Description
## Description
Samba releases 3.2.0 to 4.8.3 (inclusive) contain an error in
libsmbclient that could allow a malicious server to overwrite
client heap memory by returning an extra long filename in a directory
listing.
## Patch Availability
Patches addressing this issue have been posted to:
http://www.samba.org/samba/security/
Samba versions 4.6.16, 4.7.9 and 4.8.4 have been released with fixes for
this issue.
## Workaround
None
## Credits
This vulnerability was found by Svyatoslav Phirsov and was fixed
by Jeremy Allison of Google and the Samba team.
Related
{"id": "SAMBA:CVE-2018-10858", "type": "samba", "bulletinFamily": "info", "title": "Insufficient input validation on client directory", "description": "## Description\n\nSamba releases 3.2.0 to 4.8.3 (inclusive) contain an error in\nlibsmbclient that could allow a malicious server to overwrite\nclient heap memory by returning an extra long filename in a directory\nlisting.\n## Patch Availability\n\nPatches addressing this issue have been posted to:\n\n http://www.samba.org/samba/security/\n\nSamba versions 4.6.16, 4.7.9 and 4.8.4 have been released with fixes for\nthis issue.\n## Workaround\n\nNone\n## Credits\n\nThis vulnerability was found by Svyatoslav Phirsov and was fixed\nby Jeremy Allison of Google and the Samba team.", "published": "2018-08-14T00:00:00", "modified": "2018-08-14T00:00:00", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://www.samba.org/samba/security/CVE-2018-10858.html", "reporter": "Samba Security", "references": [], "cvelist": ["CVE-2018-10858"], "immutableFields": [], "lastseen": "2021-10-13T09:49:23", "viewCount": 506, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1126", "ALAS2-2018-1126"]}, {"type": "centos", "idList": ["CESA-2018:3056"]}, {"type": "cisa", "idList": ["CISA:8B61E91ADA9DFED3FD75B9079ED04596"]}, {"type": "cve", "idList": ["CVE-2018-10858"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4271-1:02F48", "DEBIAN:DSA-4271-1:FEBCF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-10858"]}, {"type": "fedora", "idList": ["FEDORA:28A79611A8DC", "FEDORA:6B54A611D00B", "FEDORA:80C5D6057708", "FEDORA:9951F624F57A", "FEDORA:D5AF26049ECF"]}, {"type": "freebsd", "idList": ["C4E9A427-9FC2-11E8-802A-000C29A1E3EC"]}, {"type": "gentoo", "idList": ["GLSA-202003-52"]}, {"type": "ibm", "idList": ["FF8DCAF5269CDB0552E4DD23632ECE05975BD0C298A785C73A2CD22105F5CB55"]}, {"type": "mageia", "idList": ["MGASA-2018-0424"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1126.NASL", "ALA_ALAS-2018-1126.NASL", "CENTOS_RHSA-2018-3056.NASL", "DEBIAN_DSA-4271.NASL", "EULEROS_SA-2019-1125.NASL", "EULEROS_SA-2019-1150.NASL", "EULEROS_SA-2019-1273.NASL", "EULEROS_SA-2019-1342.NASL", "EULEROS_SA-2019-1408.NASL", "FEDORA_2018-8E4D871867.NASL", "FEDORA_2018-BC22D6C7BC.NASL", "FREEBSD_PKG_C4E9A4279FC211E8802A000C29A1E3EC.NASL", "GENTOO_GLSA-202003-52.NASL", "NEWSTART_CGSL_NS-SA-2019-0069_SAMBA.NASL", "OPENSUSE-2018-890.NASL", "OPENSUSE-2018-891.NASL", "OPENSUSE-2019-617.NASL", "ORACLELINUX_ELSA-2018-3056.NASL", "REDHAT-RHSA-2018-2612.NASL", "REDHAT-RHSA-2018-2613.NASL", "REDHAT-RHSA-2018-3056.NASL", "REDHAT-RHSA-2018-3470.NASL", "SAMBA_4_6_15.NASL", "SLACKWARE_SSA_2018-229-02.NASL", "SL_20181030_SAMBA_ON_SL7_X.NASL", "SUSE_SU-2018-2318-1.NASL", "SUSE_SU-2018-2319-1.NASL", "SUSE_SU-2018-2320-1.NASL", "SUSE_SU-2018-2320-2.NASL", "SUSE_SU-2018-2321-1.NASL", "SUSE_SU-2018-2329-1.NASL", "SUSE_SU-2018-2339-1.NASL", "SUSE_SU-2018-2339-2.NASL", "UBUNTU_USN-3738-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704271", "OPENVAS:1361412562310813782", "OPENVAS:1361412562310843615", "OPENVAS:1361412562310851862", "OPENVAS:1361412562310852010", "OPENVAS:1361412562310874976", "OPENVAS:1361412562310874977", "OPENVAS:1361412562310874979", "OPENVAS:1361412562310875317", "OPENVAS:1361412562310875582", "OPENVAS:1361412562311220191125", "OPENVAS:1361412562311220191150", "OPENVAS:1361412562311220191273", "OPENVAS:1361412562311220191342", "OPENVAS:1361412562311220191408"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-3056"]}, {"type": "osv", "idList": ["OSV:DLA-1539-1", "OSV:DSA-4271-1"]}, {"type": "redhat", "idList": ["RHSA-2018:2612", "RHSA-2018:2613", "RHSA-2018:3056", "RHSA-2018:3470"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-10858"]}, {"type": "slackware", "idList": ["SSA-2018-229-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:2396-1", "OPENSUSE-SU-2018:2400-1"]}, {"type": "ubuntu", "idList": ["USN-3738-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10858"]}]}, "score": {"value": 0.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1126", "ALAS2-2018-1126"]}, {"type": "centos", "idList": ["CESA-2018:3056"]}, {"type": "cisa", "idList": ["CISA:8B61E91ADA9DFED3FD75B9079ED04596"]}, {"type": "cve", "idList": ["CVE-2018-10858"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4271-1:FEBCF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-10858"]}, {"type": "fedora", "idList": ["FEDORA:28A79611A8DC", "FEDORA:6B54A611D00B", "FEDORA:80C5D6057708", "FEDORA:9951F624F57A"]}, {"type": "freebsd", "idList": ["C4E9A427-9FC2-11E8-802A-000C29A1E3EC"]}, {"type": "gentoo", "idList": ["GLSA-202003-52"]}, {"type": "ibm", "idList": ["FF8DCAF5269CDB0552E4DD23632ECE05975BD0C298A785C73A2CD22105F5CB55"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/FREEBSD-CVE-2018-10858/"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1126.NASL", "ALA_ALAS-2018-1126.NASL", "CENTOS_RHSA-2018-3056.NASL", "DEBIAN_DSA-4271.NASL", "FEDORA_2018-8E4D871867.NASL", "FREEBSD_PKG_C4E9A4279FC211E8802A000C29A1E3EC.NASL", "GENTOO_GLSA-202003-52.NASL", "OPENSUSE-2018-890.NASL", "OPENSUSE-2018-891.NASL", "REDHAT-RHSA-2018-3056.NASL", "SAMBA_DETECT.NASL", "SLACKWARE_SSA_2018-229-02.NASL", "SUSE_SU-2018-2319-1.NASL", "SUSE_SU-2018-2320-1.NASL", "SUSE_SU-2018-2321-1.NASL", "SUSE_SU-2018-2329-1.NASL", "SUSE_SU-2018-2339-1.NASL", "UBUNTU_USN-3738-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704271", "OPENVAS:1361412562310843615", "OPENVAS:1361412562310851862", "OPENVAS:1361412562310852010", "OPENVAS:1361412562310874976", "OPENVAS:1361412562310874977", "OPENVAS:1361412562310874979"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-3056"]}, {"type": "redhat", "idList": ["RHSA-2018:2612"]}, {"type": "slackware", "idList": ["SSA-2018-229-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:2396-1", "OPENSUSE-SU-2018:2400-1"]}, {"type": "threatpost", "idList": ["THREATPOST:BC0CA0F92FAAD3AB1308DE070F2F66C8"]}, {"type": "ubuntu", "idList": ["USN-3738-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10858"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2018-10858", "epss": "0.014120000", "percentile": "0.844350000", "modified": "2023-03-20"}], "vulnersScore": 0.8}, "_state": {"dependencies": 1660004461, "score": 1659919836, "epss": 1679338714}, "_internal": {"score_hash": "fd71b19cb6b6a0652172120a7e6f9c58"}}
{"nessus": [{"lastseen": "2023-01-11T14:49:01", "description": "This update for samba fixes the following issues: The following security vulnerability was fixed :\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow (bsc#1103411) The following other bugs were fixed :\n\n - Fix libnss_wins.so.2 link libreplace with rpath (bsc#1054849)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : samba (SUSE-SU-2018:2320-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors0", "p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap0", "p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-2320-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111741", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2320-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111741);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-10858\");\n\n script_name(english:\"SUSE SLES12 Security Update : samba (SUSE-SU-2018:2320-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for samba fixes the following issues: The following\nsecurity vulnerability was fixed :\n\n - CVE-2018-10858: smbc_urlencode helper function is a\n subject to buffer overflow (bsc#1103411) The following\n other bugs were fixed :\n\n - Fix libnss_wins.so.2 link libreplace with rpath\n (bsc#1054849)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1054849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10858/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182320-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?495b4f5d\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2018-1557=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-1557=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-1557=1\n\nSUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch\nSUSE-SLE-HA-12-SP2-2018-1557=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2018-1557=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libdcerpc-binding0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libdcerpc-binding0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libdcerpc-binding0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libdcerpc-binding0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libdcerpc0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libdcerpc0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libdcerpc0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libdcerpc0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-krb5pac0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-krb5pac0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-krb5pac0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-krb5pac0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-nbt0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-nbt0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-nbt0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-nbt0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-standard0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-standard0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-standard0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr-standard0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libndr0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libnetapi0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libnetapi0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libnetapi0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libnetapi0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-credentials0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-credentials0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-credentials0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-credentials0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-errors0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-errors0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-errors0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-errors0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-hostconfig0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-hostconfig0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-hostconfig0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-hostconfig0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-passdb0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-passdb0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-passdb0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-passdb0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-util0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-util0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-util0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamba-util0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamdb0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamdb0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamdb0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsamdb0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbclient0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbclient0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbclient0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbclient0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbconf0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbconf0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbconf0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbconf0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbldap0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbldap0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbldap0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsmbldap0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libtevent-util0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libtevent-util0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libtevent-util0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libtevent-util0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwbclient0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwbclient0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwbclient0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwbclient0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-client-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-client-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-client-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-client-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-debugsource-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-libs-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-libs-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-libs-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-libs-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-winbind-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-winbind-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-winbind-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"samba-winbind-debuginfo-4.4.2-38.20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:41", "description": "This