: 50276407 0f7539e09803ae60a2912e70adf1c747\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7.diff.gz\n Size/MD5 checksum: 235342 836141a1924843383cc385e544c933e5\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/s/samba/samba-doc_3.2.5-4lenny7_all.deb\n Size/MD5 checksum: 7952438 630b57065388404b8a9fe3e9e111dc47\n http://security.debian.org/pool/updates/main/s/samba/samba-doc-pdf_3.2.5-4lenny7_all.deb\n Size/MD5 checksum: 6252326 cded2ecbaa3fd39bd215dbb4ec666d4c\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 1945142 a6804ba408657cc4c89c80b0d6e4b8a4\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 1078442 0bedbb5cdb5ca36f52d2e1d1a6015804\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 3273896 082fdadedaf0234b97a8aefc1ef62d8a\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 2572542 ed15d1a7aa9c065986a8e896d63479e2\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 4830106 58ed5cd28d4c43d07195d013cf25553f\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 1461944 71adea7a3b47b65f8df4f3dc5efc4422\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 81488 d521efbda414cf6d4a588873442eb987\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 5730522 cca571adc80b833e7d9c45d5dd7fa103\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 637762 b526ea1ed9ca51d132a7685ec8320eea\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 1333234 36e35a3c252fabcfd2ec0ba8407323ca\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 3736262 9dc1a726efda21fa112ef2641c9b1f6a\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_alpha.deb\n Size/MD5 checksum: 6953202 b3e8de8b127bcd1f5dda4db61ed44b20\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 3274278 b732915df239ea1a9fff196250d6d383\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 1493684 460ed93756df58adfa57870d06c9aaff\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 627686 70379a8e6ce3b5d6de6af6b895d30619\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 3728204 ac7fb1f7d07628d0452d10e62b2d661d\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 1083940 5ca50cf6abd792b51e501f846f782231\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 5646144 09130baf353097710d6df8a6586875d7\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 1953358 e7c3f85d21b94e62baf0bc5849d8a7ed\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 80522 507bc24d176289793eadd28f4623e331\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 1358910 6ec7ccedec85f92e175b99c6abfb76ba\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 1995586 be70b626e522a6d10947717cc4dad784\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 7007462 b3a959d7475adb2d8aefc1d590690744\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_amd64.deb\n Size/MD5 checksum: 4775388 b2adb39f3d76b691a747126efd40452a\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 561128 0d9cc7d736f2ac3af0037fb0538885bb\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 2398710 a2a88432efcb034fad0cfc36130938f6\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 6177100 b465429510298d684d16f33d977ec1c3\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 3353238 d7e4a1fb9ecb639471baa485dc629653\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 79216 da72ebd5740459cd44c6d5735883f203\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 4267492 62425ac8d76f5879b900622026883d94\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 1315868 8b3019c57cfeeb28509ca96f7d0358fa\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 972222 1197d9bb33cfb181d99f03102b751cbf\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 5041464 6db94424b23399cf83de0ae1968efba0\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 1203924 f8a743cc5f4afb87f8b9cb883252c6f2\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 1817072 72fddd524748b9e9206c135e81c698dc\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_arm.deb\n Size/MD5 checksum: 2892294 b43b907010b9373ec7957a570d9a80ec\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 2910452 fd7f3ad0731784dccdc5b3b467513469\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 6214560 94dff8a518547e92fb165c02dae9baec\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 5070850 b4a9ac34be34928672ce800c899ac042\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 981922 ae00524832d05f9aa8c06686c9e4e461\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 1323868 be4570e7c8720bf0c756b4eac3cd3fe0\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 3372252 012baecc35e1becc8a07d81adc262d65\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 4294422 0c6add94f7e453817388fa9e529b82bd\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 2424800 db72d33ac4229f163053c1f4ea18480e\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 78816 d0ac45bb3404ac4fa9972bf47ec91cac\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 1823568 48f417418296b035f611572d4504ffbd\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 1210432 d58cf1719fc208e76cec7c28cb594da7\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_armel.deb\n Size/MD5 checksum: 564066 43f4da7801d6e972fae31ce287ded998\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 2067740 1f3465310bfa420ca5d3dca47fb61876\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 6687014 bd2920b6f871c5cfc573454993b99bd3\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 4653108 91139f0c545ded0f434912e577cc655b\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 1375386 2f9657458e85625ffa4f762df7ca9a87\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 80862 32248cce30e50a58171439955e8c1b31\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 5501106 2c9166906405f03cb05d509b871ee48b\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 3177446 f061d9d8f7e5276ff6f6bf98ecea456e\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 631654 1dd17d4d9edc8fc60707db89643a8aea\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 3610032 ea72fc29881895beab6c09e20dce4eb9\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 1046340 b118ec013c5588b8baaea5d1b0e920a8\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 2229186 b1f09642dd40089211dbaa22d9e234fd\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_hppa.deb\n Size/MD5 checksum: 1412786 3ffb5d639b595a3af2d1661439f7559d\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 984354 610ff7af9bdec786dc66dfc71e6d906d\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 2930762 16cc9438cc5a7bac68f842aaff01cb44\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 6302570 8508f2837d10ed9e791690764c887482\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 2081416 a97abc97a1ccbebc475cf94ab984fac0\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 561714 b61348ec0f3adb19990550cab9b7e40b\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 