Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2022 Greenbone AGOPENVAS:13614125623114202203231
HistoryFeb 04, 2022 - 12:00 a.m.

SUSE: Security Advisory (SUSE-SU-2022:0323-1)

2022-02-0400:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
1

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.136 Low

EPSS

Percentile

95.6%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.4.2022.0323.1");
  script_cve_id("CVE-2020-29361", "CVE-2021-20316", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336");
  script_tag(name:"creation_date", value:"2022-02-04 03:28:34 +0000 (Fri, 04 Feb 2022)");
  script_version("2024-02-02T14:37:51+0000");
  script_tag(name:"last_modification", value:"2024-02-02 14:37:51 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"9.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:C/I:C/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2022-09-01 20:05:40 +0000 (Thu, 01 Sep 2022)");

  script_name("SUSE: Security Advisory (SUSE-SU-2022:0323-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2022 Greenbone AG");
  script_family("SuSE Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES12\.0SP5)");

  script_xref(name:"Advisory-ID", value:"SUSE-SU-2022:0323-1");
  script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2022/suse-su-20220323-1/");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'samba' package(s) announced via the SUSE-SU-2022:0323-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"This update contains a major security update for Samba.


samba has received security fixes:

CVE-2021-44141: Information leak via symlinks of existence of files or
 directories outside of the exported share (bsc#1193690),

CVE-2021-44142: Out-of-bounds heap read/write vulnerability in VFS
 module vfs_fruit allows code execution (bsc#1194859),

CVE-2022-0336: Samba AD users with permission to write to an account can
 impersonate arbitrary services (bsc#1195048),

samba was updated to version 4.15.4, (jsc#SLE-23330),

CVE-2021-43566: Symlink race error can allow directory creation
 outside of the exported share, (bso#13979), (bsc#1139519),

CVE-2021-20316: Symlink race error can allow metadata read and modify
 outside of the exported share, (bso#14842), (bsc#1191227),

Build samba with embedded talloc, pytalloc, pytalloc-util, tdb, pytdb,
 tevent, pytevent, ldb, pyldb and pyldb-util libraries. The tdb and ldb
 tools are installed in /usr/lib[64]/samba/bin and their manpages in
 /usr/lib[64]/samba/man

 This avoids removing old functionality.

samba was updated to 4.15.4:

Duplicate SMB file_ids leading to Windows client cache poisoning,
 (bso#14928),

Failed to parse NTLMv2_RESPONSE length 95 - Buffer Size Error -
 NT_STATUS_BUFFER_TOO_SMALL, (bso#14932),

kill_tcp_connections does not work, (bso#14934),

Can't connect to Windows shares not requiring authentication using
 KDE/Gnome, (bso#14935),

smbclient -L doesn't set 'client max protocol' to NT1 before calling the
 'Reconnecting with SMB1 for workgroup listing' path, (bso#14939),

Cross device copy of the crossrename module always fails, (bso#14940),

symlinkat function from VFS cap module always fails with an error,
 (bso#14941),

Fix possible fsp pointer deference, (bso#14942),

Missing pop_sec_ctx() in error path inside close_directory(),
 (bso#14944),

'smbd --build-options' no longer works without an smb.conf file,
 (bso#14945),

Reorganize libs packages. Split samba-libs into samba-client-libs,
 samba-libs, samba-winbind-libs and samba-ad-dc-libs, merging samba
 public libraries depending on internal samba libraries into these
 packages as there were dependency problems every time one of these public
 libraries changed its version (bsc#1192684). The devel packages are
 merged into samba-devel.

Rename package samba-core-devel to samba-devel

Update the symlink create by samba-dsdb-modules to private samba ldb
 modules following libldb2 changes from /usr/lib64/ldb/samba to
 /usr/lib64/ldb2/modules/ldb/samba

sssd was updated:

Build with the newer samba versions, (jsc#SLE-23330),

Fix a dependency loop by moving internal libraries to sssd-common
 package, (bsc#1182058),

p11-kit was updated:

Update to 0.23.2, (jsc#SLE-23330),

Fix forking issues with libffi

Fix various crashes in corner cases

Updated translations

Build fixes

Fix multiple integer overflows in rpc code (bsc#1180064 CVE-2020-29361):