update for samba fixes the following issues: The following security issues were fixed :\n\n - CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient (bsc#1103411). The following other bugs were fixed :\n\n - s3:winbindd: allow a fallback to NTLMSSP for LDAP connections (bsc#1079449)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : samba (SUSE-SU-2018:2329-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ldapsmb", "p-cpe:/a:novell:suse_linux:libldb1", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:libtalloc2", "p-cpe:/a:novell:suse_linux:libtdb1", "p-cpe:/a:novell:suse_linux:libtevent0", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-krb-printing", "p-cpe:/a:novell:suse_linux:samba-winbind", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2018-2329-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111747", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2329-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111747);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10858\");\n\n script_name(english:\"SUSE SLES11 Security Update : samba (SUSE-SU-2018:2329-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for samba fixes the following issues: The following\nsecurity issues were fixed :\n\n - CVE-2018-10858: Insufficient input validation on client\n directory listing in libsmbclient (bsc#1103411). The\n following other bugs were fixed :\n\n - s3:winbindd: allow a fallback to NTLMSSP for LDAP\n connections (bsc#1079449)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1079449\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10858/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182329-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c685d383\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-samba-13726=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-samba-13726=1\n\nSUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch\nslessp3-samba-13726=1\n\nSUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch\nsleposp3-samba-13726=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-samba-13726=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch\ndbgsp3-samba-13726=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldapsmb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtalloc2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-krb-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libtalloc2-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libtdb1-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libtevent0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"samba-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"samba-client-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libsmbclient0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libtalloc2-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libtdb1-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libtevent0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libwbclient0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"samba-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"samba-client-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"samba-winbind-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ldapsmb-1.34b-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libldb1-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libsmbclient0-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libtalloc2-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libtdb1-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libtevent0-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwbclient0-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"samba-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"samba-client-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"samba-krb-printing-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"samba-winbind-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libtalloc2-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libtdb1-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libtevent0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-client-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libsmbclient0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libtalloc2-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libtdb1-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libtevent0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libwbclient0-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"samba-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"samba-client-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"samba-winbind-32bit-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"ldapsmb-1.34b-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libldb1-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libsmbclient0-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libtalloc2-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libtdb1-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libtevent0-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libwbclient0-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"samba-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"samba-client-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"samba-krb-printing-3.6.3-94.14.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"samba-winbind-3.6.3-94.14.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:51", "description": "This update for samba fixes the following issues: The following security vulnerability was fixed :\n\n - CVE-2018-10858: Fixed insufficient input validation on client directory listing in libsmbclient; (bsc#1103411);\n The following other change was made :\n\n - s3: winbind: Fix 'winbind normalize names' in wb_getpwsid();\n\n - winbind: honor 'winbind use default domain' with empty domain (bsc#1087303)\n\n - winbind: do not modify credentials in NTLM passthru (bsc#1068059)\n\n - net: fix net ads keytab handling (bsc#1067700)\n\n - fix vfs_ceph flock stub\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2018:2319-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors0", "p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap0", "p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-2319-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111740", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2319-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111740);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-10858\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2018:2319-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for samba fixes the following issues: The following\nsecurity vulnerability was fixed :\n\n - CVE-2018-10858: Fixed insufficient input validation on\n client directory listing in libsmbclient; (bsc#1103411);\n The following other change was made :\n\n - s3: winbind: Fix 'winbind normalize names' in\n wb_getpwsid();\n\n - winbind: honor 'winbind use default domain' with empty\n domain (bsc#1087303)\n\n - winbind: do not modify credentials in NTLM passthru\n (bsc#1068059)\n\n - net: fix net ads keytab handling (bsc#1067700)\n\n - fix vfs_ceph flock stub\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1067700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10858/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182319-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ad88d0e\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-1554=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-1554=1\n\nSUSE Linux Enterprise High Availability 12-SP3:zypper in -t patch\nSUSE-SLE-HA-12-SP3-2018-1554=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-1554=1\n\nSUSE Enterprise Storage 5:zypper in -t patch\nSUSE-Storage-5-2018-1554=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdcerpc-binding0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdcerpc-binding0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdcerpc-binding0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdcerpc-binding0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdcerpc0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdcerpc0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdcerpc0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libdcerpc0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-krb5pac0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-krb5pac0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-krb5pac0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-krb5pac0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-nbt0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-nbt0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-nbt0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-nbt0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-standard0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-standard0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-standard0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr-standard0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libndr0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libnetapi0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libnetapi0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libnetapi0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libnetapi0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-credentials0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-credentials0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-credentials0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-credentials0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-errors0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-errors0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-errors0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-errors0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-hostconfig0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-hostconfig0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-hostconfig0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-hostconfig0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-passdb0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-passdb0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-passdb0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-passdb0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-util0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-util0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-util0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamba-util0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamdb0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamdb0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamdb0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsamdb0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbclient0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbclient0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbclient0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbclient0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbconf0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbconf0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbconf0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbconf0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbldap0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbldap0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbldap0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsmbldap0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libtevent-util0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libtevent-util0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libtevent-util0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libtevent-util0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwbclient0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwbclient0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwbclient0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwbclient0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-client-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-client-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-client-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-client-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-debugsource-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-libs-