3405124 904fba778279f57af680c3a25d316c89\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 4295250 e783fb6625c27e5d4dbdf0b5072345db\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 78984 0a4c138021591e75544c95a70a79f5e4\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 5067188 9b7a2c22ef8ebab7db2da88e77d61607\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 1825116 d70821ed19cb8118f76529c844c967de\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 1199768 f33cfc38a35e53f9a278279d10cb9296\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_i386.deb\n Size/MD5 checksum: 1349920 a34c0d26610af3d6a5e8c0c9e35f6acf\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 4386438 ec0ed107b01d00462e6a4dd9fa914a6f\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 5832230 d73c656dac14065b3a1f13201510eb20\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 1724092 9b5c69cdc6911c755a8e6b12d048d1ba\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 84004 bc0fe8f98f03b5d665810cb5ade516e9\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 752072 c462e06b2ff50d6abbc6fa5ba6c14dba\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 1561116 91986263af0fd80f2a8d220e626ea4e9\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 8294752 bfea15cf71e6f3503e8601b7b7a51ff4\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 1939328 a3d3f802ed54267a93a61eed49d48b7e\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 2400926 961af2d58aeff2eb54b6316b56b0d71b\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 1280080 63385632efbd6d173e452b75ac295e7d\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 6933470 666a61b68183f3afc017cb3658d25049\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_ia64.deb\n Size/MD5 checksum: 3915410 a7ae5b73317aff391dbfffe447ee8958\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 2507514 c8d996cba28f6d76d187774f844b01aa\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 4203042 d48c2d45cd762dc2bad73ca9c089d3c9\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 572688 4c689c9090845e6784d96eafdd1d1dd5\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 1205342 92c7d350a6958c60b719dc1bca25e23c\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 3238756 9c2d7e67ffcb7f6f9010e2a4cf3e5e16\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 942044 b994c97405ec4963b68189a0ba00067b\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 4998666 1648dd4cfec7bc14cbd41320b44fbb16\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 2809438 f4ad77583575756d14629fd98c8166f5\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 79288 10a8cdeed703948d1dd5e836897558f1\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 2182258 5183531629f1c99dd71f253832bab233\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 5840974 cb82df1024f5c10770ac98afe89e48a3\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_mips.deb\n Size/MD5 checksum: 1093592 8e55a6342da60f19c3c95a55a1d90164\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 2128338 f27eefe417a4831ed071ee2a34949e47\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 569280 584e1b162cb0452b814d34aa618d9b85\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 79204 69f192c04fa40eb5e2fc37c1cdb1b0ac\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 5801134 d3791aacacfcadd4caf909dd9b62fe31\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 1081720 b19e32963b224825b1f6335e28bc6d6b\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 2792976 e3d2772a8cf2274a26190043d0c9694a\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 2387806 e5f53727f8ccdca5bfb82efbd5601c7e\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 4967334 3dfdbd6e944b31808bb38bbe3ee3fe35\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 1196484 bc9d17cd36558e526efd2e3870f2b0e4\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 3219234 d4615fd079aecae1ed4753c4449aea75\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 4177874 10909deb34148f33c2a92ecb6cfd8c72\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_mipsel.deb\n Size/MD5 checksum: 936880 1e742c0aa5a77a995fa174a9b02913c4\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 2988566 40620c503ca952eeeb73bde777a14435\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 6294542 feab7c9b74b13b06b6977d637623c728\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 2079372 4886a2d8d7664280dae64605c891996b\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 1712666 75b337ef8fb0e52f71cf2e9b18faa1d4\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 3423452 da023922a04344c534ee88e0e0292900\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 5187664 0ddd64379049fadd254da0045e04d307\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 595048 b08157624bc5ebe37b5a2c343649bb83\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 1333642 98613e2a5c876333295cc0aab31ad250\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 989426 e1b15a1a53be2bd09010c1dd0eeddcf8\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 1239864 1aafcfc867e23a3b84f58e29f5a4b163\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 4403350 c2b90fc3fb94dcd324f9da7a38a7c878\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_powerpc.deb\n Size/MD5 checksum: 80476 3ac690ddd20c773e1437d21572c37a2e\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 2061206 694599e2dae140a04c53be168ebbf163\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 1389672 25b0b8754be83bae0984de459f7cf319\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 641924 989f56ac5c323f74b34512dcf48412a0\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 1935682 032e63baf547b194e2af89da342be617\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 1258028 5884f69e4c3fc4567c8f2392b4cae88d\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 4740858 01348d4fe49f9f8b07eb98b77a447c4d\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 1056846 85573ee68987c713bf2abf1c676bcd6a\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 6706474 c2cd5c961d23f7ec513b2cb0efa469a8\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 5647644 c123e43888dace888b100f4d61cef627\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 80832 c96484d5c2588fb90a23df5869463554\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 3204582 0254ff9259bae547b7d8673124473e19\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_s390.deb\n Size/MD5 checksum: 3650302 0716bdcda1c0b080e30fbc2b4af03e6b\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 1202198 76ec9e4b183e72139b216321ef0dbc6f\n http://security.debian.org/pool/updates/main/s/samba/swat_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 975366 ce9edebb6cdbbfce4ed44dc376960d3a\n http://security.debian.org/pool/updates/main/s/samba/samba_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 