Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (c) 2010 Greenbone Networks GmbHOPENVAS:831116
HistoryJul 30, 2010 - 12:00 a.m.

Mandriva Update for samba MDVSA-2010:141 (samba)

2010-07-3000:00:00
Copyright (c) 2010 Greenbone Networks GmbH
plugins.openvas.org
13

0.527 Medium

EPSS

Percentile

97.3%

JSON

Check for the Version of samba

###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for samba MDVSA-2010:141 (samba)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Multiple vulnerabilities has been discovered and corrected in samba:

  The chain_reply function in process.c in smbd in Samba before 3.4.8 and
  3.5.x before 3.5.2 allows remote attackers to cause a denial of service
  (NULL pointer dereference and process crash) via a Negotiate Protocol
  request with a certain 0x0003 field value followed by a Session Setup
  AndX request with a certain 0x8003 field value (CVE-2010-1635).
  
  The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in
  Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to
  trigger an out-of-bounds read, and cause a denial of service (process
  crash), via a \xff\xff security blob length in a Session Setup AndX
  request (CVE-2010-1642).
  
  The updated packages provides samba 3.4.8 which is not vulnerable to
  these issues.";
tag_solution = "Please Install the Updated Packages.";

tag_affected = "samba on Mandriva Linux 2010.0,
  Mandriva Linux 2010.0/X86_64";


if(description)
{
  script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2010-07/msg00024.php");
  script_id(831116);
  script_version("$Revision: 8243 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $");
  script_tag(name:"creation_date", value:"2010-07-30 15:25:34 +0200 (Fri, 30 Jul 2010)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_xref(name: "MDVSA", value: "2010:141");
  script_cve_id("CVE-2010-1635", "CVE-2010-1642");
  script_name("Mandriva Update for samba MDVSA-2010:141 (samba)");

  script_tag(name: "summary" , value: "Check for the Version of samba");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("Mandrake Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "MNDK_2010.0")
{

  if ((res = isrpmvuln(pkg:"libnetapi0", rpm:"libnetapi0~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libnetapi-devel", rpm:"libnetapi-devel~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libsmbclient0", rpm:"libsmbclient0~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libsmbclient0-devel", rpm:"libsmbclient0-devel~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libsmbclient0-static-devel", rpm:"libsmbclient0-static-devel~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libsmbsharemodes0", rpm:"libsmbsharemodes0~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libsmbsharemodes-devel", rpm:"libsmbsharemodes-devel~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libwbclient0", rpm:"libwbclient0~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libwbclient-devel", rpm:"libwbclient-devel~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"mount-cifs", rpm:"mount-cifs~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"nss_wins", rpm:"nss_wins~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"samba-client", rpm:"samba-client~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"samba-common", rpm:"samba-common~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"samba-doc", rpm:"samba-doc~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"samba-server", rpm:"samba-server~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"samba-swat", rpm:"samba-swat~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"samba-winbind", rpm:"samba-winbind~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"samba", rpm:"samba~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64netapi0", rpm:"lib64netapi0~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64netapi-devel", rpm:"lib64netapi-devel~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64smbclient0", rpm:"lib64smbclient0~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64smbclient0-devel", rpm:"lib64smbclient0-devel~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64smbclient0-static-devel", rpm:"lib64smbclient0-static-devel~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64smbsharemodes0", rpm:"lib64smbsharemodes0~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64smbsharemodes-devel", rpm:"lib64smbsharemodes-devel~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64wbclient0", rpm:"lib64wbclient0~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64wbclient-devel", rpm:"lib64wbclient-devel~3.4.8~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Related

nessus 3
openvas 5
securityvulns 1
cve 2
prion 2
debiancve 2
ubuntucve 2
gentoo 1
suse 1
nessus
nessus
Samba < 3.4.8 / 3.5.2 Session Setup AndX DoS
2010-05-17 00:00:00
Mandriva Linux Security Advisory : samba (MDVSA-2010:141)
2010-07-30 00:00:00
GLSA-201206-22 : Samba: Multiple vulnerabilities
2012-06-25 00:00:00
openvas
openvas
Mandriva Update for samba MDVSA-2010:141 (samba)
2010-07-30 00:00:00
Samba < 3.4.8, 3.5.x < 3.5.2 Multiple Remote DoS Vulnerabilities
2010-05-19 00:00:00
Gentoo Security Advisory GLSA 201206-22 (Samba)
2012-08-10 00:00:00
securityvulns
securityvulns
Samba buffer overflow
2010-06-20 00:00:00
cve
cve
CVE-2010-1642
2010-06-17 16:30:00
CVE-2010-1635
2010-06-17 16:30:00
prion
prion
Out-of-bounds
2010-06-17 16:30:00
Null pointer dereference
2010-06-17 16:30:00
debiancve
debiancve
CVE-2010-1642
2010-06-17 16:30:00
CVE-2010-1635
2010-06-17 16:30:00
ubuntucve
ubuntucve
CVE-2010-1635
2010-06-17 00:00:00
CVE-2010-1642
2010-06-17 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2012-06-24 00:00:00
suse
suse
Security update for Samba (critical)
2012-03-09 17:08:16

0.527 Medium

EPSS

Percentile

97.3%

JSON
Related for OPENVAS:831116
nessus3openvas5securityvulns1cve2prion2debiancve2ubuntucve2gentoo1suse1