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-libs-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-libs-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-libs-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-winbind-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-winbind-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-winbind-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"samba-winbind-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libdcerpc0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libdcerpc0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libdcerpc0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-nbt0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-nbt0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-nbt0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-standard0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-standard0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr-standard0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libndr0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libnetapi0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libnetapi0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libnetapi0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-credentials0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-credentials0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-credentials0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-errors0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-errors0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-errors0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-passdb0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-passdb0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-passdb0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-util0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-util0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamba-util0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamdb0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamdb0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsamdb0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbclient0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbclient0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbclient0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbconf0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbconf0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbconf0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbldap0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbldap0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbldap0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsmbldap0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libtevent-util0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libtevent-util0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libtevent-util0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwbclient0-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwbclient0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwbclient0-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-client-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-client-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-client-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-debugsource-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-libs-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-libs-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-libs-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-winbind-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-winbind-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"samba-winbind-debuginfo-4.6.14+git.157.c2d53c2b191-3.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:25", "description": "This update for samba fixes the following issues :\n\nThe following security vulnerability was fixed :\n\n - CVE-2018-10858: Fixed insufficient input validation on client directory listing in libsmbclient; (bsc#1103411);\n\nThe following other change was made :\n\n - s3: winbind: Fix 'winbind normalize names' in wb_getpwsid();\n\n - winbind: honor 'winbind use default domain' with empty domain (bsc#1087303)\n\n - winbind: do not modify credentials in NTLM passthru (bsc#1068059)\n\n - net: fix net ads keytab handling (bsc#1067700)\n\n - fix vfs_ceph flock stub\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update project.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : samba (openSUSE-2018-890)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-tests", "p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libdcerpc0", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libndr-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac0", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt-devel", "p-cpe:/a:novell:opensuse:libndr-nbt0", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libndr-standard-devel", "p-cpe:/a:novell:opensuse:libndr-standard0", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit", "p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libndr0", "p-cpe:/a:novell:opensuse:libndr0-32bit", "p-cpe:/a:novell:opensuse:libndr0-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libnetapi-devel", "p-cpe:/a:novell:opensuse:libnetapi0", "p-cpe:/a:novell:opensuse:libnetapi0-32bit", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials-devel", "p-cpe:/a:novell:opensuse:libsamba-credentials0", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsamba-errors-devel", "p-cpe:/a:novell:opensuse:libsamba-errors0", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit", "p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb-devel", "p-cpe:/a:novell:opensuse:libsamba-passdb0", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamba-policy0", "p-cpe:/a:novell:opensuse:libsamba-policy0-32bit", "p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsamba-util-devel", "p-cpe:/a:novell:opensuse:libsamba-util0", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit", "p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsamdb-devel", "p-cpe:/a:novell:opensuse:libsamdb0", "p-cpe:/a:novell:opensuse:libsamdb0-32bit", "p-cpe:/a:novell:opensuse:libsamdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsmbclient-devel", "p-cpe:/a:novell:opensuse:libsmbclient0", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsmbconf-devel", "p-cpe:/a:novell:opensuse:libsmbconf0", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsmbldap-devel", "p-cpe:/a:novell:opensuse:libsmbldap0", "p-cpe:/a:novell:opensuse:libsmbldap0-32bit", "p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libtevent-util-devel", "p-cpe:/a:novell:opensuse:libtevent-util0", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit", "p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libwbclient-devel", "p-cpe:/a:novell:opensuse:libwbclient0", "p-cpe:/a:novell:opensuse:libwbclient0-32bit", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:samba-ceph-debuginfo", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:samba-client-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-debuginfo-32bit", "p-cpe:/a:novell:opensuse:samba-core-devel", "p-cpe:/a:novell:opensuse:samba-debuginfo", "p-cpe:/a:novell:opensuse:samba-debugsource", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:samba-libs-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:samba-pidl", "p-cpe:/a:novell:opensuse:samba-python", "p-cpe:/a:novell:opensuse:samba-python-debuginfo", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:samba-test-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:samba-winbind-32bit", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo-32bit", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-890.NASL", "href": "https://www.tenable.com/plugins/nessus/111999", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-890.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111999);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10858\");\n\n script_name(english:\"openSUSE Security Update : samba (openSUSE-2018-890)\");\n script_summary(english:\"Check for the openSUSE-2018-890 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for samba fixes the following issues :\n\nThe following security vulnerability was fixed :\n\n - CVE-2018-10858: Fixed insufficient input validation on\n client directory listing in libsmbclient; (bsc#1103411);\n\nThe following other change was made :\n\n - s3: winbind: Fix 'winbind normalize names' in\n wb_getpwsid();\n\n - winbind: honor 'winbind use default domain' with empty\n domain (bsc#1087303)\n\n - winbind: do not modify credentials in NTLM passthru\n (bsc#1068059)\n\n - net: fix net ads keytab handling (bsc#1067700)\n\n - fix vfs_ceph flock stub\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1067700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1068059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ctdb-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ctdb-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ctdb-tests-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ctdb-tests-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libdcerpc-binding0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libdcerpc-binding0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libdcerpc-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libdcerpc-samr-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libdcerpc-samr0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libdcerpc-samr0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libdcerpc0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libdcerpc0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr-krb5pac-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr-krb5pac0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr-krb5pac0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr-nbt-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr-nbt0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr-nbt0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr-standard-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr-standard0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr-standard0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libndr0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libnetapi-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libnetapi0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libnetapi0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-credentials-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-credentials0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-credentials0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-errors-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-errors0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-errors0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-hostconfig-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-hostconfig0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-hostconfig0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-passdb-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-passdb0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-passdb0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-policy-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-policy0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-policy0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-util-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-util0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamba-util0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamdb-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamdb0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsamdb0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsmbclient-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsmbclient0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsmbclient0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsmbconf-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsmbconf0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsmbconf0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsmbldap-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsmbldap0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsmbldap0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libtevent-util-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libtevent-util0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libtevent-util0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libwbclient-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libwbclient0-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libwbclient0-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-client-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-client-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-core-devel-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-debugsource-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-libs-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-libs-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-pidl-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-python-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-python-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-test-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-test-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-winbind-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"samba-winbind-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libdcerpc0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libndr-nbt0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libndr-standard0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libndr0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libnetapi0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-credentials0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-errors0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-passdb0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-policy0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-policy0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamba-util0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsamdb0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsmbclient0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsmbconf0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsmbldap0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsmbldap0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libtevent-util0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libwbclient0-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"samba-ceph-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"samba-client-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"samba-libs-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"samba-winbind-debuginfo-32bit-4.6.14+git.157.c2d53c2b191-18.