4322338 398acf0f34e81b674ec8cf4149bf4534\n http://security.debian.org/pool/updates/main/s/samba/winbind_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 2924672 52a6813bc6e557daa5f2ec523942ebcc\n http://security.debian.org/pool/updates/main/s/samba/samba-tools_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 5116574 63e4f4faadf3223fdd904e546aab6a22\n http://security.debian.org/pool/updates/main/s/samba/samba-common_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 3372416 73b1333d568d87529e8d3072ebd4c509\n http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 581590 2dcac90d984a7b08083be093befa1472\n http://security.debian.org/pool/updates/main/s/samba/smbfs_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 1303976 731b1a1f9a65e1ec887c0fbdfcc867d3\n http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 1996180 13724133b88e237853164fedd89c356b\n http://security.debian.org/pool/updates/main/s/samba/libwbclient0_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 79152 1ffe88781e928339aa16c594f9f224f0\n http://security.debian.org/pool/updates/main/s/samba/smbclient_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 6172106 37c0d2de6d73127751cf1670ee468944\n http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.2.5-4lenny7_sparc.deb\n Size/MD5 checksum: 2020578 f161d329079cb0df6cbc30ed97191e15\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2009-10-14T02:10:44", "published": "2009-10-14T02:10:44", "id": "DEBIAN:DSA-1908-1:D4D84", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00230.html", "title": "[SECURITY] [DSA 1908-1] New samba packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "vmware": [{"lastseen": "2018-09-02T02:40:37", "bulletinFamily": "unix", "description": "a. Service Console update for samba to 3.0.33-3.15.el5_4.1 \nThis update changes the samba packages to samba-client-3.0.33-3.15.el5_4.1 and samba-common-3.0.33-3.15.el5_4.1. These versions include fixes for security issues that were first fixed in samba-client-3.0.33-0.18.el4_8 and samba-common-3.0.33-0.18.el4_8. \n \nThe Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the names CVE-2009-2906, CVE-2009-1888,CVE-2009-2813 and CVE-2009-2948 to these issues. \n \nThe following table lists what action remediates the vulnerability (column 4) if a solution is available. \n\n", "modified": "2010-10-25T00:00:00", "published": "2010-04-01T00:00:00", "id": "VMSA-2010-0006", "href": "https://www.vmware.com/security/advisories/VMSA-2010-0006.html", "title": "ESX Service Console updates for samba and acpid", "type": "vmware", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2019-05-29T17:23:01", "bulletinFamily": "unix", "description": "J. David Hester discovered that Samba incorrectly handled users that lack home directories when the automated [homes] share is enabled. An authenticated user could connect to that share name and gain access to the whole filesystem. (CVE-2009-2813)\n\nTim Prouty discovered that the smbd daemon in Samba incorrectly handled certain unexpected network replies. A remote attacker could send malicious replies to the server and cause smbd to use all available CPU, leading to a denial of service. (CVE-2009-2906)\n\nRonald Volgers discovered that the mount.cifs utility, when installed as a setuid program, would not verify user permissions before opening a credentials file. A local user could exploit this to use or read the contents of unauthorized credential files. (CVE-2009-2948)\n\nReinhard Ni\u00c3\u0178l discovered that the smbclient utility contained format string vulnerabilities in its file name handling. Because of security features in Ubuntu, exploitation of this vulnerability is limited. If a user or automated system were tricked into processing a specially crafted file name, smbclient could be made to crash, possibly leading to a denial of service. This only affected Ubuntu 8.10. (CVE-2009-1886)\n\nJeremy Allison discovered that the smbd daemon in Samba incorrectly handled permissions to modify access control lists when dos filemode is enabled. A remote attacker could exploit this to modify access control lists. This only affected Ubuntu 8.10 and Ubuntu 9.04. (CVE-2009-1886)", "modified": "2009-10-01T00:00:00", "published": "2009-10-01T00:00:00", "id": "USN-839-1", "href": "https://usn.ubuntu.com/839-1/", "title": "Samba vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:08", "bulletinFamily": "unix", "description": "### Background\n\nSamba is a suite of SMB and CIFS client/server programs.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with root privileges, cause a Denial of Service condition, take ownership of shared files, or bypass file permissions. Furthermore, a local attacker may be able to cause a Denial of Service condition or obtain sensitive information in a Samba credentials file. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Samba users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-fs/samba-3.5.15\"", "modified": "2012-06-24T00:00:00", "published": "2012-06-24T00:00:00", "id": "GLSA-201206-22", "href": "https://security.gentoo.org/glsa/201206-22", "type": "gentoo", "title": "Samba: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "threatpost": [{"lastseen": "2018-10-06T23:08:12", "bulletinFamily": "info", "description": "Apple Mega Patch Covers 88 Mac OS X Vulnerabilities\n\nApple today released one of its biggest Mac OS X security updates in recent memory, covering a whopping with fixes for 88 documented vulnerabilities.\n\nThe Mac OS X v10.6.3 update, which is considered \u201ccritical,\u201d covers flaws that could lead to remote code execution, information disclosure and denial-of-service attacks.\n\nSecurity Update 2010-002 / Mac OS X v10.6.3 is now available and\n\naddresses the following:\n\nAppKit\n\nCVE-ID: CVE-2010-0056\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Spell checking a maliciously crafted document may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the spell checking feature\n\nused by Cocoa applications. Spell checking a maliciously crafted\n\ndocument may lead to an unexpected application termination or\n\narbitrary code execution. This issue is addressed through improved\n\nbounds checking. This issue does not affect Mac OS X v10.6 systems.\n\nCredit: Apple.\n\nApplication Firewall\n\nCVE-ID: CVE-2009-2801\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Certain rules in the Application Firewall may become\n\ninactive after restart\n\nDescription: A timing issue in the Application Firewall may cause\n\ncertain rules to become inactive after reboot. The issue is addressed\n\nthrough improved handling of Firewall rules. This issue does not\n\naffect Mac OS X v10.6 systems. Credit to Michael Kisor of\n\nOrganicOrb.com for reporting this issue.