Lucene search
Copyright (C) 2023 Greenbone AGOPENVAS:13614125623114202301641HistoryJan 27, 2023 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2023:0164-1)
2023-01-2700:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
8
suse
security advisory
samba
update
cve-2021-20251
cve-2022-37966
cve-2022-38023
remote host
package
vulnerability
encryption
privilege escalation
suse linux enterprise
high availability
server
software development kit
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
High
EPSS
0.017
Percentile
88.2%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2023.0164.1");
script_cve_id("CVE-2021-20251", "CVE-2022-37966", "CVE-2022-38023");
script_tag(name:"creation_date", value:"2023-01-27 04:21:47 +0000 (Fri, 27 Jan 2023)");
script_version("2024-02-02T14:37:51+0000");
script_tag(name:"last_modification", value:"2024-02-02 14:37:51 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.6");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2022-11-09 22:15:16 +0000 (Wed, 09 Nov 2022)");
script_name("SUSE: Security Advisory (SUSE-SU-2023:0164-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES12\.0SP5)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2023:0164-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2023/suse-su-20230164-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'samba' package(s) announced via the SUSE-SU-2023:0164-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for samba fixes the following issues:
CVE-2021-20251: Fixed an issue where the bad password count would not be
properly incremented, which could allow attackers to brute force a
user's password (bsc#1206546).
CVE-2022-37966: Fixed an issue where a weak cipher would be selected to
encrypt session keys, which could lead to privilege escalation
(bsc#1205385).");
script_tag(name:"affected", value:"'samba' package(s) on SUSE Linux Enterprise High Availability 12-SP5, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP5.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES12.0SP5") {
if(!isnull(res = isrpmvuln(pkg:"libsamba-policy-python3-devel", rpm:"libsamba-policy-python3-devel~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-python3-32bit", rpm:"libsamba-policy0-python3-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-python3", rpm:"libsamba-policy0-python3~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-python3-debuginfo-32bit", rpm:"libsamba-policy0-python3-debuginfo-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsamba-policy0-python3-debuginfo", rpm:"libsamba-policy0-python3-debuginfo~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba", rpm:"samba~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-32bit", rpm:"samba-client-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client", rpm:"samba-client~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-debuginfo-32bit", rpm:"samba-client-debuginfo-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-debuginfo", rpm:"samba-client-debuginfo~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-libs-32bit", rpm:"samba-client-libs-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-libs", rpm:"samba-client-libs~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-libs-debuginfo-32bit", rpm:"samba-client-libs-debuginfo-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-client-libs-debuginfo", rpm:"samba-client-libs-debuginfo~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-debuginfo", rpm:"samba-debuginfo~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-debugsource", rpm:"samba-debugsource~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-devel", rpm:"samba-devel~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-doc", rpm:"samba-doc~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-ldb-ldap", rpm:"samba-ldb-ldap~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-ldb-ldap-debuginfo", rpm:"samba-ldb-ldap-debuginfo~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-32bit", rpm:"samba-libs-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs", rpm:"samba-libs~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-debuginfo-32bit", rpm:"samba-libs-debuginfo-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-debuginfo", rpm:"samba-libs-debuginfo~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3-32bit", rpm:"samba-libs-python3-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3", rpm:"samba-libs-python3~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3-debuginfo-32bit", rpm:"samba-libs-python3-debuginfo-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-libs-python3-debuginfo", rpm:"samba-libs-python3-debuginfo~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-python3", rpm:"samba-python3~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-python3-debuginfo", rpm:"samba-python3-debuginfo~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-tool", rpm:"samba-tool~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind", rpm:"samba-winbind~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-debuginfo", rpm:"samba-winbind-debuginfo~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-libs-32bit", rpm:"samba-winbind-libs-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-libs", rpm:"samba-winbind-libs~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-libs-debuginfo-32bit", rpm:"samba-winbind-libs-debuginfo-32bit~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"samba-winbind-libs-debuginfo", rpm:"samba-winbind-libs-debuginfo~4.15.13+git.534.0d9f8ece26~3.77.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : samba (SUSE-SU-2023:0222-1)
2023-02-02 00:00:00
SUSE SLES12 Security Update : samba (SUSE-SU-2023:0126-1)
2023-01-25 00:00:00
SUSE SLES12 Security Update : samba (SUSE-SU-2023:0164-1)
2023-01-27 00:00:00
openvas
openvas
openSUSE: Security Advisory for samba (SUSE-SU-2023:0222-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0126-1)
2023-01-25 00:00:00
openSUSE: Security Advisory for samba (SUSE-SU-2023:0163-1)
2024-03-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.16.8-alt1
2022-12-15 00:00:00
Security fix for the ALT Linux 10 package samba version 4.16.9-alt1
2023-03-02 00:00:00
ubuntucve
ubuntucve
fedora
fedora
[SECURITY] Fedora 37 Update: samba-4.17.4-0.fc37
2022-12-19 01:18:39
[SECURITY] Fedora 36 Update: samba-4.16.8-0.fc36
2022-12-21 01:19:35
ubuntu
ubuntu
Samba vulnerabilities
2023-01-24 00:00:00
Samba regression
2023-01-26 00:00:00
Samba vulnerabilities
2023-03-08 00:00:00
osv
osv
samba regression
2023-01-26 21:36:01
samba vulnerabilities
2023-01-24 12:58:42
ctdb-4.17.4+git.300.305b22bfce-1.1 on GA media
2024-06-15 00:00:00
slackware
slackware
[slackware-security] samba
2022-12-17 21:30:27
cisa
cisa
Samba Releases Security Updates
2022-12-16 00:00:00
thn
thn
veracode
veracode
Authentication Bypass
2022-11-17 15:20:24
Privilege Escalation
2022-12-22 10:44:34
Privilege Escalation
2023-01-06 11:13:34
cvelist
cvelist
CVE-2021-20251
2023-03-06 00:00:00
CVE-2022-38023 Netlogon RPC Elevation of Privilege Vulnerability
2022-11-09 00:00:00
cve
cve
debiancve
debiancve
redhatcve
redhatcve
prion
prion
Race condition
2023-03-06 23:15:00
Privilege escalation
2022-11-09 22:15:00
Privilege escalation
2022-11-09 22:15:00
nvd
nvd
alpinelinux
alpinelinux
CVE-2022-37966
2022-11-09 22:15:13
CVE-2022-38023
2022-11-09 22:15:16
mscve
mscve
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
2022-11-08 08:00:00
Netlogon RPC Elevation of Privilege Vulnerability
2022-11-08 08:00:00
samba
samba
rc4-hmac Kerberos session keys issued
2022-12-15 00:00:00
RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided
2022-12-15 00:00:00
amazon
amazon
Important: samba
2023-05-11 18:00:00
Important: samba
2023-05-11 17:49:00
redhat
redhat
(RHSA-2023:2136) Important: samba security update
2023-05-04 18:15:19
(RHSA-2023:0637) Important: samba security update
2023-02-07 21:15:49
(RHSA-2023:0638) Important: samba security update
2023-02-07 22:08:23
centos
centos
ctdb, libsmbclient, libwbclient, samba security update
2023-03-08 16:28:01
almalinux
almalinux
Important: samba security update
2023-02-21 00:00:00
Important: samba security update
2023-05-04 00:00:00
rocky
rocky
samba security update
2023-05-05 15:41:05
samba security update
2023-02-22 01:08:44
oraclelinux
oraclelinux
samba security update
2023-05-04 00:00:00
samba security update
2023-02-22 00:00:00
samba security update
2023-03-08 00:00:00
mageia
mageia
Updated samba packages fix security vulnerability
2023-01-24 10:58:24
avleonov
avleonov
mskb
mskb
November 8, 2022—KB5020005 (Security-only update)
2022-11-08 08:00:00
November 8, 2022—KB5020019 (Monthly Rollup)
2022-11-08 08:00:00
November 8, 2022—KB5020013 (Security-only update)
2022-11-08 08:00:00
gentoo
gentoo
Samba: Multiple Vulnerabilities
2023-09-17 00:00:00
qualysblog
qualysblog
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-05-31 17:23:24
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-05-31 17:22:48
talosblog
talosblog
kaspersky
kaspersky
KLA20045 Multiple vulnerabilities in Microsoft Products (ESU)
2022-11-08 00:00:00
KLA20047 Multiple vulnerabilities in Microsoft Windows
2022-11-08 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-3.0-0603
2023-06-26 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - November 2022
2022-11-08 20:02:57
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
High
EPSS
0.017
Percentile
88.2%
Related for OPENVAS:13614125623114202301641