(RHSA-2014:0866) Moderate: samba and samba3x security update
2014-07-09T04:00:00
ID RHSA-2014:0866 Type redhat Reporter RedHat Modified 2018-06-06T20:24:15
Description
Samba is an open-source implementation of the Server Message Block (SMB) or
Common Internet File System (CIFS) protocol, which allows PC-compatible
machines to share files, printers, and other information.
A denial of service flaw was found in the way the sys_recvfile() function
of nmbd, the NetBIOS message block daemon, processed non-blocking sockets.
An attacker could send a specially crafted packet that, when processed,
would cause nmbd to enter an infinite loop and consume an excessive amount
of CPU time. (CVE-2014-0244)
It was discovered that smbd, the Samba file server daemon, did not properly
handle certain files that were stored on the disk and used a valid Unicode
character in the file name. An attacker able to send an authenticated
non-Unicode request that attempted to read such a file could cause smbd to
crash. (CVE-2014-3493)
Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for
reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493.
The Samba project acknowledges Simon Arlott as the original reporter of
CVE-2014-3493.
All Samba users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing this
update, the smb service will be restarted automatically.
{"cve": [{"lastseen": "2021-02-02T06:14:29", "description": "The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.", "edition": 4, "cvss3": {}, "published": "2014-06-23T14:55:00", "title": "CVE-2014-3493", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.7, "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3493"], "modified": "2018-10-09T19:44:00", "cpe": ["cpe:/a:samba:samba:4.0.6", "cpe:/a:samba:samba:4.0.8", "cpe:/a:samba:samba:4.1.4", "cpe:/a:samba:samba:4.1.8", "cpe:/a:samba:samba:4.1.5", "cpe:/a:samba:samba:3.6.13", "cpe:/a:samba:samba:3.6.18", "cpe:/a:samba:samba:4.0.4", "cpe:/a:samba:samba:4.0.15", "cpe:/a:samba:samba:3.6.19", "cpe:/a:samba:samba:3.6.7", "cpe:/a:samba:samba:3.6.21", "cpe:/a:samba:samba:4.0.12", "cpe:/a:samba:samba:4.0.3", "cpe:/a:samba:samba:4.1.1", "cpe:/a:samba:samba:4.0.2", "cpe:/a:samba:samba:4.0.7", "cpe:/a:samba:samba:3.6.2", "cpe:/a:samba:samba:3.6.14", "cpe:/a:samba:samba:4.0.16", "cpe:/a:samba:samba:3.6.12", "cpe:/a:samba:samba:4.0.11", "cpe:/a:samba:samba:4.0.9", "cpe:/a:samba:samba:3.6.10", "cpe:/a:samba:samba:4.1.6", "cpe:/a:samba:samba:3.6.9", "cpe:/a:samba:samba:3.6.0", "cpe:/a:samba:samba:4.0.10", "cpe:/a:samba:samba:4.1.0", "cpe:/a:samba:samba:3.6.11", "cpe:/a:samba:samba:4.0.14", "cpe:/a:samba:samba:4.1.7", "cpe:/a:samba:samba:4.0.1", "cpe:/a:samba:samba:3.6.1", "cpe:/a:samba:samba:3.6.17", "cpe:/a:samba:samba:3.6.20", "cpe:/a:samba:samba:3.6.3", "cpe:/a:samba:samba:3.6.8", "cpe:/a:samba:samba:4.0.5", "cpe:/a:samba:samba:4.0.13", "cpe:/a:samba:samba:3.6.6", "cpe:/a:samba:samba:3.6.16", "cpe:/a:samba:samba:3.6.22", "cpe:/a:samba:samba:3.6.4", "cpe:/a:samba:samba:3.6.15", "cpe:/a:samba:samba:3.6.23", "cpe:/a:samba:samba:4.0.0", "cpe:/a:samba:samba:3.6.5", "cpe:/a:samba:samba:4.0.17", "cpe:/a:samba:samba:4.0.18", "cpe:/a:samba:samba:4.1.3", "cpe:/a:samba:samba:4.1.2"], "id": "CVE-2014-3493", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3493", "cvss": {"score": 2.7, "vector": "AV:A/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:samba:samba:3.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.19:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.23:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:14:24", "description": "The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.", "edition": 4, "cvss3": {}, "published": "2014-06-23T14:55:00", "title": "CVE-2014-0244", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0244"], "modified": "2018-10-09T19:41:00", "cpe": ["cpe:/a:samba:samba:4.0.6", "cpe:/a:samba:samba:4.0.8", "cpe:/a:samba:samba:4.1.4", "cpe:/a:samba:samba:4.1.8", "cpe:/a:samba:samba:4.1.5", "cpe:/a:samba:samba:3.6.13", "cpe:/a:samba:samba:3.6.18", "cpe:/a:samba:samba:4.0.4", "cpe:/a:samba:samba:4.0.15", "cpe:/a:samba:samba:3.6.19", "cpe:/a:samba:samba:3.6.7", "cpe:/a:samba:samba:3.6.21", "cpe:/a:samba:samba:4.0.12", "cpe:/a:samba:samba:4.0.3", "cpe:/a:samba:samba:4.1.1", "cpe:/a:samba:samba:4.0.2", "cpe:/a:samba:samba:4.0.7", "cpe:/a:samba:samba:3.6.2", "cpe:/a:samba:samba:3.6.14", "cpe:/a:samba:samba:4.0.16", "cpe:/a:samba:samba:3.6.12", "cpe:/a:samba:samba:4.0.11", "cpe:/a:samba:samba:4.0.9", "cpe:/a:samba:samba:3.6.10", "cpe:/a:samba:samba:4.1.6", "cpe:/a:samba:samba:3.6.9", "cpe:/a:samba:samba:3.6.0", "cpe:/a:samba:samba:4.0.10", "cpe:/a:samba:samba:4.1.0", "cpe:/a:samba:samba:3.6.11", "cpe:/a:samba:samba:4.0.14", "cpe:/a:samba:samba:4.1.7", "cpe:/a:samba:samba:4.0.1", "cpe:/a:samba:samba:3.6.1", "cpe:/a:samba:samba:3.6.17", "cpe:/a:samba:samba:3.6.20", "cpe:/a:samba:samba:3.6.3", "cpe:/a:samba:samba:3.6.8", "cpe:/a:samba:samba:4.0.5", "cpe:/a:samba:samba:4.0.13", "cpe:/a:samba:samba:3.6.6", "cpe:/a:samba:samba:3.6.16", "cpe:/a:samba:samba:3.6.22", "cpe:/a:samba:samba:3.6.4", "cpe:/a:samba:samba:3.6.15", "cpe:/a:samba:samba:3.6.23", "cpe:/a:samba:samba:4.0.0", "cpe:/a:samba:samba:3.6.5", "cpe:/a:samba:samba:4.0.17", "cpe:/a:samba:samba:4.0.18", "cpe:/a:samba:samba:4.1.3", "cpe:/a:samba:samba:4.1.2"], "id": "CVE-2014-0244", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0244", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:samba:samba:3.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.19:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.23:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-06-08T00:16:36", "bulletinFamily": "software", "cvelist": ["CVE-2014-0244"], "edition": 1, "description": "\nTo find out whether F5 has determined that your release is vulnerable, and to obtain information about releases or hotfixes that resolve the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | None | 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 | None \nBIG-IP AAM | None | 11.4.0 - 11.5.1 | None \nBIG-IP AFM | None | 11.3.0 - 11.5.1 | None \nBIG-IP Analytics | None | 11.0.0 - 11.5.1 | None \nBIG-IP APM | None | 11.0.0 - 11.5.1 \n10.1.0 - 10.2.4 | None \nBIG-IP ASM | None | 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 | None \nBIG-IP Edge Gateway | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None \nBIG-IP GTM | None | 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 | None \nBIG-IP Link Controller | None | 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 | None \nBIG-IP PEM | None | 11.3.0 - 11.5.1 | None \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | None \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | None \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | None \nARX | None | 6.0.0 - 6.4.0 | None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 | None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | None \nBIG-IQ Cloud | None | 4.0.0 - 4.3.0 | None \nBIG-IQ Device | None | 4.2.0 - 4.3.0 | None \nBIG-IQ Security | None | 4.0.0 - 4.3.0 | None \nLineRate | None | 2.2.0 - 2.5.0 \n1.6.0 - 1.6.4 \n| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n", "modified": "2016-06-28T23:14:00", "published": "2014-07-24T03:59:00", "href": "https://support.f5.com/csp/article/K15439", "id": "F5:K15439", "type": "f5", "title": "Samba vulnerability CVE-2014-0244", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:03", "bulletinFamily": "software", "cvelist": ["CVE-2014-0244"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "modified": "2016-06-28T00:00:00", "published": "2014-07-23T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15439.html", "id": "SOL15439", "title": "SOL15439 - Samba vulnerability CVE-2014-0244", "type": "f5", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-12-20T18:26:01", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "description": "**CentOS Errata and Security Advisory** CESA-2014:0866\n\n\nSamba is an open-source implementation of the Server Message Block (SMB) or\nCommon Internet File System (CIFS) protocol, which allows PC-compatible\nmachines to share files, printers, and other information.\n\nA denial of service flaw was found in the way the sys_recvfile() function\nof nmbd, the NetBIOS message block daemon, processed non-blocking sockets.\nAn attacker could send a specially crafted packet that, when processed,\nwould cause nmbd to enter an infinite loop and consume an excessive amount\nof CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not properly\nhandle certain files that were stored on the disk and used a valid Unicode\ncharacter in the file name. An attacker able to send an authenticated\nnon-Unicode request that attempted to read such a file could cause smbd to\ncrash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for\nreporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493.\nThe Samba project acknowledges Simon Arlott as the original reporter of\nCVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the smb service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-July/032442.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-July/032443.html\n\n**Affected packages:**\nlibsmbclient\nlibsmbclient-devel\nsamba\nsamba-client\nsamba-common\nsamba-doc\nsamba-domainjoin-gui\nsamba-swat\nsamba-winbind\nsamba-winbind-clients\nsamba-winbind-devel\nsamba-winbind-krb5-locator\nsamba3x\nsamba3x-client\nsamba3x-common\nsamba3x-doc\nsamba3x-domainjoin-gui\nsamba3x-swat\nsamba3x-winbind\nsamba3x-winbind-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0866.html", "edition": 3, "modified": "2014-07-09T18:25:19", "published": "2014-07-09T18:04:17", "href": "http://lists.centos.org/pipermail/centos-announce/2014-July/032442.html", "id": "CESA-2014:0866", "title": "libsmbclient, samba, samba3x security update", "type": "centos", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:26:20", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "description": "**CentOS Errata and Security Advisory** CESA-2014:0867\n\n\nSamba is an open-source implementation of the Server Message Block (SMB) or\nCommon Internet File System (CIFS) protocol, which allows PC-compatible\nmachines to share files, printers, and other information.\n\nA denial of service flaw was found in the way the sys_recvfile() function\nof nmbd, the NetBIOS message block daemon, processed non-blocking sockets.\nAn attacker could send a specially crafted packet that, when processed,\nwould cause nmbd to enter an infinite loop and consume an excessive amount\nof CPU time. (CVE-2014-0244)\n\nA flaw was found in the way Samba created responses for certain\nauthenticated client requests when a shadow-copy VFS module was enabled.\nAn attacker able to send an authenticated request could use this flaw to\ndisclose limited portions of memory per each request. (CVE-2014-0178)\n\nIt was discovered that smbd, the Samba file server daemon, did not properly\nhandle certain files that were stored on the disk and used a valid Unicode\ncharacter in the file name. An attacker able to send an authenticated\nnon-Unicode request that attempted to read such a file could cause smbd to\ncrash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for\nreporting CVE-2014-0244, and the Samba project for reporting CVE-2014-0178\nand CVE-2014-3493. The Samba project acknowledges Christof Schmitt as the\noriginal reporter of CVE-2014-0178, and Simon Arlott as the original\nreporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the smb service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-July/032445.html\n\n**Affected packages:**\nlibsmbclient\nlibsmbclient-devel\nlibwbclient\nlibwbclient-devel\nsamba\nsamba-client\nsamba-common\nsamba-dc\nsamba-dc-libs\nsamba-devel\nsamba-libs\nsamba-pidl\nsamba-python\nsamba-test\nsamba-test-devel\nsamba-vfs-glusterfs\nsamba-winbind\nsamba-winbind-clients\nsamba-winbind-krb5-locator\nsamba-winbind-modules\n\n**Upstream details at:**\n", "edition": 3, "modified": "2014-07-09T19:41:16", "published": "2014-07-09T19:41:16", "href": "http://lists.centos.org/pipermail/centos-announce/2014-July/032445.html", "id": "CESA-2014:0867", "title": "libsmbclient, libwbclient, samba security update", "type": "centos", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2019-12-20T18:29:37", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0178", "CVE-2014-3560", "CVE-2014-3493", "CVE-2014-0244"], "description": "**CentOS Errata and Security Advisory** CESA-2014:1009\n\n\nSamba is an open-source implementation of the Server Message Block (SMB) or\nCommon Internet File System (CIFS) protocol, which allows PC-compatible\nmachines to share files, printers, and other information.\n\nA heap-based buffer overflow flaw was found in Samba's NetBIOS message\nblock daemon (nmbd). An attacker on the local network could use this flaw\nto send specially crafted packets that, when processed by nmbd, could\npossibly lead to arbitrary code execution with root privileges.\n(CVE-2014-3560)\n\nAll Samba users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the smb service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-August/032503.html\n\n**Affected packages:**\nsamba4\nsamba4-client\nsamba4-common\nsamba4-dc\nsamba4-dc-libs\nsamba4-devel\nsamba4-libs\nsamba4-pidl\nsamba4-python\nsamba4-swat\nsamba4-test\nsamba4-winbind\nsamba4-winbind-clients\nsamba4-winbind-krb5-locator\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1009.html", "edition": 5, "modified": "2014-08-05T19:48:16", "published": "2014-08-05T19:48:16", "href": "http://lists.centos.org/pipermail/centos-announce/2014-August/032503.html", "id": "CESA-2014:1009", "title": "samba4 security update", "type": "centos", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:22", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "description": "[3.6.9-169]\r\n- resolves: #1105499 - CVE-2014-0244: DoS in nmbd.\r\n- resolves: #1108840 - CVE-2014-3493: DoS in smbd with unicode path names.", "edition": 4, "modified": "2014-07-09T00:00:00", "published": "2014-07-09T00:00:00", "id": "ELSA-2014-0866", "href": "http://linux.oracle.com/errata/ELSA-2014-0866.html", "title": "samba and samba3x security update", "type": "oraclelinux", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:32", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "description": "[4.1.1-35]\n- resolves: #1105504 - CVE-2014-0244: DoS in nmbd.\n- resolves: #1108844 - CVE-2014-3493: DoS in smbd with unicode path names.\n- resolves: #1105573 - CVE-2014-0178: Uninitialized memory exposure.\n[4.1.1-33]\n- related: #717484 - Add missing configure line to enable profiling data support.