\n\nAFP Server\n\nCVE-ID: CVE-2010-0057\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: When guest access is disabled, a remote user may be able to\n\nmount AFP shares as a guest\n\nDescription: An access control issue in AFP Server may allow a\n\nremote user to mount AFP shares as a guest, even if guest access is\n\ndisabled. This issue is addressed through improved access control\n\nchecks. Credit: Apple.\n\nAFP Server\n\nCVE-ID: CVE-2010-0533\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote user with guest access to an AFP share may access\n\nthe contents of world-readable files outside the Public share\n\nDescription: A directory traversal issue exists in the path\n\nvalidation for AFP shares. A remote user may enumerate the parent\n\ndirectory of the share root, and read or write files within that\n\ndirectory that are accessible to the \u2018nobody\u2019 user. This issue is\n\naddressed through improved handling of file paths. Credit to Patrik\n\nKarlsson of cqure.net for reporting this issue.\n\nApache\n\nCVE-ID: CVE-2009-3095\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to bypass access control\n\nrestrictions\n\nDescription: An input validation issue exists in Apache\u2019s handling\n\nof proxied FTP requests. A remote attacker with the ability to issue\n\nrequests through the proxy may be able to bypass access control\n\nrestrictions specified in the Apache configuration. This issue is\n\naddressed by updating Apache to version 2.2.14.\n\nClamAV\n\nCVE-ID: CVE-2010-0058\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: ClamAV virus definitions may not receive updates\n\nDescription: A configuration issue introduced in Security Update\n\n2009-005 prevents freshclam from running. This may prevent virus\n\ndefinitions from being updated. This issue is addressed by updating\n\nfreshclam\u2019s launchd plist ProgramArguments key values. This issue\n\ndoes not affect Mac OS X v10.6 systems. Credit to Bayard Bell, Wil\n\nShipley of Delicious Monster, and David Ferrero of Zion Software, LLC\n\nfor reporting this issue.\n\nCoreAudio\n\nCVE-ID: CVE-2010-0059\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Playing maliciously crafted audio content may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nQDM2 encoded audio content. Playing maliciously crafted audio content\n\nmay lead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nCoreAudio\n\nCVE-ID: CVE-2010-0060\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Playing maliciously crafted audio content may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nQDMC encoded audio content. Playing maliciously crafted audio content\n\nmay lead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nCoreMedia\n\nCVE-ID: CVE-2010-0062\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in CoreMedia\u2019s handling\n\nof H.263 encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of H.263 encoded movie files. Credit to Damian Put working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nCoreTypes\n\nCVE-ID: CVE-2010-0063\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Users are not warned before opening certain potentially\n\nunsafe content types\n\nDescription: This update adds .ibplugin and .url to the system\u2019s\n\nlist of content types that will be flagged as potentially unsafe\n\nunder certain circumstances, such as when they are downloaded from a\n\nweb page. While these content types are not automatically launched,\n\nif manually opened they could lead to the execution of a malicious\n\nJavaScript payload or arbitrary code execution. This update improves\n\nthe system\u2019s ability to notify users before handling content types\n\nused by Safari. Credit to Clint Ruoho of Laconic Security for\n\nreporting this issue.\n\nCUPS\n\nCVE-ID: CVE-2010-0393\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may be able to obtain system privileges\n\nDescription: A format string issue exists in the lppasswd CUPS\n\nutility. This may allow a local user to obtain system privileges. Mac\n\nOS X v10.6 systems are only affected if the setuid bit has been set\n\non the binary. This issue is addressed by using default directories\n\nwhen running as a setuid process. Credit to Ronald Volgers for\n\nreporting this issue.\n\ncurl\n\nCVE-ID: CVE-2009-2417\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A man-in-the-middle attacker may be able to impersonate a\n\ntrusted server\n\nDescription: A canonicalization issue exists in curl\u2019s handling of\n\nNULL characters in the subject\u2019s Common Name (CN) field of X.509\n\ncertificates. This may lead to man-in-the-middle attacks against\n\nusers of the curl command line tool, or applications using libcurl.\n\nThis issue is addressed through improved handling of NULL characters.\n\ncurl\n\nCVE-ID: CVE-2009-0037\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Using curl with -L may allow a remote attacker to read or\n\nwrite local files\n\nDescription: curl will follow HTTP and HTTPS redirects when used\n\nwith the -L option. When curl follows a redirect, it allows file://\n\nURLs. This may allow a remote attacker to access local files. This\n\nissue is addressed through improved validation of redirects. This\n\nissue does not affect Mac OS X v10.6 systems. Credit to Daniel\n\nStenberg of Haxx AB for reporting this issue.\n\nCyrus IMAP\n\nCVE-ID: CVE-2009-2632\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: A local user may be able to obtain the privileges of the\n\nCyrus user\n\nDescription: A buffer overflow exists in the handling of sieve\n\nscripts. By running a maliciously crafted sieve script, a local user\n\nmay be able to obtain the privileges of the Cyrus user. This issue is\n\naddressed through improved bounds checking. This issue does not\n\naffect Mac OS X v10.6 systems.\n\nCyrus SASL\n\nCVE-ID: CVE-2009-0688\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: An unauthenticated remote attacker may cause unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the Cyrus SASL\n\nauthentication module. Using Cyrus SASL authentication may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. This issue does\n\nnot affect Mac OS X v10.6 systems.\n\nDesktopServices\n\nCVE-ID: CVE-2010-0064\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Items copied in the Finder may be assigned an unexpected\n\nfile owner\n\nDescription: When performing an authenticated copy in the Finder,\n\noriginal file ownership may be unexpectedly copied. This update\n\naddresses the issue by ensuring that copied files are owned by the\n\nuser performing the copy. This issue does not affect systems prior to\n\nMac OS X v10.6. Credit to Gerrit DeWitt of Auburn University (Auburn,\n\nAL) for reporting this issue.