Add support ... [Please see the references for more information on the vulnerabilities]");

  script_tag(name:"affected", value:"'samba' package(s) on SUSE Linux Enterprise High Availability 12-SP5, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP5.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "SLES12.0SP5") {

  if(!isnull(res = isrpmvuln(pkg:"apache2-mod_apparmor", rpm:"apache2-mod_apparmor~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"apache2-mod_apparmor-debuginfo", rpm:"apache2-mod_apparmor-debuginfo~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"apparmor-debugsource", rpm:"apparmor-debugsource~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"apparmor-docs", rpm:"apparmor-docs~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"apparmor-parser", rpm:"apparmor-parser~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"apparmor-parser-debuginfo", rpm:"apparmor-parser-debuginfo~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"apparmor-profiles", rpm:"apparmor-profiles~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"apparmor-utils", rpm:"apparmor-utils~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"ca-certificates", rpm:"ca-certificates~1_201403302107~15.3.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"gnutls-debugsource", rpm:"gnutls-debugsource~3.4.17~8.4.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libapparmor1", rpm:"libapparmor1~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libapparmor1-32bit", rpm:"libapparmor1-32bit~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libapparmor1-debuginfo", rpm:"libapparmor1-debuginfo~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libapparmor1-debuginfo-32bit", rpm:"libapparmor1-debuginfo-32bit~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libgnutls30", rpm:"libgnutls30~3.4.17~8.4.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libgnutls30-32bit", rpm:"libgnutls30-32bit~3.4.17~8.4.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libgnutls30-debuginfo", rpm:"libgnutls30-debuginfo~3.4.17~8.4.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libgnutls30-debuginfo-32bit", rpm:"libgnutls30-debuginfo-32bit~3.4.17~8.4.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libhogweed4", rpm:"libhogweed4~3.1~21.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libhogweed4-32bit", rpm:"libhogweed4-32bit~3.1~21.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libhogweed4-debuginfo", rpm:"libhogweed4-debuginfo~3.1~21.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libhogweed4-debuginfo-32bit", rpm:"libhogweed4-debuginfo-32bit~3.1~21.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libipa_hbac0", rpm:"libipa_hbac0~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libipa_hbac0-debuginfo", rpm:"libipa_hbac0-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libnettle-debugsource", rpm:"libnettle-debugsource~3.1~21.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libnettle6", rpm:"libnettle6~3.1~21.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libnettle6-32bit", rpm:"libnettle6-32bit~3.1~21.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libnettle6-debuginfo", rpm:"libnettle6-debuginfo~3.1~21.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libnettle6-debuginfo-32bit", rpm:"libnettle6-debuginfo-32bit~3.1~21.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libp11-kit0", rpm:"libp11-kit0~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libp11-kit0-32bit", rpm:"libp11-kit0-32bit~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libp11-kit0-debuginfo", rpm:"libp11-kit0-debuginfo~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libp11-kit0-debuginfo-32bit", rpm:"libp11-kit0-debuginfo-32bit~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsamba-policy-python3-devel", rpm:"libsamba-policy-python3-devel~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-python3-32bit", rpm:"libsamba-policy0-python3-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-python3", rpm:"libsamba-policy0-python3~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-python3-debuginfo-32bit", rpm:"libsamba-policy0-python3-debuginfo-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-python3-debuginfo", rpm:"libsamba-policy0-python3-debuginfo~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsss_certmap0", rpm:"libsss_certmap0~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsss_certmap0-debuginfo", rpm:"libsss_certmap0-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsss_idmap0", rpm:"libsss_idmap0~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsss_idmap0-debuginfo", rpm:"libsss_idmap0-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsss_nss_idmap-devel", rpm:"libsss_nss_idmap-devel~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsss_nss_idmap0", rpm:"libsss_nss_idmap0~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsss_nss_idmap0-debuginfo", rpm:"libsss_nss_idmap0-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsss_simpleifp0", rpm:"libsss_simpleifp0~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libsss_simpleifp0-debuginfo", rpm:"libsss_simpleifp0-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"p11-kit", rpm:"p11-kit~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"p11-kit-32bit", rpm:"p11-kit-32bit~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"p11-kit-debuginfo", rpm:"p11-kit-debuginfo~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"p11-kit-debuginfo-32bit", rpm:"p11-kit-debuginfo-32bit~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"p11-kit-debugsource", rpm:"p11-kit-debugsource~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"p11-kit-nss-trust", rpm:"p11-kit-nss-trust~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"p11-kit-tools", rpm:"p11-kit-tools~