\n[4.1.1-32]\n- related: #1082653 - Reuse IPv6 address during the AD domain join.", "edition": 4, "modified": "2014-07-23T00:00:00", "published": "2014-07-23T00:00:00", "id": "ELSA-2014-0867", "href": "http://linux.oracle.com/errata/ELSA-2014-0867.html", "title": "samba security update", "type": "oraclelinux", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:35", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0178", "CVE-2014-3560", "CVE-2014-3493", "CVE-2014-0244"], "description": "[4.0.0-63.rc4]\n- resolves: #1126011 - CVE-2014-3560: remote code execution in nmbd.\n[4.0.0-62.rc4]\n- resolves: #1105501 - CVE-2014-0244: DoS in nmbd.\n- resolves: #1108842 - CVE-2014-3493: DoS in smbd with unicode path names.\n- resolves: #1105571 - CVE-2014-0178: Uninitialized memory exposure.", "edition": 4, "modified": "2014-08-05T00:00:00", "published": "2014-08-05T00:00:00", "id": "ELSA-2014-1009", "href": "http://linux.oracle.com/errata/ELSA-2014-1009.html", "title": "samba4 security update", "type": "oraclelinux", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:49", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5330", "CVE-2016-2125", "CVE-2016-2112", "CVE-2016-2118", "CVE-2013-4496", "CVE-2015-7560", "CVE-2017-12150", "CVE-2016-2126", "CVE-2017-7494", "CVE-2018-1050", "CVE-2014-3493", "CVE-2017-12163", "CVE-2013-4408", "CVE-2015-5296", "CVE-2015-5252", "CVE-2017-2619", "CVE-2013-6442", "CVE-2014-0244", "CVE-2016-2110", "CVE-2012-6150", "CVE-2015-0240", "CVE-2016-2115", "CVE-2015-5370", "CVE-2015-5299", "CVE-2016-2111"], "description": "[3.6.23-51.0.1]\n- Remove use-after-free talloc_tos() inlined function problem (John Haxby) [orabug 18253258]\n[3.6.24-51]\n- resolves: #1513877 - Fix memory leak in winbind\n[3.6.24-50]\n- resolves: #1553018 - Fix CVE-2018-1050\n[3.6.24-49]\n- resolves: #1536053 - Fix regression with non-wide symlinks to directories\n[3.6.24-48]\n- resolves: #1519884 - Fix segfault in winbind when querying groups\n[3.6.24-47]\n- resolves: #1413484 - Fix guest login with signing required\n[3.6.24-46]\n- resolves: #1509455 - Fix regression of CVE-2017-2619\n[3.6.24-45]\n- resolves: #1491211 - CVE-2017-2619 CVE-2017-12150 CVE-2017-12163\n[3.6.24-44]\n- resolves: #1451105 - Fix trusted domain handling in winbind\n- resolves: #1431000 - Fix crash while trying to authenticate with a disabled\n account\n- resolves: #1467395 - Add 'winbind request timeout' option\n[3.6.23-43]\n- resolves: #1450783 - Fix CVE-2017-7494\n[3.6.23-42]\n- resolves: #1391256 - Performance issues with vfs_dirsort and extended\n attributes\n[3.6.23-41]\n- resolves: #1413672 - Auth regression after secret changed\n[3.6.23-40]\n- resolves: #1405356 - CVE-2016-2125 CVE-2016-2126\n[3.6.23-39]\n- resolves: #1297805 - Fix issues with printer unpublishing from AD\n[3.6.23-38]\n- resolves: #1347843 - Fix RPC queryUserList returning NO_MEMORY for\n empty list\n[3.6.23-37]\n- resolves: #1380151 - Fix memory leak in idmap_ad module\n- resolves: #1333561 - Fix smbclient connection issues to DFS shares\n- resolves: #1372611 - Allow ntlmsssp session key setup without signing\n (Workaround for broken NetApp and EMC NAS)\n[3.6.23-35]\n- resolves: #1282289 - Fix winbind memory leak with each cached creds login\n[3.6.23-34]\n- resolves: #1327697 - Fix netlogon credential checks\n- resolves: #1327746 - Fix dcerpc trailer verificaton\n[3.6.23-33]\n- related: #1322687 - Update CVE patchset\n[3.6.23-32]\n- related: #1322687 - Update manpages\n[3.6.23-31]\n- related: #1322687 - Update CVE patchset\n[3.6.23-30]\n- related: #1322687 - Update CVE patchset\n[3.6.23-29]\n- resolves: #1322687 - Fix CVE-2015-5370\n- resolves: #1322687 - Fix CVE-2016-2110\n- resolves: #1322687 - Fix CVE-2016-2111\n- resolves: #1322687 - Fix CVE-2016-2112\n- resolves: #1322687 - Fix CVE-2016-2115\n- resolves: #1322687 - Fix CVE-2016-2118 (Known as Badlock)\n[3.6.23-28]\n- resolves: #1305870 - Fix symlink verification\n[3.6.23-27]\n- resolves: #1314671 - Fix CVE-2015-7560\n[3.6.23-26]\n- resolves: #1211744 - Fix DFS client access with Windows Server 2008\n[3.6.23-25]\n- resolves: #1242614 - Fix unmappable S-1-18-1 sid truncates group lookups\n[3.6.23-24]\n- resolves: #1271763 - Fix segfault in NTLMv2_generate_names_blob()\n- resolves: #1261265 - Add '--no-dns-updates' option for 'net ads join'\n[3.6.23-23]\n- resolves: #1290707 - CVE-2015-5299\n- related: #1290707 - CVE-2015-5296\n- related: #1290707 - CVE-2015-5252\n- related: #1290707 - CVE-2015-5330\n[3.6.23-22]\n- resolves: #1232021 - Do not overwrite smb.conf manpage\n- resolves: #1216060 - Document netbios name length limitations\n- resolves: #1234249 - Fix 'map to guest = Bad Uid' option\n- resolves: #1219570 - Fix 'secuirtiy = server' (obsolete) share access\n- resolves: #1211657 - Fix stale cache entries if a printer gets renamed\n[3.6.23-21]\n- resolves: #1252180 - Fix 'force group' with 'winbind use default domain'.\n- resolves: #1250100 - Fix segfault in pam_winbind if option parsing fails\n- resolves: #1222985 - Fix segfault with 'mangling method = hash' option\n[3.6.23-20]\n- resolves: #1164269 - Fix rpcclient timeout command.\n[3.6.23-19]\n- resolves: #1201611 - Fix 'force user' with 'winbind use default domain'.\n[3.6.23-18]\n- resolves: #1194549 - Fix winbind caching issue and support SID compression.\n[3.6.23-17]\n- resolves: #1192211 - Fix restoring shadow copy snapshot with SMB2.\n[3.6.23-16]\n- resolves: #1117059 - Fix nss group enumeration with unresolved groups.\n[3.6.23-15]\n- resolves: #1165750 - Fix guid retrieval for published printers.\n- resolves: #1163383 - Fix 'net ads join -k' with existing keytab entries.\n- resolves: #1195456 - Fix starting daemons on read only filesystems.\n- resolves: #1138552 - Fix CPU utilization when re-reading the printcap info.\n- resolves: #1144916 - Fix smbclient NTLMv2 authentication.\n- resolves: #1164336 - Document 'sharesec' command for\n 'access based share enum' option.\n[3.6.23-14]\n- related: #1191339 - Update patchset for CVE-2015-0240.\n[3.6.23-13]\n- resolves: #1191339 - CVE-2015-0240: RCE in netlogon.\n[3.6.23-12]\n- resolves: #1127723 - Fix samlogon secure channel recovery.\n[3.6.23-11]\n- resolves: #1129006 - Add config variables to set spoolss os version.\n[3.6.23-10]\n- resolves: #1124835 - Fix dropbox share.\n[3.6.23-9]\n- related: #1053886 - Fix receiving the gecos field with winbind.\n[3.6.23-8]\n- resolves: #1110733 - Fix write operations as guest with 'security = share'.\n- resolves: #1053886 - Fix receiving the gecos field with winbind.\n[3.6.23-7]\n- resolves: #1107777 - Fix SMB2 with 'case sensitive = True'\n[3.6.23-6]\n- resolves: #1105500 - CVE-2014-0244: DoS in nmbd.\n- resolves: #1108841 - CVE-2014-3493: DoS in smbd with unicode path names.\n[3.6.23-5]\n- related: #1061301 - Only link glusterfs libraries to vfs module.\n[3.6.23-4]\n- resolves: #1051656 - Fix gecos field copy debug warning.\n- resolves: #1061301 - Add glusterfs vfs module.\n- resolves: #1087472 - Fix libsmbclient crash when HOME variable isnt set.\n- resolves: #1099443 - 'net ads testjoin' fails with IPv6.\n- resolves: #1100670 - Fix 'force user' with 'security = ads'.\n- resolves: #1096522 - Fix enabling SMB2 causes file operations to fail.\n[3.6.23-3]\n- resolves: #1081539 - Add timeout option to smbclient.\n[3.6.23-2]\n- resolves: #1022534 - Do not build Samba with fam support.\n- resolves: #1059301 - Fix nbt query with many components.\n- resolves: #1057332 - Fix force user with guest account.\n- resolves: #1021706 - Fix %G substitution in 'template homedir'.\n- resolves: #1040472 - Fix group expansion in service path.\n- resolves: #1069570 - Fix memory leak reading printer list.\n- resolves: #1067607 - Fix wbinfo -i with one-way trusts.\n- resolves: #1050887 - Fix 100% CPU utilization in winbindd when trying to\n free memory in winbindd_reinit_after_fork.\n- resolves: #1029000 - Fix 'force user' with 'security = ads'.\n[3.6.23-1]\n- resolves: #1073356 - Fix CVE-2013-4496, CVE-2012-6150 and CVE-2013-6442.\n- resolves: #1018038 - Fix CVE-2013-4408.\n[3.6.22-1]\n- resolves: #1003921 - Rebase Samba to 3.6.22.\n- resolves: #1035332 - Fix force user with 'security = user'.", "edition": 4, "modified": "2018-06-25T00:00:00", "published": "2018-06-25T00:00:00", "id": "ELSA-2018-1860", "href": "http://linux.oracle.com/errata/ELSA-2018-1860.html", "title": "samba security and bug fix update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:27", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "description": "\nThe samba project reports:\n\nA malformed packet can cause the nmbd server to loop the CPU and\n\t prevent any further NetBIOS name service.\nValid unicode path names stored on disk can cause smbd to\n\t crash if an authenticated client attempts to read them\n\t using a non-unicode request.\n\n", "edition": 4, "modified": "2014-06-23T00:00:00", "published": "2014-06-23T00:00:00", "id": "6AD309D9-FB03-11E3-BEBD-000C2980A9F3", "href": "https://vuxml.freebsd.org/freebsd/6ad309d9-fb03-11e3-bebd-000c2980a9f3.html", "title": "samba -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-07T10:45:09", "description": "The samba project reports :\n\nA malformed packet can cause the nmbd server to loop the CPU and\nprevent any further NetBIOS name service.\n\nValid unicode path names stored on disk can cause smbd to crash if an\nauthenticated client attempts to read them using a non-unicode\nrequest.", "edition": 21, "published": "2014-06-24T00:00:00", "title": "FreeBSD : samba -- multiple vulnerabilities (6ad309d9-fb03-11e3-bebd-000c2980a9f3)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "modified": "2014-06-24T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:samba36", "p-cpe:/a:freebsd:freebsd:samba41", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:samba4"], "id": "FREEBSD_PKG_6AD309D9FB0311E3BEBD000C2980A9F3.NASL", "href": "https://www.tenable.com/plugins/nessus/76196", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76196);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n\n script_name(english:\"FreeBSD : samba -- multiple vulnerabilities (6ad309d9-fb03-11e3-bebd-000c2980a9f3)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The samba project reports :\n\nA malformed packet can cause the nmbd server to loop the CPU and\nprevent any further NetBIOS name service.\n\nValid unicode path names stored on disk can cause smbd to crash if an\nauthenticated client attempts to read them using a non-unicode\nrequest.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2014-0244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2014-3493\"\n );\n # https://vuxml.freebsd.org/freebsd/6ad309d9-fb03-11e3-bebd-000c2980a9f3.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f14be052\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba41\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"samba36<3.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba4<4.0.19\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba41<4.1.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:48:23", "description": "A denial of service flaw was found in the way the sys_recvfile()\nfunction of nmbd, the NetBIOS message block daemon, processed\nnon-blocking sockets. An attacker could send a specially crafted\npacket that, when processed, would cause nmbd to enter an infinite\nloop and consume an excessive amount of CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not\nproperly handle certain files that were stored on the disk and used a\nvalid Unicode character in the file name. An attacker able to send an\nauthenticated non-Unicode request that attempted to read such a file\ncould cause smbd to crash. (CVE-2014-3493)\n\nAfter installing this update, the smb service will be restarted\nautomatically.", "edition": 14, "published": "2014-07-10T00:00:00", "title": "Scientific Linux Security Update : samba and samba3x on SL5.x, SL6.x i386/srpm/x86_64 (20140709)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "modified": "2014-07-10T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:samba3x-doc", "p-cpe:/a:fermilab:scientific_linux:samba-domainjoin-gui", "p-cpe:/a:fermilab:scientific_linux:samba3x-domainjoin-gui", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-krb5-locator", "p-cpe:/a:fermilab:scientific_linux:samba3x-winbind", "p-cpe:/a:fermilab:scientific_linux:samba3x-debuginfo", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-devel", "p-cpe:/a:fermilab:scientific_linux:libsmbclient-devel", "p-cpe:/a:fermilab:scientific_linux:samba-common", "p-cpe:/a:fermilab:scientific_linux:samba3x-common", "p-cpe:/a:fermilab:scientific_linux:samba-client", "p-cpe:/a:fermilab:scientific_linux:samba3x-swat", "p-cpe:/a:fermilab:scientific_linux:samba3x", "p-cpe:/a:fermilab:scientific_linux:samba-swat", "p-cpe:/a:fermilab:scientific_linux:samba-winbind", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-clients", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:samba3x-winbind-devel", "p-cpe:/a:fermilab:scientific_linux:samba-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libsmbclient", "p-cpe:/a:fermilab:scientific_linux:samba", "p-cpe:/a:fermilab:scientific_linux:samba-doc", "p-cpe:/a:fermilab:scientific_linux:samba3x-client"], "id": "SL_20140709_SAMBA_AND_SAMBA3X_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/76449", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76449);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n\n script_name(english:\"Scientific Linux Security Update : samba and samba3x on SL5.x, SL6.x i386/srpm/x86_64 (20140709)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the way the sys_recvfile()\nfunction of nmbd, the NetBIOS message block daemon, processed\nnon-blocking sockets. An attacker could send a specially crafted\npacket that, when processed, would cause nmbd to enter an infinite\nloop and consume an excessive amount of CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not\nproperly handle certain files that were stored on the disk and used a\nvalid Unicode character in the file name. An attacker able to send an\nauthenticated non-Unicode request that attempted to read such a file\ncould cause smbd to crash. (CVE-2014-3493)\n\nAfter installing this update, the smb service will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1407&L=scientific-linux-errata&T=0&P=554\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ac761c1a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba3x-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-client-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-common-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-debuginfo-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-debuginfo-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-doc-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-domainjoin-gui-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-swat-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-winbind-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"samba3x-winbind-devel-3.6.6-0.140.el5_10\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"libsmbclient-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libsmbclient-devel-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-client-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-common-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-debuginfo-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-debuginfo-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-doc-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-domainjoin-gui-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-swat-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-winbind-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-winbind-clients-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-winbind-devel-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"samba-winbind-krb5-locator-3.6.9-169.el6_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:01:12", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The sys_recvfrom function in nmbd in Samba 3.6.x before\n 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9\n allows remote attackers to cause a denial of service\n (infinite loop and CPU consumption) via a malformed UDP\n packet. (CVE-2014-0244)\n\n - The push_ascii function in smbd in Samba 3.6.x before\n 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9\n allows remote authenticated users to cause a denial of\n service (memory corruption and daemon crash) via an\n attempt to read a Unicode pathname without specifying\n use of Unicode, leading to a character-set conversion\n failure that triggers an invalid pointer dereference.