\n\nDesktopServices\n\nCVE-ID: CVE-2010-0537\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may gain access to user data via a multi-\n\nstage attack\n\nDescription: A path resolution issue in DesktopServices is\n\nvulnerable to a multi-stage attack. A remote attacker must first\n\nentice the user to mount an arbitrarily named share, which may be\n\ndone via a URL scheme. When saving a file using the default save\n\npanel in any application, and using \u201cGo to folder\u201d or dragging\n\nfolders to the save panel, the data may be unexpectedly saved to the\n\nmalicious share. This issue is addressed through improved path\n\nresolution. This issue does not affect systems prior to Mac OS X\n\nv10.6. Credit to Sidney San Martin working with DeepTech, Inc. for\n\nreporting this issue.\n\nDisk Images\n\nCVE-ID: CVE-2010-0065\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mounting a maliciously crafted disk image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nbzip2 compressed disk images. Mounting a maliciously crafted disk\n\nimage may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed through improved bounds\n\nchecking. Credit: Apple.\n\nDisk Images\n\nCVE-ID: CVE-2010-0497\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mounting a maliciously crafted disk image may lead to\n\narbitrary code execution\n\nDescription: A design issue exists in the handling of internet\n\nenabled disk images. Mounting an internet enabled disk image\n\ncontaining a package file type will open it rather than revealing it\n\nin the Finder. This file quarantine feature helps to mitigate this\n\nissue by providing a warning dialog for unsafe file types. This issue\n\nis addressed through improved handling of package file types on\n\ninternet enabled disk images. Credit to Brian Mastenbrook working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nDirectory Services\n\nCVE-ID: CVE-2010-0498\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may obtain system privileges\n\nDescription: An authorization issue in Directory Services\u2019 handling\n\nof record names may allow a local user to obtain system privileges.\n\nThis issue is addressed through improved authorization checks.\n\nCredit: Apple.\n\nDovecot\n\nCVE-ID: CVE-2010-0535\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may be able to send and receive mail\n\neven if the user is not on the SACL of users who are permitted to do\n\nso\n\nDescription: An access control issue exists in Dovecot when Kerberos\n\nauthentication is enabled. This may allow an authenticated user to\n\nsend and receive mail even if the user is not on the service access\n\ncontrol list (SACL) of users who are permitted to do so. This issue\n\nis addressed through improved access control checks. This issue does\n\nnot affect systems prior to Mac OS X v10.6.\n\nEvent Monitor\n\nCVE-ID: CVE-2010-0500\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may cause arbitrary systems to be added to\n\nthe firewall blacklist\n\nDescription: A reverse DNS lookup is performed on remote ssh clients\n\nthat fail to authenticate. A plist injection issue exists in the\n\nhandling of resolved DNS names. This may allow a remote attacker to\n\ncause arbitrary systems to be added to the firewall blacklist. This\n\nissue is addressed by properly escaping resolved DNS names. Credit:\n\nApple.\n\nFreeRADIUS\n\nCVE-ID: CVE-2010-0524\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may obtain access to a network via RADIUS\n\nauthentication\n\nDescription: A certificate authentication issue exists in the\n\ndefault Mac OS X configuration of the FreeRADIUS server. A remote\n\nattacker may use EAP-TLS with an arbitrary valid certificate to\n\nauthenticate and connect to a network configured to use FreeRADIUS\n\nfor authentication. This issue is addressed by disabling support for\n\nEAP-TLS in the configuration. RADIUS clients should use EAP-TTLS\n\ninstead. This issue only affects Mac OS X Server systems. Credit to\n\nChris Linstruth of Qnet for reporting this issue.\n\nFTP Server\n\nCVE-ID: CVE-2010-0501\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Users may be able to retrieve files outside the FTP root\n\ndirectory\n\nDescription: A directory traversal issue exists in FTP Server. This\n\nmay allow a user to retrieve files outside the FTP root directory.\n\nThis issue is addressed through improved handling of file names. This\n\nissue only affects Mac OS X Server systems. Credit: Apple.\n\niChat Server\n\nCVE-ID: CVE-2006-1329\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An implementation issue exists in jabberd\u2019s handling of\n\nSASL negotiation. A remote attacker may be able to terminate the\n\noperation of jabberd. This issue is addressed through improved\n\nhandling of SASL negotiation. This issue only affects Mac OS X Server\n\nsystems.\n\niChat Server\n\nCVE-ID: CVE-2010-0502\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Chat messages may not be logged\n\nDescription: A design issue exists in iChat Server\u2019s support for\n\nconfigurable group chat logging. iChat Server only logs messages with\n\ncertain message types. This may allow a remote user to send a message\n\nthrough the server without it being logged. The issue is addressed by\n\nremoving the capability to disable group chat logs, and logging all\n\nmessages that are sent through the server. This issue only affects\n\nMac OS X Server systems. Credit: Apple.\n\niChat Server\n\nCVE-ID: CVE-2010-0503\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A use-after-free issue exists in iChat Server. An\n\nauthenticated user may be able to cause an unexpected application\n\ntermination or arbitrary code execution. This issue is addressed\n\nthrough improved memory reference tracking. This issue only affects\n\nMac OS X Server systems, and does not affect versions 10.6 or later.\n\niChat Server\n\nCVE-ID: CVE-2010-0504\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: Multiple stack buffer overflow issues exist in iChat\n\nServer. An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution. These issues are\n\naddressed through improved memory management. These issues only\n\naffect Mac OS X Server systems. Credit: Apple.