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-debuginfo / ctdb-tests / ctdb-tests-debuginfo / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:51", "description": "This update for samba fixes the following issues :\n\nThe following security vulnerability was fixed :\n\nCVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow (bsc#1103411)\n\nThe following other bugs were fixed: Fix libnss_wins.so.2 link libreplace with rpath (bsc#1054849)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-22T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : samba (SUSE-SU-2018:2320-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2022-02-04T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors0", "p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap0", "p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-2320-2.NASL", "href": "https://www.tenable.com/plugins/nessus/118278", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2320-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118278);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/04\");\n\n script_cve_id(\"CVE-2018-10858\");\n\n script_name(english:\"SUSE SLES12 Security Update : samba (SUSE-SU-2018:2320-2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for samba fixes the following issues :\n\nThe following security vulnerability was fixed :\n\nCVE-2018-10858: smbc_urlencode helper function is a subject to buffer\noverflow (bsc#1103411)\n\nThe following other bugs were fixed: Fix libnss_wins.so.2 link\nlibreplace with rpath (bsc#1054849)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1054849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10858/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182320-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?502cdee6\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2018-1557=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbclient0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbclient0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbclient0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-client-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-client-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-client-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-debugsource-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-debuginfo-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-debuginfo-32bit-4.4.2-38.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-debuginfo-4.4.2-38.20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:29", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues :\n\n - CVE-2018-10858 Svyatoslav Phirsov discovered that insufficient input validation in libsmbclient allowed a malicious Samba server to write to the client's heap memory.\n\n - CVE-2018-10919 Phillip Kuhrt discovered that Samba when acting as an Active Domain controller disclosed some sensitive attributes.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "Debian DSA-4271-1 : samba - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2018-11-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:samba", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4271.NASL", "href": "https://www.tenable.com/plugins/nessus/111706", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4271. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111706);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10919\");\n script_xref(name:\"DSA\", value:\"4271\");\n\n script_name(english:\"Debian DSA-4271-1 : samba - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS\nfile, print, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues :\n\n - CVE-2018-10858\n Svyatoslav Phirsov discovered that insufficient input\n validation in libsmbclient allowed a malicious Samba\n server to write to the client's heap memory.\n\n - CVE-2018-10919\n Phillip Kuhrt discovered that Samba when acting as an\n Active Domain controller disclosed some sensitive\n attributes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-10858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-10919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/samba\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/samba\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4271\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the samba packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2:4.5.12+dfsg-2+deb9u3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"ctdb\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-winbind\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpam-winbind\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libparse-pidl-perl\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsmbclient\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsmbclient-dev\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwbclient-dev\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwbclient0\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-samba\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"registry-tools\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-common\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-common-bin\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-dev\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-dsdb-modules\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-libs\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-testsuite\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-vfs-modules\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"smbclient\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"winbind\", reference:\"2:4.5.12+dfsg-2+deb9u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:02", "description": "This update for samba fixes the following issues: The following security issues were fixed :\n\n - CVE-2018-1050: Fixed denial of service vulnerability when SPOOLSS is run externally (bsc#1081741).\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow (bsc#1103411)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-16T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : samba (SUSE-SU-2018:2339-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ctdb", "p-cpe:/a:novell:suse_linux:ctdb-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-atsvc0", "p-cpe:/a:novell:suse_linux:libdcerpc-atsvc0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:libgensec0", "p-cpe:/a:novell:suse_linux:libgensec0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:libregistry0", "p-cpe:/a:novell:suse_linux:libregistry0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient-raw0", "p-cpe:/a:novell:suse_linux:libsmbclient-raw0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap0", "p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-2339-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111785", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2339-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111785);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\");\n\n script_name(english:\"SUSE SLES12 Security Update : samba (SUSE-SU-2018:2339-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for samba fixes the following issues: The following\nsecurity issues were fixed :\n\n - CVE-2018-1050: Fixed denial of service vulnerability\n when SPOOLSS is run externally (bsc#1081741).\n\n - CVE-2018-10858: smbc_urlencode helper function is a\n subject to buffer overflow (bsc#1103411)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1081741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1050/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10858/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182339-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c7af166b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2018-1574=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-1574=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-1574=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-1574=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-1574=1\n\nSUSE Linux Enterprise High Availability 12-SP1:zypper in -t patch\nSUSE-SLE-HA-12-SP1-2018-1574=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2018-1574=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-atsvc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-atsvc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgensec0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgensec0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libregistry0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libregistry0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient-raw0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient-raw0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ctdb-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ctdb-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libdcerpc-binding0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libdcerpc-binding0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libdcerpc-binding0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libdcerpc-binding0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libdcerpc0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libdcerpc0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libdcerpc0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libdcerpc0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgensec0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgensec0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgensec0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgensec0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-krb5pac0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-krb5pac0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-krb5pac0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-krb5pac0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-nbt0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-nbt0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-nbt0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-nbt0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-standard0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-standard0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-standard0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr-standard0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libndr0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libnetapi0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libnetapi0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libnetapi0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libnetapi0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libregistry0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libregistry0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-credentials0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-credentials0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-credentials0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-credentials0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-hostconfig0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-hostconfig0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-hostconfig0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-hostconfig0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-passdb0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