\n (CVE-2014-3493)", "edition": 24, "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : samba (multiple_vulnerabilities_in_samba1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "modified": "2015-01-19T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.2", "p-cpe:/a:oracle:solaris:samba"], "id": "SOLARIS11_SAMBA_20140915_2.NASL", "href": "https://www.tenable.com/plugins/nessus/80769", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80769);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : samba (multiple_vulnerabilities_in_samba1)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The sys_recvfrom function in nmbd in Samba 3.6.x before\n 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9\n allows remote attackers to cause a denial of service\n (infinite loop and CPU consumption) via a malformed UDP\n packet. (CVE-2014-0244)\n\n - The push_ascii function in smbd in Samba 3.6.x before\n 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9\n allows remote authenticated users to cause a denial of\n service (memory corruption and daemon crash) via an\n attempt to read a Unicode pathname without specifying\n use of Unicode, leading to a character-set conversion\n failure that triggers an invalid pointer dereference.\n (CVE-2014-3493)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-samba\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bbca196e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.2.1.5.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:samba\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^samba$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.2.1.0.5.0\", sru:\"SRU 11.2.1.5.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : samba\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_note(port:0, extra:error_extra);\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"samba\");\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:14:43", "description": "Updated samba3x and samba packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA denial of service flaw was found in the way the sys_recvfile()\nfunction of nmbd, the NetBIOS message block daemon, processed\nnon-blocking sockets. An attacker could send a specially crafted\npacket that, when processed, would cause nmbd to enter an infinite\nloop and consume an excessive amount of CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not\nproperly handle certain files that were stored on the disk and used a\nvalid Unicode character in the file name. An attacker able to send an\nauthenticated non-Unicode request that attempted to read such a file\ncould cause smbd to crash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL\nfor reporting CVE-2014-0244, and the Samba project for reporting\nCVE-2014-3493. The Samba project acknowledges Simon Arlott as the\noriginal reporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the smb service will be restarted\nautomatically.", "edition": 23, "published": "2014-07-10T00:00:00", "title": "RHEL 5 / 6 : samba and samba3x (RHSA-2014:0866)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "modified": "2014-07-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:samba3x-winbind", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6.5", "p-cpe:/a:redhat:enterprise_linux:samba3x-domainjoin-gui", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba3x-common", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba3x-doc", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba3x-swat", "p-cpe:/a:redhat:enterprise_linux:samba3x-client", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:samba3x-debuginfo", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-debuginfo", "p-cpe:/a:redhat:enterprise_linux:samba3x", "p-cpe:/a:redhat:enterprise_linux:samba-domainjoin-gui", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:samba3x-winbind-devel", "p-cpe:/a:redhat:enterprise_linux:samba-swat", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-doc"], "id": "REDHAT-RHSA-2014-0866.NASL", "href": "https://www.tenable.com/plugins/nessus/76447", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0866. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76447);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n script_bugtraq_id(68148, 68150);\n script_xref(name:\"RHSA\", value:\"2014:0866\");\n\n script_name(english:\"RHEL 5 / 6 : samba and samba3x (RHSA-2014:0866)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba3x and samba packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA denial of service flaw was found in the way the sys_recvfile()\nfunction of nmbd, the NetBIOS message block daemon, processed\nnon-blocking sockets. An attacker could send a specially crafted\npacket that, when processed, would cause nmbd to enter an infinite\nloop and consume an excessive amount of CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not\nproperly handle certain files that were stored on the disk and used a\nvalid Unicode character in the file name. An attacker able to send an\nauthenticated non-Unicode request that attempted to read such a file\ncould cause smbd to crash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL\nfor reporting CVE-2014-0244, and the Samba project for reporting\nCVE-2014-3493. The Samba project acknowledges Simon Arlott as the\noriginal reporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the smb service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2014-0244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2014-3493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3493\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba3x-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0866\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-client-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-client-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-client-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-common-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-common-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-common-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"samba3x-debuginfo-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-doc-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-doc-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-doc-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-domainjoin-gui-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-domainjoin-gui-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-domainjoin-gui-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"samba3x-swat-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"samba3x-swat-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"samba3x-swat-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"samba3x-winbind-3.6.6-0.140.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"samba3x-winbind-devel-3.6.6-0.140.el5_10\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"libsmbclient-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libsmbclient-devel-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-client-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-client-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-client-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"samba-common-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"samba-debuginfo-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-doc-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-doc-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-doc-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-domainjoin-gui-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-domainjoin-gui-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-domainjoin-gui-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-swat-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-swat-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-swat-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-winbind-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-winbind-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"samba-winbind-clients-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"samba-winbind-devel-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"samba-winbind-krb5-locator-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"samba-winbind-krb5-locator-3.6.9-169.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-3.6.9-169.el6_5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n }\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:49:04", "description": "From Red Hat Security Advisory 2014:0866 :\n\nUpdated samba3x and samba packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA denial of service flaw was found in the way the sys_recvfile()\nfunction of nmbd, the NetBIOS message block daemon, processed\nnon-blocking sockets. An attacker could send a specially crafted\npacket that, when processed, would cause nmbd to enter an infinite\nloop and consume an excessive amount of CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not\nproperly handle certain files that were stored on the disk and used a\nvalid Unicode character in the file name. An attacker able to send an\nauthenticated non-Unicode request that attempted to read such a file\ncould cause smbd to crash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL\nfor reporting CVE-2014-0244, and the Samba project for reporting\nCVE-2014-3493. The Samba project acknowledges Simon Arlott as the\noriginal reporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the smb service will be restarted\nautomatically.", "edition": 20, "published": "2014-07-10T00:00:00", "title": "Oracle Linux 5 / 6 : samba / samba3x (ELSA-2014-0866)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "modified": "2014-07-10T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:samba3x-common", "p-cpe:/a:oracle:linux:samba-common", "p-cpe:/a:oracle:linux:samba3x-domainjoin-gui", "p-cpe:/a:oracle:linux:samba-doc", "p-cpe:/a:oracle:linux:samba3x-winbind-devel", "p-cpe:/a:oracle:linux:samba3x-doc", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:samba-domainjoin-gui", "p-cpe:/a:oracle:linux:libsmbclient", "p-cpe:/a:oracle:linux:samba-winbind", "p-cpe:/a:oracle:linux:samba-winbind-krb5-locator", "p-cpe:/a:oracle:linux:samba3x", "p-cpe:/a:oracle:linux:samba-client", "p-cpe:/a:oracle:linux:samba3x-winbind", "p-cpe:/a:oracle:linux:samba", "p-cpe:/a:oracle:linux:samba3x-swat", "p-cpe:/a:oracle:linux:samba-swat", "p-cpe:/a:oracle:linux:samba-winbind-clients", "p-cpe:/a:oracle:linux:libsmbclient-devel", "p-cpe:/a:oracle:linux:samba-winbind-devel", "p-cpe:/a:oracle:linux:samba3x-client"], "id": "ORACLELINUX_ELSA-2014-0866.NASL", "href": "https://www.tenable.com/plugins/nessus/76443", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0866 and \n# Oracle Linux Security Advisory ELSA-2014-0866 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76443);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n script_bugtraq_id(68148, 68150);\n script_xref(name:\"RHSA\", value:\"2014:0866\");\n\n script_name(english:\"Oracle Linux 5 / 6 : samba / samba3x (ELSA-2014-0866)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0866 :\n\nUpdated samba3x and samba packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA denial of service flaw was found in the way the sys_recvfile()\nfunction of nmbd, the NetBIOS message block daemon, processed\nnon-blocking sockets. An attacker could send a specially crafted\npacket that, when processed, would cause nmbd to enter an infinite\nloop and consume an excessive amount of CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not\nproperly handle certain files that were stored on the disk and used a\nvalid Unicode character in the file name. An attacker able to send an\nauthenticated non-Unicode request that attempted to read such a file\ncould cause smbd to crash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL\nfor reporting CVE-2014-0244, and the Samba project for reporting\nCVE-2014-3493. The Samba project acknowledges Simon Arlott as the\noriginal reporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the smb service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-July/004221.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-July/004222.