\n\nImageIO\n\nCVE-ID: CVE-2010-0505\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted JP2 image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of JP2\n\nimages. Viewing a maliciously crafted JP2 image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. Credit to Chris\n\nRies of Carnegie Mellon University Computing Service, and researcher\n\n\u201c85319bb6e6ab398b334509c50afce5259d42756e\u201d working with\n\nTippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0041\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Visiting a maliciously crafted website may result in sending\n\ndata from Safari\u2019s memory to the website\n\nDescription: An uninitialized memory access issue exists in\n\nImageIO\u2019s handling of BMP images. Visiting a maliciously crafted\n\nwebsite may result in sending data from Safari\u2019s memory to the\n\nwebsite. This issue is addressed through improved memory\n\ninitialization and additional validation of BMP images. Credit to\n\nMatthew \u2018j00ru\u2019 Jurczyk of Hispasec for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0042\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Visiting a maliciously crafted website may result in sending\n\ndata from Safari\u2019s memory to the website\n\nDescription: An uninitialized memory access issue exists in\n\nImageIO\u2019s handling of TIFF images. Visiting a maliciously crafted\n\nwebsite may result in sending data from Safari\u2019s memory to the\n\nwebsite. This issue is addressed through improved memory\n\ninitialization and additional validation of TIFF images. Credit to\n\nMatthew \u2018j00ru\u2019 Jurczyk of Hispasec for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0043\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Processing a maliciously crafted TIFF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nTIFF images. Processing a maliciously crafted TIFF image may lead to\n\nan unexpected application termination or arbitrary code execution.\n\nThis issue is addressed through improved memory handling. This issue\n\ndoes not affect systems prior to Mac OS X v10.6. Credit to Gus\n\nMueller of Flying Meat for reporting this issue.\n\nImage RAW\n\nCVE-ID: CVE-2010-0506\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Viewing a maliciously crafted NEF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in Image RAW\u2019s handling of NEF\n\nimages. Viewing a maliciously crafted NEF image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. This issue does\n\nnot affect Mac OS X v10.6 systems. Credit: Apple.\n\nImage RAW\n\nCVE-ID: CVE-2010-0507\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted PEF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in Image RAW\u2019s handling of PEF\n\nimages. Viewing a maliciously crafted PEF image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. Credit to Chris\n\nRies of Carnegie Mellon University Computing Services for reporting\n\nthis issue.\n\nLibsystem\n\nCVE-ID: CVE-2009-0689\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Applications that convert untrusted data between binary\n\nfloating point and text may be vulnerable to an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the floating point binary\n\nto text conversion code within Libsystem. An attacker who can cause\n\nan application to convert a floating point value into a long string,\n\nor to parse a maliciously crafted string as a floating point value,\n\nmay be able to cause an unexpected application termination or\n\narbitrary code execution. This issue is addressed through improved\n\nbounds checking. Credit to Maksymilian Arciemowicz of\n\nSecurityReason.com for reporting this issue.\n\nMail\n\nCVE-ID: CVE-2010-0508\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Rules associated with a deleted mail account remain in\n\neffect\n\nDescription: When a mail account is deleted, user-defined filter\n\nrules associated with that account remain active. This may result in\n\nunexpected actions. This issue is addressed by disabling associated\n\nrules when a mail account is deleted.\n\nMail\n\nCVE-ID: CVE-2010-0525\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mail may use a weaker encryption key for outgoing email\n\nDescription: A logic issue exists in Mail\u2019s handling of encryption\n\ncertificates. When multiple certificates for the recipient exist in\n\nthe keychain, Mail may select an encryption key that is not intended\n\nfor encipherment. This may lead to a security issue if the chosen key\n\nis weaker than expected. This issue is addressed by ensuring that the\n\nkey usage extension within certificates is evaluated when selecting a\n\nmail encryption key. Credit to Paul Suh of ps Enable, Inc. for\n\nreporting this issue.\n\nMailman\n\nCVE-ID: CVE-2008-0564\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in Mailman 2.1.9\n\nDescription: Multiple cross-site scripting issues exist in Mailman\n\n2.1.9. These issues are addressed by updating Mailman to version\n\n2.1.13. Further information is available via the Mailman site at\n\nhttp://mail.python.org/pipermail/mailman-\n\nannounce/2009-January/000128.html These issues only affect Mac OS X\n\nServer systems, and do not affect versions 10.6 or later.\n\nMySQL\n\nCVE-ID: CVE-2008-4456, CVE-2008-7247, CVE-2009-2446, CVE-2009-4019,\n\nCVE-2009-4030\n\nAvailable for: Mac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in MySQL 5.0.82\n\nDescription: MySQL is updated to version 5.0.88 to address multiple\n\nvulnerabilities, the most serious of which may lead to arbitrary code\n\nexecution. These issues only affect Mac OS X Server systems. Further\n\ninformation is available via the MySQL web site at\n\nhttp://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html\n\nOS Services\n\nCVE-ID: CVE-2010-0509\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may be able to obtain elevated privileges\n\nDescription: A privilege escalation issue exists in SFLServer, as it\n\nruns as group \u2018wheel\u2019 and accesses files in users\u2019 home directories.\n\nThis issue is addressed through improved privilege management. Credit\n\nto Kevin Finisterre of DigitalMunition for reporting this issue.\n\nPassword Server\n\nCVE-ID: CVE-2010-0510\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to log in with an outdated\n\npassword\n\nDescription: An implementation issue in Password Server\u2019s handling\n\nof replication may cause passwords to not be replicated. A remote\n\nattacker may be able to log in to a system using an outdated\n\npassword. This issue is addressed through improved handling of\n\npassword replication. This issue only affects Mac OS X Server\n\nsystems. Credit to Jack Johnson of Anchorage School District for\n\nreporting this issue.\n\nperl\n\nCVE-ID: CVE-2008-5302, CVE-2008-5303\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: A local user may cause arbitrary files to be deleted\n\nDescription: Multiple race condition issues exist in the rmtree\n\nfunction of the perl module File::Path. A local user with write\n\naccess to a directory that is being deleted may cause arbitrary files\n\nto be removed with the privileges of the perl process. This issue is\n\naddressed through improved handling of symbolic links. This issue\n\ndoes not affect Mac OS X v10.6 systems.