-passdb0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-passdb0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-passdb0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-util0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-util0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-util0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamba-util0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamdb0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamdb0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamdb0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsamdb0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbclient-raw0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbclient-raw0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbclient-raw0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbclient-raw0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbclient0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbclient0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbclient0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbclient0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbconf0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbconf0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbconf0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbconf0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbldap0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbldap0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbldap0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsmbldap0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libtevent-util0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libtevent-util0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libtevent-util0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libtevent-util0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwbclient0-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwbclient0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwbclient0-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwbclient0-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-client-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-client-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-client-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-client-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-debugsource-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-libs-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-libs-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-libs-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-libs-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-winbind-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-winbind-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-winbind-debuginfo-32bit-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"samba-winbind-debuginfo-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libdcerpc-atsvc0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libdcerpc-atsvc0-debuginfo-4.2.4-28.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:54", "description": "New samba packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-20T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2018-229-02)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2018-11-29T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:samba", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2018-229-02.NASL", "href": "https://www.tenable.com/plugins/nessus/111996", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2018-229-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111996);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/29 13:47:55\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10919\");\n script_xref(name:\"SSA\", value:\"2018-229-02\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2018-229-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New samba packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.467546\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?05579742\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected samba package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"samba\", pkgver:\"4.8.4\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.8.4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:00", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n - samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : samba (EulerOS-SA-2019-1125)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-python", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1125.NASL", "href": "https://www.tenable.com/plugins/nessus/123599", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123599);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1050\",\n \"CVE-2018-10858\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : samba (EulerOS-SA-2019-1125)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - samba: Insufficient input validation in libsmbclient\n (CVE-2018-10858)\n\n - samba: NULL pointer dereference in printer server\n process (CVE-2018-1050)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1125\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9c47791f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.6.2-8.h6\",\n \"libwbclient-4.6.2-8.h6\",\n \"samba-4.6.2-8.h6\",\n \"samba-client-4.6.2-8.h6\",\n \"samba-client-libs-4.6.2-8.h6\",\n \"samba-common-4.6.2-8.h6\",\n \"samba-common-libs-4.6.2-8.h6\",\n \"samba-common-tools-4.6.2-8.h6\",\n \"samba-libs-4.6.2-8.h6\",\n \"samba-python-4.6.2-8.h6\",\n \"samba-winbind-4.6.2-8.h6\",\n \"samba-winbind-clients-4.6.2-8.h6\",\n \"samba-winbind-modules-4.6.2-8.h6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:19", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.\n (CVE-2018-1050)\n\n - A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.(CVE-2018-10858)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.3 : samba (EulerOS-SA-2019-1273)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "cpe:/o:huawei:euleros:uvp:2.5.3"], "id": "EULEROS_SA-2019-1273.NASL", "href": "https://www.tenable.com/plugins/nessus/123741", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123741);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1050\",\n \"CVE-2018-10858\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.3 : samba (EulerOS-SA-2019-1273)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A null pointer dereference flaw was found in Samba RPC\n external printer service. An attacker could use this\n flaw to cause the printer spooler service to crash.\n (CVE-2018-1050)\n\n - A heap-buffer overflow was found in the way samba\n clients processed extra long filename in a directory\n listing. A malicious samba server could use this flaw\n to cause arbitrary code execution on a samba\n client.(CVE-2018-10858)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1273\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5fbe1d94\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.3\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.3\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.6.2-8.h6\",\n \"libwbclient-4.6.2-8.h6\",\n \"samba-client-libs-4.6.2-8.h6\",\n \"samba-common-4.6.2-8.h6\",\n \"samba-common-libs-4.6.2-8.h6\",\n \"samba-common-tools-4.6.2-8.h6\",\n \"samba-libs-4.6.2-8.h6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:21", "description": "This update for samba fixes the following issues :\n\nThe following security issues were fixed :\n\nCVE-2018-1050: Fixed denial of service vulnerability when SPOOLSS is run externally (bsc#1081741).\n\nCVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow (bsc#1103411)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-22T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : samba (SUSE-SU-2018:2339-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858"], "modified": "2022-02-04T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libdcerpc-atsvc0", "p-cpe:/a:novell:suse_linux:libdcerpc-atsvc0-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-2339-2.NASL", "href": "https://www.tenable.com/plugins/nessus/118282", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2339-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118282);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/04\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\");\n\n script_name(english:\"SUSE SLES12 Security Update : samba (SUSE-SU-2018:2339-2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for samba fixes the following issues :\n\nThe following security issues were fixed :\n\nCVE-2018-1050: Fixed denial of service vulnerability when SPOOLSS is\nrun externally (bsc#1081741).\n\nCVE-2018-10858: smbc_urlencode helper function is a subject to buffer\noverflow (bsc#1103411)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1081741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1050/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10858/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182339-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?669dc902\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2018-1574=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-atsvc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-atsvc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-atsvc0-4.2.4-28.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-atsvc0-debuginfo-4.2.4-28.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:27:07", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon.\n Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.(CVE-2018-1050)\n\n - A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.\n Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.(CVE-2018-10858)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-06T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : samba (EulerOS-SA-2019-1342)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-python", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1342.NASL", "href": "https://www.tenable.com/plugins/nessus/124628", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124628);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1050\",\n \"CVE-2018-10858\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : samba (EulerOS-SA-2019-1342)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - All versions of Samba from 4.0.0 onwards are vulnerable\n to a denial of service attack when the RPC spoolss\n service is configured to be run as an external daemon.\n Missing input sanitization checks on some of the input\n parameters to spoolss RPC calls could cause the print\n spooler service to crash.(CVE-2018-1050)\n\n - A heap-buffer overflow was found in the way samba\n clients processed extra long filename in a directory\n listing. A malicious samba server could use this flaw\n to cause arbitrary code execution on a samba client.\n Samba versions before 4.6.16, 4.7.9 and 4.8.4 are\n vulnerable.(CVE-2018-10858)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1342\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?01c48fff\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.6.2-8.h6\",\n \"libwbclient-4.6.2-8.h6\",\n \"samba-4.6.2-8.h6\",\n \"samba-client-4.6.2-8.h6\",\n \"samba-client-libs-4.6.2-8.h6\",\n \"samba-common-4.6.2-8.h6\",\n \"samba-common-libs-4.6.2-8.h6\",\n \"samba-common-tools-4.6.2-8.h6\",\n \"samba-libs-4.6.2-8.h6\",\n \"samba-python-4.6.2-8.h6\",\n \"samba-winbind-4.6.2-8.h6\",\n \"samba-winbind-clients-4.6.2-8.h6\",\n \"samba-winbind-modules-4.6.2-8.h6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:21", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n - samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : samba (EulerOS-SA-2019-1150)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-python", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1150.NASL", "href": "https://www.tenable.com/plugins/nessus/123624", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123624);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1050\",\n \"CVE-2018-10858\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : samba (EulerOS-SA-2019-1150)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - samba: Insufficient input validation in libsmbclient\n (CVE-2018-10858)\n\n - samba: NULL pointer dereference in printer server\n process (CVE-2018-1050)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1150\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?badcc9b9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.7.1-9.h2.eulerosv2r7\",\n \"libwbclient-4.7.1-9.h2.eulerosv2r7\",\n \"samba-4.7.1-9.h2.eulerosv2r7\",\n \"samba-client-4.7.1-9.h2.eulerosv2r7\",\n \"samba-client-libs-4.7.1-9.h2.eulerosv2r7\",\n \"samba-common-4.7.1-9.h2.eulerosv2r7\",\n \"samba-common-libs-4.7.1-9.h2.eulerosv2r7\",\n \"samba-common-tools-4.7.1-9.h2.eulerosv2r7\",\n \"samba-libs-4.7.1-9.h2.eulerosv2r7\",\n \"samba-python-4.7.1-9.h2.eulerosv2r7\",\n \"samba-winbind-4.7.1-9.h2.eulerosv2r7\",\n \"samba-winbind-clients-4.7.1-9.h2.eulerosv2r7\",\n \"samba-winbind-modules-4.7.1-9.