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba and / or samba3x packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba3x-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-client-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-common-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-doc-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-domainjoin-gui-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-swat-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-winbind-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"samba3x-winbind-devel-3.6.6-0.140.el5_10\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"libsmbclient-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libsmbclient-devel-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-client-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-common-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-doc-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-domainjoin-gui-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-swat-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-winbind-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-winbind-clients-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-winbind-devel-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"samba-winbind-krb5-locator-3.6.9-169.el6_5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:29:36", "description": "Updated samba3x and samba packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA denial of service flaw was found in the way the sys_recvfile()\nfunction of nmbd, the NetBIOS message block daemon, processed\nnon-blocking sockets. An attacker could send a specially crafted\npacket that, when processed, would cause nmbd to enter an infinite\nloop and consume an excessive amount of CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not\nproperly handle certain files that were stored on the disk and used a\nvalid Unicode character in the file name. An attacker able to send an\nauthenticated non-Unicode request that attempted to read such a file\ncould cause smbd to crash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL\nfor reporting CVE-2014-0244, and the Samba project for reporting\nCVE-2014-3493. The Samba project acknowledges Simon Arlott as the\noriginal reporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the smb service will be restarted\nautomatically.", "edition": 23, "published": "2014-07-10T00:00:00", "title": "CentOS 5 / 6 : samba / samba3x (CESA-2014:0866)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "modified": "2014-07-10T00:00:00", "cpe": ["p-cpe:/a:centos:centos:samba-swat", "p-cpe:/a:centos:centos:samba-domainjoin-gui", "p-cpe:/a:centos:centos:samba-winbind-krb5-locator", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:samba-winbind", "p-cpe:/a:centos:centos:samba-doc", "p-cpe:/a:centos:centos:samba-common", "p-cpe:/a:centos:centos:samba3x-doc", "p-cpe:/a:centos:centos:samba-winbind-clients", "p-cpe:/a:centos:centos:samba3x-client", "p-cpe:/a:centos:centos:samba3x-swat", "p-cpe:/a:centos:centos:samba-client", "p-cpe:/a:centos:centos:samba", "p-cpe:/a:centos:centos:samba3x-common", "p-cpe:/a:centos:centos:samba3x-winbind", "p-cpe:/a:centos:centos:samba3x", "p-cpe:/a:centos:centos:samba3x-winbind-devel", "p-cpe:/a:centos:centos:samba3x-domainjoin-gui", "p-cpe:/a:centos:centos:libsmbclient", "p-cpe:/a:centos:centos:libsmbclient-devel", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:samba-winbind-devel"], "id": "CENTOS_RHSA-2014-0866.NASL", "href": "https://www.tenable.com/plugins/nessus/76431", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0866 and \n# CentOS Errata and Security Advisory 2014:0866 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76431);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n script_bugtraq_id(68148, 68150);\n script_xref(name:\"RHSA\", value:\"2014:0866\");\n\n script_name(english:\"CentOS 5 / 6 : samba / samba3x (CESA-2014:0866)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba3x and samba packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA denial of service flaw was found in the way the sys_recvfile()\nfunction of nmbd, the NetBIOS message block daemon, processed\nnon-blocking sockets. An attacker could send a specially crafted\npacket that, when processed, would cause nmbd to enter an infinite\nloop and consume an excessive amount of CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not\nproperly handle certain files that were stored on the disk and used a\nvalid Unicode character in the file name. An attacker able to send an\nauthenticated non-Unicode request that attempted to read such a file\ncould cause smbd to crash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL\nfor reporting CVE-2014-0244, and the Samba project for reporting\nCVE-2014-3493. The Samba project acknowledges Simon Arlott as the\noriginal reporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the smb service will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-July/020404.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4655ca2b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-July/020405.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ae942e6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba and / or samba3x packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0244\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba3x-winbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-client-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-common-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-doc-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-domainjoin-gui-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-swat-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-winbind-3.6.6-0.140.el5_10\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"samba3x-winbind-devel-3.6.6-0.140.el5_10\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"libsmbclient-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libsmbclient-devel-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-client-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-common-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-doc-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-domainjoin-gui-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-swat-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-winbind-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-winbind-clients-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-winbind-devel-3.6.9-169.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"samba-winbind-krb5-locator-3.6.9-169.el6_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / samba / samba-client / etc\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-03-01T06:04:11", "description": "According to its banner, the version of Samba on the remote\nhost is 3.6.x prior to 3.6.24, 4.0.x prior to 4.0.19, or 4.1.x prior\nto 4.1.9. It is, therefore, affected by the following vulnerabilities :\n\n - A denial of service flaw exists with 'nmbd'. A remote\n attacker, with a specially crafted packet, could\n cause the CPU to loop the same code segment, preventing\n further NetBIOS name services. (CVE-2014-0244)\n\n - A denial of service flaw exists with 'smbd' when an\n authenticated client makes a non-unicode request for a\n valid unicode path. An invalid return code from the\n conversion of bad unicode to Windows character set can\n cause memory at an offset from the expected return\n buffer to be overwritten. This could allow a remote\n authenticated attacker to cause a denial of service.\n (CVE-2014-3493)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 28, "published": "2014-06-24T00:00:00", "title": "Samba 3.6.x < 3.6.24 / 4.0.x < 4.0.19 / 4.1.x < 4.1.9 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_4_1_9.NASL", "href": "https://www.tenable.com/plugins/nessus/76202", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76202);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n script_bugtraq_id(68148, 68150);\n\n script_name(english:\"Samba 3.6.x < 3.6.24 / 4.0.x < 4.0.19 / 4.1.x < 4.1.9 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Samba.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is affected by multiple denial of service\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Samba on the remote\nhost is 3.6.x prior to 3.6.24, 4.0.x prior to 4.0.19, or 4.1.x prior\nto 4.1.9. It is, therefore, affected by the following vulnerabilities :\n\n - A denial of service flaw exists with 'nmbd'. A remote\n attacker, with a specially crafted packet, could\n cause the CPU to loop the same code segment, preventing\n further NetBIOS name services. (CVE-2014-0244)\n\n - A denial of service flaw exists with 'smbd' when an\n authenticated client makes a non-unicode request for a\n valid unicode path. An invalid return code from the\n conversion of bad unicode to Windows character set can\n cause memory at an offset from the expected return\n buffer to be overwritten. This could allow a remote\n authenticated attacker to cause a denial of service.\n (CVE-2014-3493)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2014-0244.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2014-3493.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-3.6.24.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-4.0.19.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-4.1.9.html\");\n # https://download.samba.org/pub/samba/patches/security/samba-3.6.23-CVE-2014-0244-CVE-2014-3493.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6eda5046\");\n # https://download.samba.org/pub/samba/patches/security/samba-4.0.18-CVE-2014-0244-CVE-2014-3493.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?be7d6e54\");\n # https://download.samba.org/pub/samba/patches/security/samba-4.1.8-CVE-2014-0244-CVE-2014-3493.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?72ca7d20\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install the patch referenced in the project's advisory or upgrade to\n3.6.24 / 4.0.19 / 4.1.9 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0244\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/24\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\nlanman = get_kb_item_or_exit(\"SMB/NativeLanManager\");\n\nif (\"Samba \" >!< lanman) audit(AUDIT_NOT_LISTEN, \"Samba\", port);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (\n lanman =~ '^Samba 3(\\\\.6)?$' ||\n lanman =~ '^Samba 4(\\\\.0)?$' ||\n lanman =~ '^Samba 4(\\\\.1)?$'\n) audit(AUDIT_VER_NOT_GRANULAR, \"Samba\", port, version);\n\nversion = lanman - 'Samba ';\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nfix = NULL;\n\nif (ver[0] == 3 && ver[1] == 6 && ver[2] < 24) fix = '3.6.24';\nif (ver[0] == 4 && ver[1] == 0 && ver[2] < 19) fix = '4.0.19';\nif (ver[0] == 4 && ver[1] == 1 && ver[2] < 9) fix = '4.1.9';\n\nif (fix)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix + '\\n';\n security_note(port:port, extra:report);\n }\n else security_note(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Samba\", port, version);\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:54:39", "description": "Updated samba packages fix security vulnerabilities :\n\nInformation leak vulnerability in the VFS code, allowing an\nauthenticated user to retrieve eight bytes of uninitialized memory\nwhen shadow copy is enabled (CVE-2014-0178).\n\nSamba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a\ndenial of service on the nmbd NetBIOS name services daemon. A\nmalformed packet can cause the nmbd server to loop the CPU and prevent\nany further NetBIOS name service (CVE-2014-0244).\n\nSamba versions before 3.6.24, 4.0.19, and 4.1.9 are affected by a\ndenial of service crash involving overwriting memory on an\nauthenticated connection to the smbd file server (CVE-2014-3493).", "edition": 24, "published": "2014-07-14T00:00:00", "title": "Mandriva Linux Security Advisory : samba (MDVSA-2014:136)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "modified": "2014-07-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64smbsharemodes-devel", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:lib64wbclient0", "p-cpe:/a:mandriva:linux:samba-doc", "p-cpe:/a:mandriva:linux:lib64wbclient-devel", "p-cpe:/a:mandriva:linux:nss_wins", "p-cpe:/a:mandriva:linux:lib64smbsharemodes0", "p-cpe:/a:mandriva:linux:lib64netapi-devel", "p-cpe:/a:mandriva:linux:samba-common", "p-cpe:/a:mandriva:linux:samba-virusfilter-sophos", "p-cpe:/a:mandriva:linux:samba-swat", "p-cpe:/a:mandriva:linux:lib64smbclient0-static-devel", "p-cpe:/a:mandriva:linux:lib64netapi0", "p-cpe:/a:mandriva:linux:samba-client", "p-cpe:/a:mandriva:linux:samba-server", "p-cpe:/a:mandriva:linux:lib64smbclient0-devel", "p-cpe:/a:mandriva:linux:lib64smbclient0", "p-cpe:/a:mandriva:linux:samba-domainjoin-gui", "p-cpe:/a:mandriva:linux:samba-virusfilter-fsecure", "p-cpe:/a:mandriva:linux:samba-winbind", "p-cpe:/a:mandriva:linux:samba-virusfilter-clamav"], "id": "MANDRIVA_MDVSA-2014-136.NASL", "href": "https://www.tenable.com/plugins/nessus/76480", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:136. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76480);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-0178\", \"CVE-2014-0244\", \"CVE-2014-3493\");\n script_bugtraq_id(67686, 68148, 68150);\n script_xref(name:\"MDVSA\", value:\"2014:136\");\n\n script_name(english:\"Mandriva Linux Security Advisory : samba (MDVSA-2014:136)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages fix security vulnerabilities :\n\nInformation leak vulnerability in the VFS code, allowing an\nauthenticated user to retrieve eight bytes of uninitialized memory\nwhen shadow copy is enabled (CVE-2014-0178).\n\nSamba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a\ndenial of service on the nmbd NetBIOS name services daemon. A\nmalformed packet can cause the nmbd server to loop the CPU and prevent\nany further NetBIOS name service (CVE-2014-0244).\n\nSamba versions before 3.6.24, 4.0.19, and 4.1.9 are affected by a\ndenial of service crash involving overwriting memory on an\nauthenticated connection to the smbd file server (CVE-2014-3493).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0279.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64netapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64netapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbclient0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbsharemodes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nss_wins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-domainjoin-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-virusfilter-clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-virusfilter-fsecure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-virusfilter-sophos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64netapi-devel-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64netapi0-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64smbclient0-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64smbclient0-devel-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64smbclient0-static-devel-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64smbsharemodes-devel-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64smbsharemodes0-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64wbclient-devel-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64wbclient0-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"nss_wins-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"samba-client-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"samba-common-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"samba-doc-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"samba-domainjoin-gui-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"samba-server-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"samba-swat-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"samba-virusfilter-clamav-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"samba-virusfilter-fsecure-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"samba-virusfilter-sophos-3.6.