\n\nPHP\n\nCVE-ID: CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4017\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in PHP 5.3.0\n\nDescription: PHP is updated to version 5.3.1 to address multiple\n\nvulnerabilities, the most serious of which may lead to arbitary code\n\nexecution. Further information is available via the PHP website at\n\nhttp://www.php.net/\n\nPHP\n\nCVE-ID: CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4142,\n\nCVE-2009-4143\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in PHP 5.2.11\n\nDescription: PHP is updated to version 5.2.12 to address multiple\n\nvulnerabilities, the most serious of which may lead to cross-site\n\nscripting. Further information is available via the PHP website at\n\nhttp://www.php.net/\n\nPodcast Producer\n\nCVE-ID: CVE-2010-0511\n\nAvailable for: Mac OS X Server v10.6 through v10.6.2\n\nImpact: An unauthorized user may be able to access a Podcast\n\nComposer workflow\n\nDescription: When a Podcast Composer workflow is overwritten, the\n\naccess restrictions are removed. This may allow an unauthorized user\n\nto access a Podcast Composer workflow. This issue is addressed\n\nthrough improved handling of workflow access restrictions. Podcast\n\nComposer was introduced in Mac OS X Server v10.6.\n\nPreferences\n\nCVE-ID: CVE-2010-0512\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A network user may be able to bypass system login\n\nrestrictions\n\nDescription: An implementation issue exists in the handling of\n\nsystem login restrictions for network accounts. If the network\n\naccounts allowed to log in to the system at the Login Window are\n\nidentified by group membership only, the restriction will not be\n\nenforced, and all network users will be allowed to log in to the\n\nsystem. The issue is addressed through improved group restriction\n\nmanagement in the Accounts preference pane. This issue only affects\n\nsystems configured to use a network account server, and does not\n\naffect systems prior to Mac OS X v10.6. Credit to Christopher D.\n\nGrieb of University of Michigan MSIS for reporting this issue.\n\nPS Normalizer\n\nCVE-ID: CVE-2010-0513\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted PostScript file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A stack buffer overflow exists in the handling of\n\nPostScript files. Viewing a maliciously crafted PostScript file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of PostScript files. On Mac OS X v10.6 systems this issue\n\nis mitigated by the -fstack-protector compiler flag. Credit: Apple.\n\nQuickTime\n\nCVE-ID: CVE-2010-0062\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in QuickTime\u2019s handling\n\nof H.263 encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of H.263 encoded movie files. Credit to Damian Put working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0514\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of H.261\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of H.261 encoded movie files. Credit to Will Dormann of\n\nthe CERT/CC for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0515\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption in the handling of H.264 encoded\n\nmovie files. Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed by performing additional validation of H.264\n\nencoded movie files.\n\nQuickTime\n\nCVE-ID: CVE-2010-0516\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow in the handling of RLE encoded\n\nmovie files. Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed by performing additional validation of RLE encoded\n\nmovie files. Credit to an anonymous researcher working with\n\nTippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0517\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow in the handling of M-JPEG\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of M-JPEG encoded movie files. Credit to Damian Put\n\nworking with TippingPoint\u2019s Zero Day Initiative for reporting this\n\nissue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0518\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nSorenson encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of Sorenson encoded movie files. Credit to Will Dormann of\n\nthe CERT/CC for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0519\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: An integer overflow exists in the handling of FlashPix\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0520\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of FLC\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of FLC encoded movie files. Credit to Moritz Jodeit of\n\nn.runs AG, working with TippingPoint\u2019s Zero Day Initiative, and\n\nNicols Joly of VUPEN Security for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0526\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted MPEG file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of MPEG\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of MPEG encoded movie files. Credit to an anonymous\n\nresearcher working with TippingPoint\u2019s Zero Day Initiative for\n\nreporting this issue.\n\nRuby\n\nCVE-ID: CVE-2009-2422, CVE-2009-3009, CVE-2009-4214\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple issues in Ruby on Rails\n\nDescription: Multiple vulnerabilities exist in Ruby on Rails, the\n\nmost serious of which may lead to cross-site scripting. On Mac OS X\n\nv10.6 systems, these issues are addressed by updating Ruby on Rails\n\nto version 2.3.5. Mac OS X v10.5 systems are affected only by\n\nCVE-2009-4214, and this issue is addressed through improved\n\nvalidation of arguments to strip_tags.\n\nRuby\n\nCVE-ID: CVE-2009-1904\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Running a Ruby script that uses untrusted input to\n\ninitialize a BigDecimal object may lead to an unexpected application\n\ntermination\n\nDescription: A stack exhaustion issue exists in Ruby\u2019s handling of\n\nBigDecimal objects with very large values. Running a Ruby script that\n\nuses untrusted input to initialize a BigDecimal object may lead to an\n\nunexpected application termination. For Mac OS X v10.6 systems, this\n\nissue is addressed by updating Ruby to version 1.8.7-p173. For Mac OS\n\nv10.5 systems, this issue is addressed by updating Ruby to version\n\n1.8.6-p369.\n\nServer Admin\n\nCVE-ID: CVE-2010-0521\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may extract information from Open\n\nDirectory\n\nDescription: A design issue exists in the handling of authenticated\n\ndirectory binding. A remote attacker may be able to anonymously\n\nextract information from Open Directory, even if the \u201cRequire\n\nauthenticated binding between directory and clients\u201d option is\n\nenabled. The issue is addressed by removing this configuration\n\noption. This issue only affects Mac OS X Server systems. Credit to\n\nScott Gruby of Gruby Solutions, and Mathias Haack of GRAVIS\n\nComputervertriebsgesellschaft mbH for reporting this issue.