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:07", "description": "Updated samba packages that fix several security issues and provide several bug fixes and an enhancement are now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer indirection in printer server process (CVE-2018-1050)\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red Hat) as the original reporter of CVE-2018-1139.\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Previously, sharing a subdirectory of a Gluster volume failed with an I/O error when the shadow_copy2 vfs object was specified. This occurred because Gluster volumes are remote file systems, and shadow_copy2 only detected share paths in the local file system. This update forces the value of shadow:mountpath to '/', skipping the code related to mount point detection, and preventing this problem.\nHowever, this fix requires that the glusterfs vfs object is listed after the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)\n\n* As of Red Hat Gluster Storage 3.4, the libldb package is no longer shipped as an independent package in the Red Hat Gluster Storage Samba channel. The capabilities of the libldb package are now provided by a combination of the samba-client and samba-client-libs packages. In addition, the sub-packages previously provided by libldb are now provided by the samba-client and samba-client-libs packages. The samba-client sub-package provides ldb-tools, and the samba-client-libs sub-package provides pyldb. (BZ# 1592794)\n\nEnhancement(s) :\n\n* Red Hat Gluster Storage volumes exported using SMB can now be mounted on macOS clients using Finder. Configuration instructions are provided as part of the Red Hat Gluster Storage 3.4 documentation.\n(BZ#1446125) Red Hat strongly recommends upgrading to these updated packages.\n\nDisabled on 2018/11/06. Detection of Gluster Storage Server on RHEL 6 is no longer possible due to changes in Gluster package versioning.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-09-06T00:00:00", "type": "nessus", "title": "RHEL 6 : Storage Server (RHSA-2018:2612) (deprecated)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ctdb", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:libtalloc", "p-cpe:/a:redhat:enterprise_linux:libtalloc-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libtalloc-devel", "p-cpe:/a:redhat:enterprise_linux:libtdb", "p-cpe:/a:redhat:enterprise_linux:libtdb-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libtdb-devel", "p-cpe:/a:redhat:enterprise_linux:libtevent", "p-cpe:/a:redhat:enterprise_linux:libtevent-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libtevent-devel", "p-cpe:/a:redhat:enterprise_linux:libwbclient", "p-cpe:/a:redhat:enterprise_linux:libwbclient-devel", "p-cpe:/a:redhat:enterprise_linux:pytalloc", "p-cpe:/a:redhat:enterprise_linux:pytalloc-devel", "p-cpe:/a:redhat:enterprise_linux:python-tdb", "p-cpe:/a:redhat:enterprise_linux:python-tevent", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-client-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-common-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common-tools", "p-cpe:/a:redhat:enterprise_linux:samba-dc", "p-cpe:/a:redhat:enterprise_linux:samba-dc-libs", "p-cpe:/a:redhat:enterprise_linux:samba-debuginfo", "p-cpe:/a:redhat:enterprise_linux:samba-devel", "p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing", "p-cpe:/a:redhat:enterprise_linux:samba-libs", "p-cpe:/a:redhat:enterprise_linux:samba-pidl", "p-cpe:/a:redhat:enterprise_linux:samba-python", "p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules", "p-cpe:/a:redhat:enterprise_linux:tdb-tools", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2018-2612.NASL", "href": "https://www.tenable.com/plugins/nessus/117319", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2612. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/11/06. Detection of Gluster Storage Server on\n# RHEL 6 is no longer possible due to changes in Gluster package versioning. \n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117319);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"RHSA\", value:\"2018:2612\");\n\n script_name(english:\"RHEL 6 : Storage Server (RHSA-2018:2612) (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix several security issues and provide\nseveral bug fixes and an enhancement are now available for Red Hat\nGluster Storage 3.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) protocol and the related Common Internet File System (CIFS)\nprotocol, which allow PC-compatible machines to share files, printers,\nand various information.\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\n* samba: NULL pointer indirection in printer server process\n(CVE-2018-1050)\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red\nHat) as the original reporter of CVE-2018-1139.\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nBug Fix(es) :\n\n* Previously, sharing a subdirectory of a Gluster volume failed with\nan I/O error when the shadow_copy2 vfs object was specified. This\noccurred because Gluster volumes are remote file systems, and\nshadow_copy2 only detected share paths in the local file system. This\nupdate forces the value of shadow:mountpath to '/', skipping the code\nrelated to mount point detection, and preventing this problem.\nHowever, this fix requires that the glusterfs vfs object is listed\nafter the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)\n\n* As of Red Hat Gluster Storage 3.4, the libldb package is no longer\nshipped as an independent package in the Red Hat Gluster Storage Samba\nchannel. The capabilities of the libldb package are now provided by a\ncombination of the samba-client and samba-client-libs packages. In\naddition, the sub-packages previously provided by libldb are now\nprovided by the samba-client and samba-client-libs packages. The\nsamba-client sub-package provides ldb-tools, and the samba-client-libs\nsub-package provides pyldb. (BZ# 1592794)\n\nEnhancement(s) :\n\n* Red Hat Gluster Storage volumes exported using SMB can now be\nmounted on macOS clients using Finder. Configuration instructions are\nprovided as part of the Red Hat Gluster Storage 3.4 documentation.\n(BZ#1446125) Red Hat strongly recommends upgrading to these updated\npackages.\n\nDisabled on 2018/11/06. Detection of Gluster Storage Server on RHEL 6\nis no longer possible due to changes in Gluster package versioning.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2018-2612.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2018-1050.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2018-1139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2018-10858.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pytalloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pytalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tdb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Detection of Gluster Storage Server on RHEL 6 is no longer possible due to changes in Gluster package versioning.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2612\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"glusterfs-3.12.2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Storage Server\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ctdb-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libsmbclient-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtalloc-2.1.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtalloc-debuginfo-2.1.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtalloc-devel-2.1.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtdb-1.3.15-4.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtdb-debuginfo-1.3.15-4.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtdb-devel-1.3.15-4.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtevent-0.9.35-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtevent-debuginfo-0.9.35-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libtevent-devel-0.9.35-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libwbclient-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"pytalloc-2.1.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"pytalloc-devel-2.1.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-tdb-1.3.15-4.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-tevent-0.9.35-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-client-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-client-libs-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"samba-common-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-common-libs-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-common-tools-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-dc-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-debuginfo-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-devel-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-libs-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"samba-pidl-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-python-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.7.5-110.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tdb-tools-1.3.15-4.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / libsmbclient / libsmbclient-devel / libtalloc / etc\");\n }\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:47", "description": "A NULL pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.(CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.(CVE-2018-10858)\n\nA flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.(CVE-2018-1139)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-20T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : samba (ALAS-2018-1126)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2020-03-27T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ctdb", "p-cpe:/a:amazon:linux:ctdb-tests", "p-cpe:/a:amazon:linux:libsmbclient", "p-cpe:/a:amazon:linux:libsmbclient-devel", "p-cpe:/a:amazon:linux:libwbclient", "p-cpe:/a:amazon:linux:libwbclient-devel", "p-cpe:/a:amazon:linux:samba", "p-cpe:/a:amazon:linux:samba-client", "p-cpe:/a:amazon:linux:samba-client-libs", "p-cpe:/a:amazon:linux:samba-common", "p-cpe:/a:amazon:linux:samba-common-libs", "p-cpe:/a:amazon:linux:samba-common-tools", "p-cpe:/a:amazon:linux:samba-dc", "p-cpe:/a:amazon:linux:samba-dc-libs", "p-cpe:/a:amazon:linux:samba-debuginfo", "p-cpe:/a:amazon:linux:samba-devel", "p-cpe:/a:amazon:linux:samba-krb5-printing", "p-cpe:/a:amazon:linux:samba-libs", "p-cpe:/a:amazon:linux:samba-pidl", "p-cpe:/a:amazon:linux:samba-python", "p-cpe:/a:amazon:linux:samba-python-test", "p-cpe:/a:amazon:linux:samba-test", "p-cpe:/a:amazon:linux:samba-test-libs", "p-cpe:/a:amazon:linux:samba-vfs-glusterfs", "p-cpe:/a:amazon:linux:samba-winbind", "p-cpe:/a:amazon:linux:samba-winbind-clients", "p-cpe:/a:amazon:linux:samba-winbind-krb5-locator", "p-cpe:/a:amazon:linux:samba-winbind-modules", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2018-1126.NASL", "href": "https://www.tenable.com/plugins/nessus/119781", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-1126.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119781);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/27\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"ALAS\", value:\"2018-1126\");\n\n script_name(english:\"Amazon Linux 2 : samba (ALAS-2018-1126)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was found in Samba RPC external\nprinter service. An attacker could use this flaw to cause the printer\nspooler service to crash.(CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed\nextra long filename in a directory listing. A malicious samba server\ncould use this flaw to cause arbitrary code execution on a samba\nclient.(CVE-2018-10858)\n\nA flaw was found in the way samba allowed the use of weak NTLMv1\nauthentication even when NTLMv1 was explicitly disabled. A\nman-in-the-middle attacker could use this flaw to read the credential\nand other details passed between the samba server and\nclient.(CVE-2018-1139)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-1126.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update samba' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"ctdb-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"ctdb-tests-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libsmbclient-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libsmbclient-devel-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libwbclient-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libwbclient-devel-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-client-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-client-libs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-common-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-common-libs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-common-tools-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-dc-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-dc-libs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-debuginfo-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-devel-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-krb5-printing-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-libs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-pidl-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-python-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-python-test-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-test-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-test-libs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-winbind-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-winbind-clients-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-winbind-krb5-locator-4.8.3-4.