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"samba-winbind-3.6.24-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-01-20T14:37:40", "description": "Samba has been updated to fix two security issues and one non-security\nissue.\n\nThese security issues have been fixed :\n\n - Fix segmentation fault in smbd_marshal_dir_entry()'s\n SMB_FIND_FILE_UNIXhandler. (CVE-2014-3493)\n\n - Fix nmbd denial of service. (CVE-2014-0244)\n\n - Fix malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response\n (CVE-2014-0178) These non-security issues have been\n fixed :\n\n - Fix printer job purging; (bso#10612);. (bnc#879390)", "edition": 18, "published": "2014-07-16T00:00:00", "title": "SuSE 11.3 Security Update : Samba (SAT Patch Number 9451)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "modified": "2014-07-16T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:samba-client", "p-cpe:/a:novell:suse_linux:11:samba-winbind", "p-cpe:/a:novell:suse_linux:11:libwbclient0-32bit", "p-cpe:/a:novell:suse_linux:11:libtalloc2-32bit", "p-cpe:/a:novell:suse_linux:11:samba-client-32bit", "p-cpe:/a:novell:suse_linux:11:libldb1-32bit", "p-cpe:/a:novell:suse_linux:11:libwbclient0", "p-cpe:/a:novell:suse_linux:11:samba-32bit", "p-cpe:/a:novell:suse_linux:11:samba", "p-cpe:/a:novell:suse_linux:11:libldb1", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:samba-winbind-32bit", "p-cpe:/a:novell:suse_linux:11:libsmbclient0", "p-cpe:/a:novell:suse_linux:11:libtevent0-32bit", "p-cpe:/a:novell:suse_linux:11:libtevent0", "p-cpe:/a:novell:suse_linux:11:ldapsmb", "p-cpe:/a:novell:suse_linux:11:libtdb1", "p-cpe:/a:novell:suse_linux:11:libtdb1-32bit", "p-cpe:/a:novell:suse_linux:11:samba-doc", "p-cpe:/a:novell:suse_linux:11:libtalloc2", "p-cpe:/a:novell:suse_linux:11:samba-krb-printing", "p-cpe:/a:novell:suse_linux:11:libsmbclient0-32bit"], "id": "SUSE_11_CIFS-MOUNT-140627.NASL", "href": "https://www.tenable.com/plugins/nessus/76523", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76523);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0178\", \"CVE-2014-0244\", \"CVE-2014-3493\");\n\n script_name(english:\"SuSE 11.3 Security Update : Samba (SAT Patch Number 9451)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Samba has been updated to fix two security issues and one non-security\nissue.\n\nThese security issues have been fixed :\n\n - Fix segmentation fault in smbd_marshal_dir_entry()'s\n SMB_FIND_FILE_UNIXhandler. (CVE-2014-3493)\n\n - Fix nmbd denial of service. (CVE-2014-0244)\n\n - Fix malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response\n (CVE-2014-0178) These non-security issues have been\n fixed :\n\n - Fix printer job purging; (bso#10612);. (bnc#879390)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=872396\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=879390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=883758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0178.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0244.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3493.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9451.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ldapsmb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libldb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libldb1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libtalloc2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libtalloc2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libtdb1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libtevent0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libtevent0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:samba-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:samba-krb-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"libldb1-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"libsmbclient0-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"libtalloc2-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"libtdb1-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"libtevent0-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"libwbclient0-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"samba-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"samba-client-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"samba-doc-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"samba-krb-printing-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"samba-winbind-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libldb1-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libldb1-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libsmbclient0-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libsmbclient0-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libtalloc2-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libtalloc2-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libtdb1-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libtdb1-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libtevent0-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libtevent0-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libwbclient0-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libwbclient0-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"samba-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"samba-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"samba-client-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"samba-client-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"samba-doc-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"samba-krb-printing-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"samba-winbind-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"ldapsmb-1.34b-12.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"libldb1-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"libsmbclient0-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"libtalloc2-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"libtdb1-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"libtevent0-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"libwbclient0-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"samba-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"samba-client-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"samba-doc-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"samba-krb-printing-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"samba-winbind-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"libsmbclient0-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"libtalloc2-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"libtdb1-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"libtevent0-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"libwbclient0-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"samba-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"samba-client-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"samba-winbind-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"libsmbclient0-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"libtalloc2-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"libtdb1-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"libtevent0-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"libwbclient0-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"samba-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"samba-client-32bit-3.6.3-0.52.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.6.3-0.52.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-01-06T09:29:37", "description": "Updated samba packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA denial of service flaw was found in the way the sys_recvfile()\nfunction of nmbd, the NetBIOS message block daemon, processed\nnon-blocking sockets. An attacker could send a specially crafted\npacket that, when processed, would cause nmbd to enter an infinite\nloop and consume an excessive amount of CPU time. (CVE-2014-0244)\n\nA flaw was found in the way Samba created responses for certain\nauthenticated client requests when a shadow-copy VFS module was\nenabled. An attacker able to send an authenticated request could use\nthis flaw to disclose limited portions of memory per each request.\n(CVE-2014-0178)\n\nIt was discovered that smbd, the Samba file server daemon, did not\nproperly handle certain files that were stored on the disk and used a\nvalid Unicode character in the file name. An attacker able to send an\nauthenticated non-Unicode request that attempted to read such a file\ncould cause smbd to crash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL\nfor reporting CVE-2014-0244, and the Samba project for reporting\nCVE-2014-0178 and CVE-2014-3493. The Samba project acknowledges\nChristof Schmitt as the original reporter of CVE-2014-0178, and Simon\nArlott as the original reporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the smb service will be restarted\nautomatically.", "edition": 23, "published": "2014-07-10T00:00:00", "title": "CentOS 7 : samba (CESA-2014:0867)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "modified": "2014-07-10T00:00:00", "cpe": ["p-cpe:/a:centos:centos:samba-libs", "p-cpe:/a:centos:centos:samba-pidl", "p-cpe:/a:centos:centos:samba-winbind-modules", "p-cpe:/a:centos:centos:samba-winbind-krb5-locator", "p-cpe:/a:centos:centos:samba-dc", "p-cpe:/a:centos:centos:samba-winbind", "p-cpe:/a:centos:centos:samba-test", "p-cpe:/a:centos:centos:samba-common", "p-cpe:/a:centos:centos:samba-devel", "p-cpe:/a:centos:centos:libwbclient", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:samba-vfs-glusterfs", "p-cpe:/a:centos:centos:samba-winbind-clients", "p-cpe:/a:centos:centos:samba-python", "p-cpe:/a:centos:centos:samba-client", "p-cpe:/a:centos:centos:samba-test-devel", "p-cpe:/a:centos:centos:samba", "p-cpe:/a:centos:centos:samba-dc-libs", "p-cpe:/a:centos:centos:libsmbclient", "p-cpe:/a:centos:centos:libwbclient-devel", "p-cpe:/a:centos:centos:libsmbclient-devel"], "id": "CENTOS_RHSA-2014-0867.NASL", "href": "https://www.tenable.com/plugins/nessus/76432", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0867 and \n# CentOS Errata and Security Advisory 2014:0867 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76432);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-0178\", \"CVE-2014-0244\", \"CVE-2014-3493\");\n script_bugtraq_id(67686, 68148, 68150);\n script_xref(name:\"RHSA\", value:\"2014:0867\");\n\n script_name(english:\"CentOS 7 : samba (CESA-2014:0867)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other\ninformation.\n\nA denial of service flaw was found in the way the sys_recvfile()\nfunction of nmbd, the NetBIOS message block daemon, processed\nnon-blocking sockets. An attacker could send a specially crafted\npacket that, when processed, would cause nmbd to enter an infinite\nloop and consume an excessive amount of CPU time. (CVE-2014-0244)\n\nA flaw was found in the way Samba created responses for certain\nauthenticated client requests when a shadow-copy VFS module was\nenabled. An attacker able to send an authenticated request could use\nthis flaw to disclose limited portions of memory per each request.\n(CVE-2014-0178)\n\nIt was discovered that smbd, the Samba file server daemon, did not\nproperly handle certain files that were stored on the disk and used a\nvalid Unicode character in the file name. An attacker able to send an\nauthenticated non-Unicode request that attempted to read such a file\ncould cause smbd to crash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL\nfor reporting CVE-2014-0244, and the Samba project for reporting\nCVE-2014-0178 and CVE-2014-3493. The Samba project acknowledges\nChristof Schmitt as the original reporter of CVE-2014-0178, and Simon\nArlott as the original reporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the smb service will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-July/020407.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a3287e99\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0178\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-test-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libsmbclient-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libwbclient-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-client-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-common-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-dc-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-devel-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-libs-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-pidl-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-python-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-test-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-test-devel-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.1.1-35.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.1.1-35.el7_0\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / libwbclient / libwbclient-devel / etc\");\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:37:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-07-15T00:00:00", "id": "OPENVAS:1361412562310881961", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881961", "type": "openvas", "title": "CentOS Update for samba3x CESA-2014:0866 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for samba3x CESA-2014:0866 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881961\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-15 15:55:19 +0530 (Tue, 15 Jul 2014)\");\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Update for samba3x CESA-2014:0866 centos5\");\n\n script_tag(name:\"affected\", value:\"samba3x on CentOS 5\");\n script_tag(name:\"insight\", value:\"Samba is an open-source implementation of the Server Message\nBlock (SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other information.\n\nA denial of service flaw was found in the way the sys_recvfile() function\nof nmbd, the NetBIOS message block daemon, processed non-blocking sockets.\nAn attacker could send a specially crafted packet that, when processed,\nwould cause nmbd to enter an infinite loop and consume an excessive amount\nof CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not properly\nhandle certain files that were stored on the disk and used a valid Unicode\ncharacter in the file name. An attacker able to send an authenticated\nnon-Unicode request that attempted to read such a file could cause smbd to\ncrash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for\nreporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493.