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"p11-kit-tools-debuginfo", rpm:"p11-kit-tools-debuginfo~0.23.2~8.3.2", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"pam_apparmor", rpm:"pam_apparmor~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"pam_apparmor-32bit", rpm:"pam_apparmor-32bit~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"pam_apparmor-debuginfo", rpm:"pam_apparmor-debuginfo~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"pam_apparmor-debuginfo-32bit", rpm:"pam_apparmor-debuginfo-32bit~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"perl-apparmor", rpm:"perl-apparmor~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"perl-apparmor-debuginfo", rpm:"perl-apparmor-debuginfo~2.8.2~56.6.3", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"python-sssd-config", rpm:"python-sssd-config~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"python-sssd-config-debuginfo", rpm:"python-sssd-config-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba", rpm:"samba~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-client-32bit", rpm:"samba-client-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-client", rpm:"samba-client~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-client-debuginfo-32bit", rpm:"samba-client-debuginfo-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-client-debuginfo", rpm:"samba-client-debuginfo~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-client-libs-32bit", rpm:"samba-client-libs-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-client-libs", rpm:"samba-client-libs~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-client-libs-debuginfo-32bit", rpm:"samba-client-libs-debuginfo-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-client-libs-debuginfo", rpm:"samba-client-libs-debuginfo~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-debuginfo", rpm:"samba-debuginfo~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-debugsource", rpm:"samba-debugsource~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-devel", rpm:"samba-devel~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-doc", rpm:"samba-doc~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-ldb-ldap", rpm:"samba-ldb-ldap~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-ldb-ldap-debuginfo", rpm:"samba-ldb-ldap-debuginfo~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-libs-32bit", rpm:"samba-libs-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-libs", rpm:"samba-libs~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-libs-debuginfo-32bit", rpm:"samba-libs-debuginfo-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-libs-debuginfo", rpm:"samba-libs-debuginfo~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3-32bit", rpm:"samba-libs-python3-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3", rpm:"samba-libs-python3~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3-debuginfo-32bit", rpm:"samba-libs-python3-debuginfo-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3-debuginfo", rpm:"samba-libs-python3-debuginfo~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-python3", rpm:"samba-python3~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-python3-debuginfo", rpm:"samba-python3-debuginfo~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-tool", rpm:"samba-tool~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-winbind", rpm:"samba-winbind~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-winbind-debuginfo", rpm:"samba-winbind-debuginfo~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-winbind-libs-32bit", rpm:"samba-winbind-libs-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-winbind-libs", rpm:"samba-winbind-libs~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-winbind-libs-debuginfo-32bit", rpm:"samba-winbind-libs-debuginfo-32bit~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"samba-winbind-libs-debuginfo", rpm:"samba-winbind-libs-debuginfo~4.15.4+git.324.8332acf1a63~3.54.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd", rpm:"sssd~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-ad", rpm:"sssd-ad~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-ad-debuginfo", rpm:"sssd-ad-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-common", rpm:"sssd-common~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-common-debuginfo", rpm:"sssd-common-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-dbus", rpm:"sssd-dbus~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-dbus-debuginfo", rpm:"sssd-dbus-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-debugsource", rpm:"sssd-debugsource~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-ipa", rpm:"sssd-ipa~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-ipa-debuginfo", rpm:"sssd-ipa-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-krb5", rpm:"sssd-krb5~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-krb5-common", rpm:"sssd-krb5-common~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-krb5-common-debuginfo", rpm:"sssd-krb5-common-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-krb5-debuginfo", rpm:"sssd-krb5-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-ldap", rpm:"sssd-ldap~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-ldap-debuginfo", rpm:"sssd-ldap-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-proxy", rpm:"sssd-proxy~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-proxy-debuginfo", rpm:"sssd-proxy-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-tools", rpm:"sssd-tools~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"sssd-tools-debuginfo", rpm:"sssd-tools-debuginfo~1.16.1~7.28.9", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"yast2-samba-client", rpm:"yast2-samba-client~3.1.23~3.3.1", rls:"SLES12.0SP5"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