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"samba-winbind-modules-4.8.3-4.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-tests / libsmbclient / libsmbclient-devel / libwbclient / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:26", "description": "An update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das (Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-31T00:00:00", "type": "nessus", "title": "RHEL 7 : samba (RHSA-2018:3056)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2022-02-01T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ctdb", "p-cpe:/a:redhat:enterprise_linux:ctdb-tests", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:libwbclient", "p-cpe:/a:redhat:enterprise_linux:libwbclient-devel", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-client-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-common-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common-tools", "p-cpe:/a:redhat:enterprise_linux:samba-dc", "p-cpe:/a:redhat:enterprise_linux:samba-dc-libs", "p-cpe:/a:redhat:enterprise_linux:samba-debuginfo", "p-cpe:/a:redhat:enterprise_linux:samba-devel", "p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing", "p-cpe:/a:redhat:enterprise_linux:samba-libs", "p-cpe:/a:redhat:enterprise_linux:samba-pidl", "p-cpe:/a:redhat:enterprise_linux:samba-python", "p-cpe:/a:redhat:enterprise_linux:samba-python-test", "p-cpe:/a:redhat:enterprise_linux:samba-test", "p-cpe:/a:redhat:enterprise_linux:samba-test-libs", "p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-3056.NASL", "href": "https://www.tenable.com/plugins/nessus/118519", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:3056. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118519);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/01\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-1139\", \"CVE-2018-10858\");\n script_xref(name:\"RHSA\", value:\"2018:3056\");\n\n script_name(english:\"RHEL 7 : samba (RHSA-2018:3056)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) protocol and the related Common Internet File System (CIFS)\nprotocol, which allow PC-compatible machines to share files, printers,\nand various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process\n(CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das\n(Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.6 Release Notes linked from the References section.\");\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3395ff0b\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:3056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-1050\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-1139\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10858\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:3056\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"ctdb-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ctdb-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"ctdb-tests-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ctdb-tests-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libsmbclient-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libsmbclient-devel-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libwbclient-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libwbclient-devel-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-client-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-client-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-client-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-common-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-common-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-common-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-common-tools-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-common-tools-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-dc-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-dc-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-dc-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-debuginfo-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-devel-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-krb5-printing-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-pidl-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-python-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-python-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-python-test-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-python-test-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-test-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-test-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-test-libs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-winbind-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-winbind-clients-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"samba-winbind-krb5-locator-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.8.3-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-winbind-modules-4.8.3-4.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-tests / libsmbclient / libsmbclient-devel / libwbclient / etc\");\n }\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:54", "description": "Security Fix(es) :\n\n - samba: Weak authentication protocol regression (CVE-2018-1139)\n\n - samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n - samba: NULL pointer dereference in printer server process (CVE-2018-1050)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-27T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : samba on SL7.x x86_64 (20181030)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2020-07-01T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:libsmbclient", "p-cpe:/a:fermilab:scientific_linux:libsmbclient-devel", "p-cpe:/a:fermilab:scientific_linux:libwbclient", "p-cpe:/a:fermilab:scientific_linux:libwbclient-devel", "p-cpe:/a:fermilab:scientific_linux:samba", "p-cpe:/a:fermilab:scientific_linux:samba-client", "p-cpe:/a:fermilab:scientific_linux:samba-client-libs", "p-cpe:/a:fermilab:scientific_linux:samba-common", "p-cpe:/a:fermilab:scientific_linux:samba-common-libs", "p-cpe:/a:fermilab:scientific_linux:samba-common-tools", "p-cpe:/a:fermilab:scientific_linux:samba-dc", "p-cpe:/a:fermilab:scientific_linux:samba-dc-libs", "p-cpe:/a:fermilab:scientific_linux:samba-debuginfo", "p-cpe:/a:fermilab:scientific_linux:samba-devel", "p-cpe:/a:fermilab:scientific_linux:samba-krb5-printing", "p-cpe:/a:fermilab:scientific_linux:samba-libs", "p-cpe:/a:fermilab:scientific_linux:samba-pidl", "p-cpe:/a:fermilab:scientific_linux:samba-python", "p-cpe:/a:fermilab:scientific_linux:samba-python-test", "p-cpe:/a:fermilab:scientific_linux:samba-test", "p-cpe:/a:fermilab:scientific_linux:samba-test-libs", "p-cpe:/a:fermilab:scientific_linux:samba-vfs-glusterfs", "p-cpe:/a:fermilab:scientific_linux:samba-winbind", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-clients", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-krb5-locator", "p-cpe:/a:fermilab:scientific_linux:samba-winbind-modules", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20181030_SAMBA_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/119198", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119198);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/01\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n\n script_name(english:\"Scientific Linux Security Update : samba on SL7.x x86_64 (20181030)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security Fix(es) :\n\n - samba: Weak authentication protocol regression\n (CVE-2018-1139)\n\n - samba: Insufficient input validation in libsmbclient\n (CVE-2018-10858)\n\n - samba: NULL pointer dereference in printer server\n process (CVE-2018-1050)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1811&L=scientific-linux-errata&F=&S=&P=5438\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2de83bcc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libsmbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libwbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-client-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-client-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"samba-common-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-common-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-common-tools-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-dc-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-debuginfo-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"samba-pidl-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-python-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-python-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-test-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-winbind-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.8.3-4.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / libsmbclient-devel / libwbclient / libwbclient-devel / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:23:02", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has samba packages installed that are affected by multiple vulnerabilities:\n\n - A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.\n (CVE-2018-1050)\n\n - A flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.\n (CVE-2018-1139)\n\n - A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.\n (CVE-2018-10858)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Multiple Vulnerabilities (NS-SA-2019-0069)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0069_SAMBA.NASL", "href": "https://www.tenable.com/plugins/nessus/127271", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0069. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127271);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-1139\", \"CVE-2018-10858\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Multiple Vulnerabilities (NS-SA-2019-0069)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has samba packages installed that are affected by\nmultiple vulnerabilities:\n\n - A null pointer dereference flaw was found in Samba RPC\n external printer service. An attacker could use this\n flaw to cause the printer spooler service to crash.\n (CVE-2018-1050)\n\n - A flaw was found in the way samba allowed the use of\n weak NTLMv1 authentication even when NTLMv1 was\n explicitly disabled. A man-in-the-middle attacker could\n use this flaw to read the credential and other details\n passed between the samba server and client.\n (CVE-2018-1139)\n\n - A heap-buffer overflow was found in the way samba\n clients processed extra long filename in a directory\n listing. A malicious samba server could use this flaw to\n cause arbitrary code execution on a samba client.\n (CVE-2018-10858)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0069\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL samba packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"ctdb-4.8.3-4.el7\",\n \"ctdb-tests-4.8.3-4.el7\",\n \"libsmbclient-4.8.3-4.el7\",\n \"libsmbclient-devel-4.8.3-4.el7\",\n \"libwbclient-4.8.3-4.el7\",\n \"libwbclient-devel-4.8.3-4.el7\",\n \"samba-4.8.3-4.el7\",\n \"samba-client-4.8.3-4.el7\",\n \"samba-client-libs-4.8.3-4.el7\",\n \"samba-common-4.8.3-4.el7\",\n \"samba-common-libs-4.8.3-4.el7\",\n \"samba-common-tools-4.8.3-4.el7\",\n \"samba-dc-4.8.3-4.el7\",\n \"samba-dc-libs-4.8.3-4.el7\",\n \"samba-debuginfo-4.8.3-4.el7\",\n \"samba-devel-4.8.3-4.el7\",\n \"samba-krb5-printing-4.8.3-4.el7\",\n \"samba-libs-4.8.3-4.el7\",\n \"samba-pidl-4.8.3-4.el7\",\n \"samba-python-4.8.3-4.el7\",\n \"samba-python-test-4.8.3-4.el7\",\n \"samba-test-4.8.3-4.el7\",\n \"samba-test-libs-4.8.3-4.el7\",\n \"samba-vfs-glusterfs-4.8.3-4.el7\",\n \"samba-winbind-4.8.3-4.el7\",\n \"samba-winbind-clients-4.8.3-4.el7\",\n \"samba-winbind-krb5-locator-4.8.3-4.el7\",\n \"samba-winbind-modules-4.8.3-4.el7\"\n ],\n \"CGSL MAIN 5.04\": [\n \"ctdb-4.8.3-4.el7\",\n \"ctdb-tests-4.8.3-4.el7\",\n \"libsmbclient-4.8.3-4.el7\",\n \"libsmbclient-devel-4.8.3-4.el7\",\n \"libwbclient-4.8.3-4.el7\",\n \"libwbclient-devel-4.8.3-4.el7\",\n \"samba-4.8.3-4.el7\",\n \"samba-client-4.8.3-4.el7\",\n \"samba-client-libs-4.8.3-4.el7\",\n \"samba-common-4.8.3-4.el7\",\n \"samba-common-libs-4.8.3-4.el7\",\n \"samba-common-tools-4.8.3-4.el7\",\n \"samba-dc-4.8.3-4.el7\",\n \"samba-dc-libs-4.8.3-4.el7\",\n \"samba-debuginfo-4.8.3-4.el7\",\n \"samba-devel-4.8.3-4.el7\",\n \"samba-krb5-printing-4.8.3-4.el7\",\n \"samba-libs-4.8.3-4.el7\",\n \"samba-pidl-4.8.3-4.el7\",\n \"samba-python-4.8.3-4.el7\",\n \"samba-python-test-4.8.3-4.el7\",\n \"samba-test-4.8.3-4.el7\",\n \"samba-test-libs-4.8.3-4.el7\",\n \"samba-vfs-glusterfs-4.8.3-4.el7\",\n \"samba-winbind-4.8.3-4.el7\",\n \"samba-winbind-clients-4.8.3-4.el7\",\n \"samba-winbind-krb5-locator-4.8.3-4.el7\",\n \"samba-winbind-modules-4.8.3-4.el7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:35", "description": "Updated samba packages that fix several security issues and provide several bug fixes and an enhancement are now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer indirection in printer server process (CVE-2018-1050)\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red Hat) as the original reporter of CVE-2018-1139.