\nThe Samba project acknowledges Simon Arlott as the original reporter of\nCVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the smb service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0866\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-July/020404.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba3x'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba3x\", rpm:\"samba3x~3.6.6~0.140.el5_10\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-client\", rpm:\"samba3x-client~3.6.6~0.140.el5_10\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-common\", rpm:\"samba3x-common~3.6.6~0.140.el5_10\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-doc\", rpm:\"samba3x-doc~3.6.6~0.140.el5_10\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-domainjoin-gui\", rpm:\"samba3x-domainjoin-gui~3.6.6~0.140.el5_10\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-swat\", rpm:\"samba3x-swat~3.6.6~0.140.el5_10\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-winbind\", rpm:\"samba3x-winbind~3.6.6~0.140.el5_10\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-winbind-devel\", rpm:\"samba3x-winbind-devel~3.6.6~0.140.el5_10\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-07-15T00:00:00", "id": "OPENVAS:1361412562310871199", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871199", "type": "openvas", "title": "RedHat Update for samba and samba3x RHSA-2014:0866-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for samba and samba3x RHSA-2014:0866-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871199\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-15 17:16:52 +0530 (Tue, 15 Jul 2014)\");\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Update for samba and samba3x RHSA-2014:0866-01\");\n\n\n script_tag(name:\"affected\", value:\"samba and samba3x on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"Samba is an open-source implementation of the Server Message Block (SMB) or\nCommon Internet File System (CIFS) protocol, which allows PC-compatible\nmachines to share files, printers, and other information.\n\nA denial of service flaw was found in the way the sys_recvfile() function\nof nmbd, the NetBIOS message block daemon, processed non-blocking sockets.\nAn attacker could send a specially crafted packet that, when processed,\nwould cause nmbd to enter an infinite loop and consume an excessive amount\nof CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not properly\nhandle certain files that were stored on the disk and used a valid Unicode\ncharacter in the file name. An attacker able to send an authenticated\nnon-Unicode request that attempted to read such a file could cause smbd to\ncrash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for\nreporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493.\nThe Samba project acknowledges Simon Arlott as the original reporter of\nCVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the smb service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0866-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-July/msg00018.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba and samba3x'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.6.9~169.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.6.9~169.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.6.9~169.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.6.9~169.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~3.6.9~169.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.6.9~169.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~3.6.9~169.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba3x\", rpm:\"samba3x~3.6.6~0.140.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-client\", rpm:\"samba3x-client~3.6.6~0.140.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-common\", rpm:\"samba3x-common~3.6.6~0.140.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-debuginfo\", rpm:\"samba3x-debuginfo~3.6.6~0.140.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-doc\", rpm:\"samba3x-doc~3.6.6~0.140.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-domainjoin-gui\", rpm:\"samba3x-domainjoin-gui~3.6.6~0.140.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-swat\", rpm:\"samba3x-swat~3.6.6~0.140.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-winbind\", rpm:\"samba3x-winbind~3.6.6~0.140.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba3x-winbind-devel\", rpm:\"samba3x-winbind-devel~3.6.6~0.140.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-07-15T00:00:00", "id": "OPENVAS:1361412562310881959", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881959", "type": "openvas", "title": "CentOS Update for libsmbclient CESA-2014:0866 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmbclient CESA-2014:0866 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881959\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-15 15:39:14 +0530 (Tue, 15 Jul 2014)\");\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Update for libsmbclient CESA-2014:0866 centos6\");\n\n script_tag(name:\"affected\", value:\"libsmbclient on CentOS 6\");\n script_tag(name:\"insight\", value:\"Samba is an open-source implementation of the Server Message\nBlock (SMB) or Common Internet File System (CIFS) protocol, which allows\nPC-compatible machines to share files, printers, and other information.\n\nA denial of service flaw was found in the way the sys_recvfile() function\nof nmbd, the NetBIOS message block daemon, processed non-blocking sockets.\nAn attacker could send a specially crafted packet that, when processed,\nwould cause nmbd to enter an infinite loop and consume an excessive amount\nof CPU time. (CVE-2014-0244)\n\nIt was discovered that smbd, the Samba file server daemon, did not properly\nhandle certain files that were stored on the disk and used a valid Unicode\ncharacter in the file name. An attacker able to send an authenticated\nnon-Unicode request that attempted to read such a file could cause smbd to\ncrash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for\nreporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493.\nThe Samba project acknowledges Simon Arlott as the original reporter of\nCVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the smb service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0866\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-July/020405.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libsmbclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-domainjoin-gui\", rpm:\"samba-domainjoin-gui~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-devel\", rpm:\"samba-winbind-devel~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-krb5-locator\", rpm:\"samba-winbind-krb5-locator~3.6.9~169.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "description": "Oracle Linux Local Security Checks ELSA-2014-0866", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123385", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123385", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0866", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0866.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123385\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:06 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0866\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0866 - samba and samba3x security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0866\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0866.html\");\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"samba3x\", rpm:\"samba3x~3.6.6~0.140.el5_10\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-client\", rpm:\"samba3x-client~3.6.6~0.140.el5_10\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-common\", rpm:\"samba3x-common~3.6.6~0.140.el5_10\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-doc\", rpm:\"samba3x-doc~3.6.6~0.140.el5_10\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-domainjoin-gui\", rpm:\"samba3x-domainjoin-gui~3.6.6~0.140.el5_10\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-swat\", rpm:\"samba3x-swat~3.6.6~0.140.el5_10\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-winbind\", rpm:\"samba3x-winbind~3.6.6~0.140.el5_10\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba3x-winbind-devel\", rpm:\"samba3x-winbind-devel~3.6.6~0.140.el5_10\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-domainjoin-gui\", rpm:\"samba-domainjoin-gui~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-swat\", rpm:\"samba-swat~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind-devel\", rpm:\"samba-winbind-devel~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind-krb5-locator\", rpm:\"samba-winbind-krb5-locator~3.6.9~169.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3493", "CVE-2014-0244"], "description": "This host is running Samba and is prone\n to multiple denial-of-service vulnerabilities.", "modified": "2019-03-14T00:00:00", "published": "2017-06-22T00:00:00", "id": "OPENVAS:1361412562310811219", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811219", "type": "openvas", "title": "Samba 'smbd and nmbd' Multiple Denial-of-Service Vulnerabilities", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_samba_smbd_n_nmbd_mult_dos_vuln.nasl 14173 2019-03-14 10:56:52Z cfischer $\n#\n# Samba 'smbd and nmbd' Multiple Denial-of-Service Vulnerabilities\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:samba:samba\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811219\");\n script_version(\"$Revision: 14173 $\");\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\");\n script_bugtraq_id(68148, 68150);\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 11:56:52 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-06-22 12:27:14 +0530 (Thu, 22 Jun 2017)\");\n script_name(\"Samba 'smbd and nmbd' Multiple Denial-of-Service Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"smb_nativelanman.nasl\", \"gb_samba_detect.nasl\");\n script_mandatory_keys(\"samba/smb_or_ssh/detected\");\n\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1030455\");\n script_xref(name:\"URL\", value:\"http://www.samba.org/samba/security/CVE-2014-3493\");\n script_xref(name:\"URL\", value:\"http://www.samba.org/samba/security/CVE-2014-0244\");\n\n script_tag(name:\"summary\", value:\"This host is running Samba and is prone\n to multiple denial-of-service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in the nmbd NetBIOS name services daemon which causes the nmbd server\n to loop the CPU.\n\n - A memory corruption error. A valid unicode path names stored on disk can cause\n smbd to crash if an authenticated client attempts to read them using a\n non-unicode request.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue will allow\n remote attackers to cause a denial-of-service condition.\");\n\n script_tag(name:\"affected\", value:\"Samba Server versions 3.6.x before 3.6.24,\n 4.0.x before 4.0.19, and 4.1.x before 4.1.9.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Samba 3.6.24 or 4.0.19 or 4.1.9\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) ) exit( 0 );\nvers = infos['version'];\nloc = infos['location'];\n\nif(vers =~ \"^3\\.6\\.\"){\n if(version_is_less(version:vers, test_version:\"3.6.24\")){\n fix = \"3.6.24\";\n }\n}\n\nelse if(vers =~ \"^4\\.[01]\"){\n if(version_is_less(version:vers, test_version:\"4.0.19\")){\n fix = \"4.0.19\";\n }\n else if(version_in_range(version:vers, test_version:\"4.1\", test_version2:\"4.1.8\")){\n fix = \"4.1.9\";\n }\n}\n\nif(fix){\n report = report_fixed_ver( installed_version:vers, fixed_version:fix, install_path:loc );\n security_message( data:report, port:port);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-09-10T00:00:00", "id": "OPENVAS:1361412562310882001", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882001", "type": "openvas", "title": "CentOS Update for libsmbclient CESA-2014:0867 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmbclient CESA-2014:0867 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882001\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-10 06:19:26 +0200 (Wed, 10 Sep 2014)\");\n script_cve_id(\"CVE-2014-0178\", \"CVE-2014-0244\", \"CVE-2014-3493\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_name(\"CentOS Update for libsmbclient CESA-2014:0867 centos7\");\n script_tag(name:\"insight\", value:\"Samba is an open-source implementation of the Server Message Block (SMB) or\nCommon Internet File System (CIFS) protocol, which allows PC-compatible\nmachines to share files, printers, and other information.\n\nA denial of service flaw was found in the way the sys_recvfile() function\nof nmbd, the NetBIOS message block daemon, processed non-blocking sockets.\nAn attacker could send a specially crafted packet that, when processed,\nwould cause nmbd to enter an infinite loop and consume an excessive amount\nof CPU time. (CVE-2014-0244)\n\nA flaw was found in the way Samba created responses for certain\nauthenticated client requests when a shadow-copy VFS module was enabled.\nAn attacker able to send an authenticated request could use this flaw to\ndisclose limited portions of memory per each request. (CVE-2014-0178)\n\nIt was discovered that smbd, the Samba file server daemon, did not properly\nhandle certain files that were stored on the disk and used a valid Unicode\ncharacter in the file name. An attacker able to send an authenticated\nnon-Unicode request that attempted to read such a file could cause smbd to\ncrash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for\nreporting CVE-2014-0244, and the Samba project for reporting CVE-2014-0178\nand CVE-2014-3493. The Samba project acknowledges Christof Schmitt as the\noriginal reporter of CVE-2014-0178, and Simon Arlott as the original\nreporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the smb service will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"libsmbclient on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"CESA\", value:\"2014:0867\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-July/020407.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libsmbclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-dc\", rpm:\"samba-dc~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-dc-libs\", rpm:\"samba-dc-libs~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-devel\", rpm:\"samba-devel~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-pidl\", rpm:\"samba-pidl~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-test\", rpm:\"samba-test~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-test-devel\", rpm:\"samba-test-devel~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-vfs-glusterfs\", rpm:\"samba-vfs-glusterfs~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-krb5-locator\", rpm:\"samba-winbind-krb5-locator~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.1.1~35.