nessus 55
fedora 2
openvas 40
freebsd 1
mageia 1
osv 9
malwarebytes 1
thn 1
ubuntu 4
cisa 2
redos 1
suse 5
rocky 3
redhat 6
oraclelinux 3
ibm 7
almalinux 1
kaspersky 2
altlinux 1
debian 1
prion 5
samba 3
alpinelinux 5
veracode 4
ubuntucve 5
redhatcve 5
cve 5
cbl_mariner 5
debiancve 5
cnvd 1
f5 3
paloalto 1
trendmicroblog 1
threatpost 1
githubexploit 1
cert 1
zdi 2
nessus
nessus
SUSE SLES12 Security Update : samba (SUSE-SU-2022:0323-1)
2022-02-04 00:00:00
FreeBSD : samba -- Multiple Vulnerabilities (8579074c-839f-11ec-a3b2-005056a311d1)
2022-02-02 00:00:00
EulerOS Virtualization 2.10.0 : samba (EulerOS-SA-2022-2038)
2022-07-15 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: samba-4.15.5-0.fc35
2022-02-02 01:26:36
[SECURITY] Fedora 34 Update: samba-4.14.12-0.fc34
2022-02-03 01:12:33
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0054)
2022-02-11 00:00:00
Fedora: Security Advisory for samba (FEDORA-2022-50da406d40)
2022-02-02 00:00:00
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-2589)
2022-10-12 00:00:00
freebsd
freebsd
samba -- Multiple Vulnerabilities
2022-01-31 00:00:00
mageia
mageia
Updated samba packages fix security vulnerability
2022-02-09 23:46:00
osv
osv
samba vulnerabilities
2022-02-01 11:52:14
Moderate: samba security, bug fix, and enhancement update
2022-05-10 08:15:39
Moderate: samba security, bug fix, and enhancement update
2022-05-10 00:00:00
malwarebytes
malwarebytes
Samba patches critical vulnerability that allows remote code execution as root
2022-02-01 15:22:52
thn
thn
New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root
2022-02-01 04:16:00
ubuntu
ubuntu
Samba vulnerabilities
2022-02-01 00:00:00
Samba vulnerability
2022-02-01 00:00:00
Samba vulnerability
2022-02-03 00:00:00
cisa
cisa
Samba Releases Security Updates
2022-02-01 00:00:00
Samba Releases Security Update
2022-01-11 00:00:00
redos
redos
ROS-20220208-01
2022-02-08 00:00:00
suse
suse
Security update for samba (important)
2022-02-01 00:00:00
Security update for p11-kit (important)
2021-12-22 00:00:00
Security update for samba (critical)
2022-02-01 00:00:00
rocky
rocky
samba security, bug fix, and enhancement update
2022-05-10 08:15:39
samba bug fix and enhancement update
2021-11-09 09:21:40
samba security and bug fix update
2022-02-01 03:32:27
redhat
redhat
(RHSA-2022:2074) Moderate: samba security, bug fix, and enhancement update
2022-05-10 08:15:39
(RHSA-2022:1756) Moderate: samba security, bug fix and enhancement update
2022-05-10 04:11:43
(RHSA-2022:0458) Critical: samba security update
2022-02-07 17:28:27
oraclelinux
oraclelinux
samba security, bug fix, and enhancement update
2022-05-17 00:00:00
samba security and bug fix update
2022-02-01 00:00:00
samba security and bug fix update
2022-02-01 00:00:00
ibm
ibm
Security Bulletin: IBM i is vulnerable to bypass security restrictions due to Samba SMB1 (CVE-2021-43566 and CVE-2021-44141)
2022-03-02 14:24:21
Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2021-43566)
2022-04-27 11:10:48
Security Bulletin: IBM Netezza for Cloud Pak for Data is vulnerable to arbitrary code execution (CVE-2021-44142).
2022-02-25 13:06:29
almalinux