\n\nServer Admin\n\nCVE-ID: CVE-2010-0522\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: A former administrator may have unauthorized access to\n\nscreen sharing\n\nDescription: A user who is removed from the \u2018admin\u2019 group may still\n\nconnect to the server using screen sharing. This issue is addressed\n\nthrough improved handling of administrator privileges. This issue\n\nonly affects Mac OS X Server systems, and does not affect version\n\n10.6 or later. Credit: Apple.\n\nSMB\n\nCVE-ID: CVE-2009-2906\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An infinite loop issue exists in Samba\u2019s handling of\n\nSMB \u2018oplock\u2019 break notifications. A remote attacker may be able to\n\ntrigger an infinite loop in smbd, causing it to consume excessive CPU\n\nresources. The issue is addressed through improved handling of\n\n\u2018oplock\u2019 break notifications.\n\nTomcat\n\nCVE-ID: CVE-2009-0580, CVE-2009-0033, CVE-2009-0783, CVE-2008-5515,\n\nCVE-2009-0781, CVE-2009-2901, CVE-2009-2902, CVE-2009-2693\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in Tomcat 6.0.18\n\nDescription: Tomcat is updated to version 6.0.24 to address multiple\n\nvulnerabilities, the most serious of which may lead to a cross site\n\nscripting attack. Tomcat is only provided on Mac OS X Server systems.\n\nFurther information is available via the Tomcat site at\n\nhttp://tomcat.apache.org/\n\nunzip\n\nCVE-ID: CVE-2008-0888\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Extracting maliciously crafted zip files using the unzip\n\ncommand tool may lead to an unexpected application termination or\n\ncode execution\n\nDescription: An uninitialized pointer issue exists is the handling\n\nof zip files. Extracting maliciously crafted zip files using the\n\nunzip command tool may lead to an unexpected application termination\n\nor arbitrary code execution. This issue is addressed by performing\n\nadditional validation of zip files. This issue does not affect Mac OS\n\nX v10.6 systems.\n\nvim\n\nCVE-ID: CVE-2008-2712, CVE-2008-4101, CVE-2009-0316\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in vim 7.0\n\nDescription: Multiple vulnerabilities exist in vim 7.0, the most\n\nserious of which may lead to arbitrary code execution when working\n\nwith maliciously crafted files. These issues are addressed by\n\nupdating to vim 7.2.102. These issues do not affect Mac OS X v10.6\n\nsystems. Further information is available via the vim website at\n\nhttp://www.vim.org/\n\nWiki Server\n\nCVE-ID: CVE-2010-0523\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: Uploading a maliciously crafted applet may lead to the\n\ndisclosure of sensitive information\n\nDescription: Wiki Server allows users to upload active content such\n\nas Java applets. A remote attacker may obtain sensitive information\n\nby uploading a maliciously crafted applet and directing a Wiki Server\n\nuser to view it. The issue is addressed by restricting the file types\n\nthat may be uploaded to the Wiki Server. This issue only affects Mac\n\nOS X Server systems, and does not affect versions 10.6 or later.\n\nWiki Server\n\nCVE-ID: CVE-2010-0534\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may bypass weblog creation\n\nrestrictions\n\nDescription: Wiki Server supports service access control lists\n\n(SACLs), allowing an administrator to control the publication of\n\ncontent. Wiki Server fails to consult the weblog SACL during the\n\ncreation of a user\u2019s weblog. This may allow an authenticated user to\n\npublish content to the Wiki Server, even though publication should be\n\ndisallowed by the service ACL. This issue does not affect systems\n\nprior to Mac OS X v10.6.\n\nX11\n\nCVE-ID: CVE-2009-2042\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted image may lead to the\n\ndisclosure of sensitive information\n\nDescription: libpng is updated to version 1.2.37 to address an issue\n\nthat may result in the disclosure of sensitive information. Further\n\ninformation is available via the libpng site at\n\nhttp://www.libpng.org/pub/png/libpng.html\n\nX11\n\nCVE-ID: CVE-2003-0063\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Displaying maliciously crafted data within an xterm terminal\n\nmay lead to arbitrary code execution\n\nDescription: The xterm program supports a command sequence to change\n\nthe window title, and to print the window title to the terminal. The\n\ninformation returned is provided to the terminal as though it were\n\nkeyboard input from the user. Within an xterm terminal, displaying\n\nmaliciously crafted data containing such sequences may result in\n\ncommand injection. The issue is addressed by disabling the affected\n\ncommand sequence.\n\nxar\n\nCVE-ID: CVE-2010-0055\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: A modified package may appear as validly signed\n\nDescription: A design issue exists in xar when validating a package\n\nsignature. This may allow a modified package to appear as validly\n\nsigned. This issue is fixed through improved package signature\n\nvalidation. This issue does not affect Mac OS X v10.6 systems.\n\nCredit: Apple.\n\nSecurity Update 2010-002 / Mac OS X v10.6.3 may be obtained from\n\nthe Software Update pane in System Preferences, or Apple\u2019s Software\n\nDownloads web site:\n\nhttp://www.apple.com/support/downloads/\n\n[](<https://threatpost.com/apple-mega-patch-covers-88-mac-os-x-vulnerabilities-032910/>)Apple today released one of its biggest Mac OS X security updates in recent memory, covering a whopping 88 documented vulnerabilities.\n\nThe Mac OS X v10.6.3 update, which is considered \u201ccritical,\u201d covers flaws that could lead to remote code execution, information disclosure and denial-of-service attacks.\n\nIn some scenarios, a malicious hacker could take complete control of a Mac-powered machine if a user simply views a malicious image or movie file.\n\nThe update covers critical vulnerabilities in AppKit, QuickTime,CoreMedia, CoreTypes, DiskImages, ImageIO and Image RAW.\n\nIt also covers holes in several open-source components, including Apache, ClamAV, MySQL, PHP.\n\nHere\u2019s [the full list](<http://support.apple.com/kb/HT4077>) of the patched vulnerabilities. \n\nThe Security Update 2010-002 / Mac OS X v10.6.3 may be obtained from the Software Update pane in System Preferences, or [Apple\u2019s Software Downloads](<site:http://www.apple.com/support/downloads/>) web page.\n", "modified": "2013-04-17T16:37:25", "published": "2010-03-29T17:15:44", "id": "THREATPOST:4F867C686B7E31697E158FBD04A5DD35", "href": "https://threatpost.com/apple-mega-patch-covers-88-mac-os-x-vulnerabilities-032910/73753/", "type": "threatpost", "title": "Apple Mega Patch Covers 88 Mac OS X Vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