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2017-08-04T10:49:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "description": "Multiple vulnerabilities were discovered and fixed in Samba, a SMB/CIFS\nfile, print, and login server:\n\nCVE-2014-0178 \nInformation leak vulnerability in the VFS code, allowing an\nauthenticated user to retrieve eight bytes of uninitialized memory\nwhen shadow copy is enabled.\n\nCVE-2014-0244 \nDenial of service (infinite CPU loop) in the nmbd Netbios name\nservice daemon. A malformed packet can cause the nmbd server to\nenter an infinite loop, preventing it to process later requests to\nthe Netbios name service.\n\nCVE-2014-3493 \nDenial of service (daemon crash) in the smbd file server daemon. An\nauthenticated user attempting to read a Unicode path using a\nnon-Unicode request can force the daemon to overwrite memory at an\ninvalid address.", "modified": "2017-07-20T00:00:00", "published": "2014-06-23T00:00:00", "id": "OPENVAS:702966", "href": "http://plugins.openvas.org/nasl.php?oid=702966", "type": "openvas", "title": "Debian Security Advisory DSA 2966-1 (samba - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2966.nasl 6769 2017-07-20 09:56:33Z teissa $\n# Auto-generated from advisory DSA 2966-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"samba on Debian Linux\";\ntag_insight = \"Samba is an implementation of the SMB/CIFS protocol for Unix systems,\nproviding support for cross-platform file and printer sharing with\nMicrosoft Windows, OS X, and other Unix systems. Samba can also function\nas an NT4-style domain controller, and can integrate with both NT4 domains\nand Active Directory realms as a member server.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 2:3.6.6-6+deb7u4.\n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 2:4.1.9+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:4.1.9+dfsg-1.\n\nWe recommend that you upgrade your samba packages.\";\ntag_summary = \"Multiple vulnerabilities were discovered and fixed in Samba, a SMB/CIFS\nfile, print, and login server:\n\nCVE-2014-0178 \nInformation leak vulnerability in the VFS code, allowing an\nauthenticated user to retrieve eight bytes of uninitialized memory\nwhen shadow copy is enabled.\n\nCVE-2014-0244 \nDenial of service (infinite CPU loop) in the nmbd Netbios name\nservice daemon. A malformed packet can cause the nmbd server to\nenter an infinite loop, preventing it to process later requests to\nthe Netbios name service.\n\nCVE-2014-3493 \nDenial of service (daemon crash) in the smbd file server daemon. An\nauthenticated user attempting to read a Unicode path using a\nnon-Unicode request can force the daemon to overwrite memory at an\ninvalid address.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702966);\n script_version(\"$Revision: 6769 $\");\n script_cve_id(\"CVE-2014-0178\", \"CVE-2014-0244\", \"CVE-2014-3493\");\n script_name(\"Debian Security Advisory DSA 2966-1 (samba - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-20 11:56:33 +0200 (Thu, 20 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-06-23 00:00:00 +0200 (Mon, 23 Jun 2014)\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2966.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-tools\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"swat\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-tools\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"swat\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-tools\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"swat\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"samba-tools\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"swat\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 3.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:37:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-07-15T00:00:00", "id": "OPENVAS:1361412562310871197", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871197", "type": "openvas", "title": "RedHat Update for samba RHSA-2014:0867-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for samba RHSA-2014:0867-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871197\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-15 17:07:55 +0530 (Tue, 15 Jul 2014)\");\n script_cve_id(\"CVE-2014-0178\", \"CVE-2014-0244\", \"CVE-2014-3493\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_name(\"RedHat Update for samba RHSA-2014:0867-01\");\n\n\n script_tag(name:\"affected\", value:\"samba on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"insight\", value:\"Samba is an open-source implementation of the Server Message Block (SMB) or\nCommon Internet File System (CIFS) protocol, which allows PC-compatible\nmachines to share files, printers, and other information.\n\nA denial of service flaw was found in the way the sys_recvfile() function\nof nmbd, the NetBIOS message block daemon, processed non-blocking sockets.\nAn attacker could send a specially crafted packet that, when processed,\nwould cause nmbd to enter an infinite loop and consume an excessive amount\nof CPU time. (CVE-2014-0244)\n\nA flaw was found in the way Samba created responses for certain\nauthenticated client requests when a shadow-copy VFS module was enabled.\nAn attacker able to send an authenticated request could use this flaw to\ndisclose limited portions of memory per each request. (CVE-2014-0178)\n\nIt was discovered that smbd, the Samba file server daemon, did not properly\nhandle certain files that were stored on the disk and used a valid Unicode\ncharacter in the file name. An attacker able to send an authenticated\nnon-Unicode request that attempted to read such a file could cause smbd to\ncrash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for\nreporting CVE-2014-0244, and the Samba project for reporting CVE-2014-0178\nand CVE-2014-3493. The Samba project acknowledges Christof Schmitt as the\noriginal reporter of CVE-2014-0178, and Simon Arlott as the original\nreporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the smb service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0867-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-July/msg00019.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.1.1~35.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.1.1~35.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.1.1~35.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.1.1~35.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.1.1~35.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~4.1.1~35.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.1.1~35.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.1.1~35.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.1.1~35.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.1.1~35.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "description": "Oracle Linux Local Security Checks ELSA-2014-0867", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123357", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123357", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0867", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0867.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123357\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:43 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0867\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0867 - samba security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0867\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0867.html\");\n script_cve_id(\"CVE-2014-0244\", \"CVE-2014-3493\", \"CVE-2014-0178\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-dc\", rpm:\"samba-dc~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-dc-libs\", rpm:\"samba-dc-libs~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-devel\", rpm:\"samba-devel~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-pidl\", rpm:\"samba-pidl~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-test\", rpm:\"samba-test~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-test-devel\", rpm:\"samba-test-devel~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-vfs-glusterfs\", rpm:\"samba-vfs-glusterfs~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind-krb5-locator\", rpm:\"samba-winbind-krb5-locator~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.1.1~35.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:37:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "description": "Multiple vulnerabilities were discovered and fixed in Samba, a SMB/CIFS\nfile, print, and login server:\n\nCVE-2014-0178\nInformation leak vulnerability in the VFS code, allowing an\nauthenticated user to retrieve eight bytes of uninitialized memory\nwhen shadow copy is enabled.\n\nCVE-2014-0244\nDenial of service (infinite CPU loop) in the nmbd Netbios name\nservice daemon. A malformed packet can cause the nmbd server to\nenter an infinite loop, preventing it to process later requests to\nthe Netbios name service.\n\nCVE-2014-3493\nDenial of service (daemon crash) in the smbd file server daemon. An\nauthenticated user attempting to read a Unicode path using a\nnon-Unicode request can force the daemon to overwrite memory at an\ninvalid address.", "modified": "2019-03-19T00:00:00", "published": "2014-06-23T00:00:00", "id": "OPENVAS:1361412562310702966", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702966", "type": "openvas", "title": "Debian Security Advisory DSA 2966-1 (samba - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2966.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 2966-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702966\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-0178\", \"CVE-2014-0244\", \"CVE-2014-3493\");\n script_name(\"Debian Security Advisory DSA 2966-1 (samba - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-23 00:00:00 +0200 (Mon, 23 Jun 2014)\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2966.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"samba on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 2:3.6.6-6+deb7u4.\n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 2:4.1.9+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:4.1.9+dfsg-1.\n\nWe recommend that you upgrade your samba packages.\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities were discovered and fixed in Samba, a SMB/CIFS\nfile, print, and login server:\n\nCVE-2014-0178\nInformation leak vulnerability in the VFS code, allowing an\nauthenticated user to retrieve eight bytes of uninitialized memory\nwhen shadow copy is enabled.\n\nCVE-2014-0244\nDenial of service (infinite CPU loop) in the nmbd Netbios name\nservice daemon. A malformed packet can cause the nmbd server to\nenter an infinite loop, preventing it to process later requests to\nthe Netbios name service.\n\nCVE-2014-3493\nDenial of service (daemon crash) in the smbd file server daemon. An\nauthenticated user attempting to read a Unicode path using a\nnon-Unicode request can force the daemon to overwrite memory at an\ninvalid address.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-doc\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-doc-pdf\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"samba-tools\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"swat\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"winbind\", ver:\"2:3.6.6-6+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2019-08-13T18:45:09", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0178", "CVE-2014-0244", "CVE-2014-3493"], "description": "Samba is an open-source implementation of the Server Message Block (SMB) or\nCommon Internet File System (CIFS) protocol, which allows PC-compatible\nmachines to share files, printers, and other information.\n\nA denial of service flaw was found in the way the sys_recvfile() function\nof nmbd, the NetBIOS message block daemon, processed non-blocking sockets.\nAn attacker could send a specially crafted packet that, when processed,\nwould cause nmbd to enter an infinite loop and consume an excessive amount\nof CPU time. (CVE-2014-0244)\n\nA flaw was found in the way Samba created responses for certain\nauthenticated client requests when a shadow-copy VFS module was enabled.\nAn attacker able to send an authenticated request could use this flaw to\ndisclose limited portions of memory per each request. (CVE-2014-0178)\n\nIt was discovered that smbd, the Samba file server daemon, did not properly\nhandle certain files that were stored on the disk and used a valid Unicode\ncharacter in the file name. An attacker able to send an authenticated\nnon-Unicode request that attempted to read such a file could cause smbd to\ncrash. (CVE-2014-3493)\n\nRed Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for\nreporting CVE-2014-0244, and the Samba project for reporting CVE-2014-0178\nand CVE-2014-3493. The Samba project acknowledges Christof Schmitt as the\noriginal reporter of CVE-2014-0178, and Simon Arlott as the original\nreporter of CVE-2014-3493.\n\nAll Samba users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the smb service will be restarted automatically.\n", "modified": "2018-04-12T03:32:38", "published": "2014-07-09T04:00:00", "id": "RHSA-2014:0867", "href": "https://access.redhat.com/errata/RHSA-2014:0867", "type": "redhat", "title": "(RHSA-2014:0867) Moderate: samba security update", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2019-12-11T13:30:43", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0178", "CVE-2014-0244", "CVE-2014-3493", "CVE-2014-3560"], "description": "Samba is an open-source implementation of the Server Message Block (SMB) or\nCommon Internet File System (CIFS) protocol, which allows PC-compatible\nmachines to share files, printers, and other information.\n\nA heap-based buffer overflow flaw was found in Samba's NetBIOS message\nblock daemon (nmbd). An attacker on the local network could use this flaw\nto send specially crafted packets that, when processed by nmbd, could\npossibly lead to arbitrary code execution with root privileges.\n(CVE-2014-3560)\n\nAll Samba users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the smb service will be restarted automatically.\n", "modified": "2018-06-06T20:24:21", "published": "2014-08-05T04:00:00", "id": "RHSA-2014:1009", "href": "https://access.redhat.com/errata/RHSA-2014:1009", "type": "redhat", "title": "(RHSA-2014:1009) Important: samba4 security update", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-08-12T00:56:30", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2966-1 security@debian.org\nhttp://www.debian.org/security/ Yves-Alexis Perez\nJune 23, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : samba\nCVE ID : CVE-2014-0178 CVE-2014-0244 CVE-2014-3493\nDebian Bug : \n\nMultiple vulnerabilities were discovered and fixed in Samba, a SMB/CIFS\nfile, print, and login server:\n\nCVE-2014-0178\n\n Information leak vulnerability in the VFS code, allowing an\n authenticated user to retrieve eight bytes of uninitialized memory\n when shadow copy is enabled.\n\nCVE-2014-0244\n\n Denial of service (infinite CPU loop) in the nmbd Netbios name\n service daemon. A malformed packet can cause the nmbd server to\n enter an infinite loop, preventing it to process later requests to\n the Netbios name service.\n\nCVE-2014-3493\n\n Denial of service (daemon crash) in the smbd file server daemon. An\n authenticated user attempting to read a Unicode path using a\n non-Unicode request can force the daemon to overwrite memory at an\n invalid address.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 2:3.6.6-6+deb7u4.\n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 2:4.1.9+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:4.1.9+dfsg-1.\n\nWe recommend that you upgrade your samba packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2014-06-23T09:39:46", "published": "2014-06-23T09:39:46", "id": "DEBIAN:DSA-2966-1:0AFE9", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00147.html", "title": "[SECURITY] [DSA 2966-1] samba security update", "type": "debian", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}], "ubuntu": [{"lastseen": "2020-07-02T11:44:39", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244", "CVE-2014-0239"], "description": "Christof Schmitt discovered that Samba incorrectly initialized a certain \nresponse field when vfs shadow copy was enabled. A remote authenticated \nattacker could use this issue to possibly obtain sensitive information. \nThis issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS. (CVE-2014-0178)\n\nIt was discovered that the Samba internal DNS server incorrectly handled QR \nfields when processing incoming DNS messages. A remote attacker could use \nthis issue to cause Samba to consume resources, resulting in a denial of \nservice. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0239)\n\nDaniel Berteaud discovered that the Samba NetBIOS name service daemon \nincorrectly handled certain malformed packets. A remote attacker could use \nthis issue to cause Samba to consume resources, resulting in a denial of \nservice. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and \nUbuntu 14.04 LTS. (CVE-2014-0244)\n\nSimon Arlott discovered that Samba incorrectly handled certain unicode path \nnames. A remote authenticated attacker could use this issue to cause Samba \nto stop responding, resulting in a denial of service. (CVE-2014-3493)", "edition": 5, "modified": "2014-06-26T00:00:00", "published": "2014-06-26T00:00:00", "id": "USN-2257-1", "href": "https://ubuntu.com/security/notices/USN-2257-1", "title": "Samba vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "slackware": [{"lastseen": "2020-10-25T16:36:16", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0178", "CVE-2014-0239", "CVE-2014-0244", "CVE-2014-3493"], "description": "New samba packages are available for Slackware 14.0, 14.1, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/samba-4.1.9-i486-1_slack14.1.txz: Upgraded.\n This update fixes bugs and security issues, including a flaw in Samba's\n internal DNS server which can be exploited to cause a denial of service,\n a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage\n configurations that use shadow_copy* for vfs objects to reveal potentially\n private server information, a denial of service on the nmbd NetBIOS name\n services daemon, and a denial of service crash involving overwriting\n memory on an authenticated connection to the smbd file server.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/samba-3.6.24-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/samba-3.6.24-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/samba-4.1.9-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/samba-4.1.9-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-4.1.9-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/samba-4.1.9-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n19e6778a1b642b051ec893b5fda161a0 samba-3.6.24-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\na18f536e4c31228132e594b1fa6f830a samba-3.6.24-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n44879c1d5400b830817def5730686937 samba-4.1.9-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n16cb8c3f747b0fdbaafc221bf5ce0aa6 samba-4.1.9-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n399198d155fcfa5d449237ea89828c98 n/samba-4.1.9-i486-1.txz\n\nSlackware x86_64 -current package:\n8eeb6a52026f809b04bc8a2820c5c5ef n/samba-4.1.9-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg samba-4.1.9-i486-1_slack14.1.txz\n\nThen, if Samba is running restart it:\n > /etc/rc.d/rc.samba restart", "modified": "2014-06-24T23:47:25", "published": "2014-06-24T23:47:25", "id": "SSA-2014-175-04", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.435311", "type": "slackware", "title": "[slackware-security] samba", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:56", "bulletinFamily": "software", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244", "CVE-2014-0239"], "description": "DoS, information leakage.", "edition": 1, "modified": "2014-06-26T00:00:00", "published": "2014-06-26T00:00:00", "id": "SECURITYVULNS:VULN:13854", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13854", "title": "Samba multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:52", "bulletinFamily": "software", "cvelist": ["CVE-2014-0178", "CVE-2014-3493", "CVE-2014-0244", "CVE-2014-0239"], "description": "\r\n\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n[slackware-security] samba (SSA:2014-175-04)\r\n\r\nNew samba packages are available for Slackware 14.0, 14.1, and -current to\r\nfix security issues.\r\n\r\n\r\nHere are the details from the Slackware 14.1 ChangeLog:\r\n+--------------------------+\r\npatches/packages/samba-4.1.9-i486-1_slack14.1.txz: Upgraded.\r\n This update fixes bugs and security issues, including a flaw in Samba's\r\n internal DNS server which can be exploited to cause a denial of service,\r\n a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage\r\n configurations that use shadow_copy* for vfs objects to reveal potentially\r\n private server information, a denial of service on the nmbd NetBIOS name\r\n services daemon, and a denial of service crash involving overwriting\r\n memory on an authenticated connection to the smbd file server.\r\n For more information, see:\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493\r\n (* Security fix *)\r\n+--------------------------+\r\n\r\n\r\nWhere to find the new packages:\r\n+-----------------------------+\r\n\r\nThanks to the friendly folks at the OSU Open Source Lab\r\n(http://osuosl.org) for donating FTP and rsync hosting\r\nto the Slackware project! \r\n\r\nAlso see the "Get Slack" section on http://slackware.com for\r\nadditional mirror sites near you.\r\n\r\nUpdated package for Slackware 14.0:\r\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/samba-3.6.24-i486-1_slack14.0.txz\r\n\r\nUpdated package for Slackware x86_64 14.0:\r\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/samba-3.6.24-x86_64-1_slack14.0.txz\r\n\r\nUpdated package for Slackware 14.1:\r\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/samba-4.1.9-i486-1_slack14.1.txz\r\n\r\nUpdated package for Slackware x86_64 14.1:\r\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/samba-4.1.9-x86_64-1_slack14.1.txz\r\n\r\nUpdated package for Slackware -current:\r\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-4.1.9-i486-1.txz\r\n\r\nUpdated package for Slackware x86_64 -current:\r\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/samba-4.1.9-x86_64-1.txz\r\n\r\n\r\nMD5 signatures:\r\n+-------------+\r\n\r\nSlackware 14.0 package:\r\n19e6778a1b642b051ec893b5fda161a0 samba-3.6.24-i486-1_slack14.0.txz\r\n\r\nSlackware x86_64 14.0 package:\r\na18f536e4c31228132e594b1fa6f830a samba-3.6.24-x86_64-1_slack14.0.txz\r\n\r\nSlackware 14.1 package:\r\n44879c1d5400b830817def5730686937 samba-4.1.9-i486-1_slack14.1.txz\r\n\r\nSlackware x86_64 14.1 package:\r\n16cb8c3f747b0fdbaafc221bf5ce0aa6 samba-4.1.9-x86_64-1_slack14.1.txz\r\n\r\nSlackware -current package:\r\n399198d155fcfa5d449237ea89828c98 n/samba-4.1.9-i486-1.txz\r\n\r\nSlackware x86_64 -current package:\r\n8eeb6a52026f809b04bc8a2820c5c5ef n/samba-4.1.9-x86_64-1.txz\r\n\r\n\r\nInstallation instructions:\r\n+------------------------+\r\n\r\nUpgrade the package as root:\r\n# upgradepkg samba-4.1.9-i486-1_slack14.1.txz\r\n\r\nThen, if Samba is running restart it:\r\n# /etc/rc.d/rc.samba restart\r\n\r\n\r\n+-----+\r\n\r\nSlackware Linux Security Team\r\nhttp://slackware.com/gpg-key\r\nsecurity@slackware.com\r\n\r\n+------------------------------------------------------------------------+\r\n| To leave the slackware-security mailing list: |\r\n+------------------------------------------------------------------------+\r\n| Send an email to majordomo@slackware.com with this text in the body of |\r\n| the email message: |\r\n| |\r\n| unsubscribe slackware-security |\r\n| |\r\n| You will get a confirmation message back containing instructions to |\r\n| complete the process. Please do not reply to this email address. |\r\n+------------------------------------------------------------------------+\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niEYEARECAAYFAlOqAvwACgkQakRjwEAQIjPUtACfTXoeWuteMRnKacgR4/1vn9ak\r\nFvEAnR+u969kkUIIp9eHkuyVe/HXw0d4\r\n=Ud/a\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-06-26T00:00:00", "published": "2014-06-26T00:00:00", "id": "SECURITYVULNS:DOC:30905", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30905", "title": "[slackware-security] samba (SSA:2014-175-04)", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "samba": [{"lastseen": "2020-12-24T13:20:59", "bulletinFamily": "software", "cvelist": ["CVE-2014-3493"], "description": "All current released versions of Samba are vulnerable to a denial of service on the smbd file server daemon.\nValid unicode path names stored on disk can cause smbd to crash if an authenticated client attempts to read them using a non-unicode request.\nThe crash is caused by memory being overwritten by zeros at a 4GB offset from the expected return buffer area, due to an invalid return code from a bad unicode to Windows character set conversion.\nCurrently it is not believed to be exploitable by an attacker, as there is no way to control the exact area of memory being overwritten. However, in the interests of safety this is being treated as a security issue.", "edition": 5, "modified": "2014-06-23T00:00:00", "published": "2014-06-23T00:00:00", "id": "SAMBA:CVE-2014-3493", "href": "https://www.samba.org/samba/security/CVE-2014-3493.html", "title": "Denial of service - Server crash/memory corruption ", "type": "samba", "cvss": {"score": 2.7, "vector": "AV:A/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-12-24T13:20:59", "bulletinFamily": "software", "cvelist": ["CVE-2014-0244"], "description": "All current released versions of Samba are vulnerable to a denial of service on the nmbd NetBIOS name services daemon. A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service.\nThis flaw is not exploitable beyond causing the code to loop expending CPU resources.", "edition": 5, "modified": "2014-06-23T00:00:00", "published": "2014-06-23T00:00:00", "id": "SAMBA:CVE-2014-0244", "href": "https://www.samba.org/samba/security/CVE-2014-0244.html", "title": "Denial of service - CPU loop ", "type": "samba", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6150", "CVE-2013-4408", "CVE-2013-4496", "CVE-2013-6442", "CVE-2014-0178", "CVE-2014-0244", "CVE-2014-3493"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2014-06-26T01:52:55", "published": "2014-06-26T01:52:55", "id": "FEDORA:408A62192D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: samba-4.1.9-3.fc20", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6150", "CVE-2013-4408", "CVE-2013-4496", "CVE-2013-6442", "CVE-2014-0178", "CVE-2014-0244", "CVE-2014-3493", "CVE-2014-3560"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2014-08-07T15:23:51", "published": "2014-08-07T15:23:51", "id": "FEDORA:2274E224F7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: samba-4.1.9-4.fc20", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6150", "CVE-2013-4408", "CVE-2013-4496", "CVE-2013-6442", "CVE-2014-0178", "CVE-2014-0244", "CVE-2014-3493", "CVE-2014-3560", "CVE-2015-0240"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2015-02-25T13:28:25", "published": "2015-02-25T13:28:25", "id": "FEDORA:567926090BCA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: samba-4.1.17-1.fc20", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6150", "CVE-2013-4124", "CVE-2013-4408", "CVE-2013-4475", "CVE-2013-4496", "CVE-2013-6442", "CVE-2014-0178", "CVE-2014-0244", "CVE-2014-3493"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2014-07-09T02:27:14", "published": "2014-07-09T02:27:14", "id": "FEDORA:76DD521D9A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: samba-4.0.19-1.fc19", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6150", "CVE-2013-4124", "CVE-2013-4408", "CVE-2013-4475", "CVE-2013-4496", "CVE-2013-6442", "CVE-2014-0178", "CVE-2014-0244", "CVE-2014-3493", "CVE-2014-3560"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2014-08-19T07:06:48", "published": "2014-08-19T07:06:48", "id": "FEDORA:0AC962092D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: samba-4.0.21-1.fc19", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:50", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4475", "CVE-2013-4496", "CVE-2014-0178", "CVE-2014-3493", "CVE-2013-4408", "CVE-2014-0244", "CVE-2012-6150", "CVE-2015-0240", "CVE-2013-4476", "CVE-2014-0239", "CVE-2013-4124"], "edition": 1, "description": "### Background\n\nSamba is a suite of SMB and CIFS client/server programs.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker may be able to execute arbitrary code, cause a Denial of Service condition, bypass intended file restrictions, or obtain sensitive information. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Samba users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-fs/samba-3.6.25\"", "modified": "2015-02-25T00:00:00", "published": "2015-02-25T00:00:00", "id": "GLSA-201502-15", "href": "https://security.gentoo.org/glsa/201502-15", "type": "gentoo", "title": "Samba: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