almalinux
Moderate: samba security, bug fix, and enhancement update
2022-05-10 00:00:00
kaspersky
kaspersky
KLA12439 Multiple vulnerabilities in Samba
2022-01-31 00:00:00
KLA12440 OSI vulnerability in Samba
2022-01-31 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.14.12-alt1
2022-02-09 00:00:00
debian
debian
[SECURITY] [DSA 5071-1] samba security update
2022-02-11 15:11:29
prion
prion
Design/Logic Flaw
2022-01-11 16:15:00
Design/Logic Flaw
2022-08-23 16:15:00
Arbitrary file deletion
2022-02-21 18:15:00
samba
samba
Information leak via symlinks of existance of
2022-01-31 00:00:00
Symlink race error can allow directory creation
2022-01-10 00:00:00
Out-of-bounds heap read/write vulnerability
2022-01-31 00:00:00
alpinelinux
alpinelinux
CVE-2021-20316
2022-08-23 16:15:00
CVE-2021-43566
2022-01-11 16:15:00
CVE-2021-44141
2022-02-21 18:15:00
veracode
veracode
Privilege Escalation
2022-04-13 17:46:06
Directory Traversal
2022-02-03 20:44:50
Information Disclosure
2022-02-03 11:21:55
ubuntucve
ubuntucve
CVE-2021-20316
2022-08-23 00:00:00
CVE-2021-43566
2022-01-11 00:00:00
CVE-2021-44141
2022-01-31 00:00:00
redhatcve
redhatcve
CVE-2021-20316
2022-01-10 18:55:25
CVE-2021-43566
2022-01-11 05:28:47
CVE-2021-44141
2022-01-31 15:06:29
cve
cve
CVE-2021-20316
2022-08-23 16:15:00
CVE-2021-43566
2022-01-11 16:15:00
CVE-2021-44141
2022-02-21 18:15:00
cbl_mariner
cbl_mariner
CVE-2021-43566 affecting package samba 4.12.5-6
2024-05-05 09:06:37
CVE-2021-20316 affecting package samba 4.12.5-6
2024-05-05 09:06:36
CVE-2021-44141 affecting package samba 4.12.5-6
2024-05-05 09:06:37
debiancve
debiancve
CVE-2021-20316
2022-08-23 16:15:00
CVE-2021-43566
2022-01-11 16:15:00
CVE-2021-44141
2022-02-21 18:15:00
cnvd
cnvd
Samba competition condition issue vulnerability
2022-01-12 00:00:00
f5
f5
K45752041 : Samba vulnerability CVE-2021-44141
2022-02-11 00:00:00
K84695749 : Samba vulnerability CVE-2021-44142
2022-02-02 00:00:00
K08602542 : SAMBA vulnerability CVE-2022-0336
2022-02-11 00:00:00
paloalto
paloalto
Informational: Impact of the Samba Vulnerability CVE-2021-44142 on PAN-OS
2022-03-09 17:00:00
trendmicroblog
trendmicroblog
The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It
2022-02-02 00:00:00
threatpost
threatpost
Samba 'Fruit' Bug Allows RCE, Full Root User Access
2022-02-01 20:02:02
githubexploit
githubexploit
Exploit for Out-of-bounds Read in Samba
2022-03-29 17:32:25
cert
cert
Samba vfs_fruit module insecurely handles extended file attributes
2022-01-31 00:00:00
zdi
zdi
(Pwn2Own) Samba fruit_pread Out-Of-Bounds Read Information Disclosure Vulnerability
2022-02-01 00:00:00
(Pwn2Own) Samba fruit_pwrite Heap-based Buffer Overflow Remote Code Execution Vulnerability
2022-02-01 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.136 Low

EPSS

Percentile

95.6%

JSON
Related for OPENVAS:13614125623114202203231
nessus55fedora2openvas40freebsd1mageia1osv9malwarebytes1thn1ubuntu4cisa2redos1suse5rocky3redhat6oraclelinux3ibm7almalinux1kaspersky2altlinux1debian1prion5samba3alpinelinux5veracode4ubuntucve5redhatcve5cve5cbl_mariner5debiancve5cnvd1f53paloalto1trendmicroblog1threatpost1githubexploit1cert1zdi2