\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Previously, sharing a subdirectory of a Gluster volume failed with an I/O error when the shadow_copy2 vfs object was specified. This occurred because Gluster volumes are remote file systems, and shadow_copy2 only detected share paths in the local file system. This update forces the value of shadow:mountpath to '/', skipping the code related to mount point detection, and preventing this problem.\nHowever, this fix requires that the glusterfs vfs object is listed after the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)\n\n* As of Red Hat Gluster Storage 3.4, the libldb package is no longer shipped as an independent package in the Red Hat Gluster Storage Samba channel. The capabilities of the libldb package are now provided by a combination of the samba-client and samba-client-libs packages. In addition, the sub-packages previously provided by libldb are now provided by the samba-client and samba-client-libs packages. The samba-client sub-package provides ldb-tools, and the samba-client-libs sub-package provides pyldb. (BZ# 1592794)\n\nEnhancement(s) :\n\n* Red Hat Gluster Storage volumes exported using SMB can now be mounted on macOS clients using Finder. Configuration instructions are provided as part of the Red Hat Gluster Storage 3.4 documentation.\n(BZ#1446125)\n\nRed Hat strongly recommends upgrading to these updated packages.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-09-06T00:00:00", "type": "nessus", "title": "RHEL 7 : Storage Server (RHSA-2018:2613)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ctdb", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:libtalloc", "p-cpe:/a:redhat:enterprise_linux:libtalloc-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libtalloc-devel", "p-cpe:/a:redhat:enterprise_linux:libtevent", "p-cpe:/a:redhat:enterprise_linux:libtevent-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libtevent-devel", "p-cpe:/a:redhat:enterprise_linux:libwbclient", "p-cpe:/a:redhat:enterprise_linux:libwbclient-devel", "p-cpe:/a:redhat:enterprise_linux:pytalloc", "p-cpe:/a:redhat:enterprise_linux:pytalloc-devel", "p-cpe:/a:redhat:enterprise_linux:python-tdb", "p-cpe:/a:redhat:enterprise_linux:python-tevent", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-client-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-common-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common-tools", "p-cpe:/a:redhat:enterprise_linux:samba-dc", "p-cpe:/a:redhat:enterprise_linux:samba-dc-libs", "p-cpe:/a:redhat:enterprise_linux:samba-debuginfo", "p-cpe:/a:redhat:enterprise_linux:samba-devel", "p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing", "p-cpe:/a:redhat:enterprise_linux:samba-libs", "p-cpe:/a:redhat:enterprise_linux:samba-pidl", "p-cpe:/a:redhat:enterprise_linux:samba-python", "p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules", "p-cpe:/a:redhat:enterprise_linux:tdb-tools", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-2613.NASL", "href": "https://www.tenable.com/plugins/nessus/117320", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2613. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117320);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"RHSA\", value:\"2018:2613\");\n\n script_name(english:\"RHEL 7 : Storage Server (RHSA-2018:2613)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated samba packages that fix several security issues and provide\nseveral bug fixes and an enhancement are now available for Red Hat\nGluster Storage 3.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) protocol and the related Common Internet File System (CIFS)\nprotocol, which allow PC-compatible machines to share files, printers,\nand various information.\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\n* samba: NULL pointer indirection in printer server process\n(CVE-2018-1050)\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red\nHat) as the original reporter of CVE-2018-1139.\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nBug Fix(es) :\n\n* Previously, sharing a subdirectory of a Gluster volume failed with\nan I/O error when the shadow_copy2 vfs object was specified. This\noccurred because Gluster volumes are remote file systems, and\nshadow_copy2 only detected share paths in the local file system. This\nupdate forces the value of shadow:mountpath to '/', skipping the code\nrelated to mount point detection, and preventing this problem.\nHowever, this fix requires that the glusterfs vfs object is listed\nafter the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)\n\n* As of Red Hat Gluster Storage 3.4, the libldb package is no longer\nshipped as an independent package in the Red Hat Gluster Storage Samba\nchannel. The capabilities of the libldb package are now provided by a\ncombination of the samba-client and samba-client-libs packages. In\naddition, the sub-packages previously provided by libldb are now\nprovided by the samba-client and samba-client-libs packages. The\nsamba-client sub-package provides ldb-tools, and the samba-client-libs\nsub-package provides pyldb. (BZ# 1592794)\n\nEnhancement(s) :\n\n* Red Hat Gluster Storage volumes exported using SMB can now be\nmounted on macOS clients using Finder. Configuration instructions are\nprovided as part of the Red Hat Gluster Storage 3.4 documentation.\n(BZ#1446125)\n\nRed Hat strongly recommends upgrading to these updated packages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-1050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-1139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10858\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pytalloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pytalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tdb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2613\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"glusterfs-3.12.2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Storage Server\");\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ctdb-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libsmbclient-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtalloc-2.1.11-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtalloc-debuginfo-2.1.11-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtalloc-devel-2.1.11-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtevent-0.9.35-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtevent-debuginfo-0.9.35-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libtevent-devel-0.9.35-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libwbclient-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pytalloc-2.1.11-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pytalloc-devel-2.1.11-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-tdb-1.3.15-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-tevent-0.9.35-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-client-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-client-libs-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-common-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-common-libs-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-common-tools-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-dc-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-debuginfo-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-devel-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-libs-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"samba-pidl-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-python-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.7.5-110.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"tdb-tools-1.3.15-4.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / libsmbclient / libsmbclient-devel / libtalloc / etc\");\n }\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:11", "description": "From Red Hat Security Advisory 2018:3056 :\n\nAn update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das (Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-07T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : samba (ELSA-2018-3056)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2021-04-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ctdb", "p-cpe:/a:oracle:linux:ctdb-tests", "p-cpe:/a:oracle:linux:libsmbclient", "p-cpe:/a:oracle:linux:libsmbclient-devel", "p-cpe:/a:oracle:linux:libwbclient", "p-cpe:/a:oracle:linux:libwbclient-devel", "p-cpe:/a:oracle:linux:samba", "p-cpe:/a:oracle:linux:samba-client", "p-cpe:/a:oracle:linux:samba-client-libs", "p-cpe:/a:oracle:linux:samba-common", "p-cpe:/a:oracle:linux:samba-common-libs", "p-cpe:/a:oracle:linux:samba-common-tools", "p-cpe:/a:oracle:linux:samba-dc", "p-cpe:/a:oracle:linux:samba-dc-libs", "p-cpe:/a:oracle:linux:samba-devel", "p-cpe:/a:oracle:linux:samba-krb5-printing", "p-cpe:/a:oracle:linux:samba-libs", "p-cpe:/a:oracle:linux:samba-pidl", "p-cpe:/a:oracle:linux:samba-python", "p-cpe:/a:oracle:linux:samba-python-test", "p-cpe:/a:oracle:linux:samba-test", "p-cpe:/a:oracle:linux:samba-test-libs", "p-cpe:/a:oracle:linux:samba-vfs-glusterfs", "p-cpe:/a:oracle:linux:samba-winbind", "p-cpe:/a:oracle:linux:samba-winbind-clients", "p-cpe:/a:oracle:linux:samba-winbind-krb5-locator", "p-cpe:/a:oracle:linux:samba-winbind-modules", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2018-3056.NASL", "href": "https://www.tenable.com/plugins/nessus/118766", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:3056 and \n# Oracle Linux Security Advisory ELSA-2018-3056 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118766);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/14\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"RHSA\", value:\"2018:3056\");\n\n script_name(english:\"Oracle Linux 7 : samba (ELSA-2018-3056)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2018:3056 :\n\nAn update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) protocol and the related Common Internet File System (CIFS)\nprotocol, which allow PC-compatible machines to share files, printers,\nand various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process\n(CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das\n(Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.6 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-November/008199.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ctdb-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ctdb-tests-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libsmbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libwbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-client-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-client-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-common-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-common-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-common-tools-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-dc-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-pidl-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-python-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-python-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-test-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-winbind-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.8.3-4.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-tests / libsmbclient / libsmbclient-devel / libwbclient / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:15", "description": "A NULL pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash. (CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. (CVE-2018-10858)\n\nA flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.\n(CVE-2018-1139)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-25T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : samba (ALAS-2018-1126)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2020-02-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ctdb", "p-cpe:/a:amazon:linux:ctdb-tests", "p-cpe:/a:amazon:linux:libsmbclient", "p-cpe:/a:amazon:linux:libsmbclient-devel", "p-cpe:/a:amazon:linux:libwbclient", "p-cpe:/a:amazon:linux:libwbclient-devel", "p-cpe:/a:amazon:linux:samba", "p-cpe:/a:amazon:linux:samba-client", "p-cpe:/a:amazon:linux:samba-client-libs", "p-cpe:/a:amazon:linux:samba-common", "p-cpe:/a:amazon:linux:samba-common-libs", "p-cpe:/a:amazon:linux:samba-common-tools", "p-cpe:/a:amazon:linux:samba-debuginfo", "p-cpe:/a:amazon:linux:samba-devel", "p-cpe:/a:amazon:linux:samba-krb5-printing", "p-cpe:/a:amazon:linux:samba-libs", "p-cpe:/a:amazon:linux:samba-pidl", "p-cpe:/a:amazon:linux:samba-python", "p-cpe:/a:amazon:linux:samba-python-test", "p-cpe:/a:amazon:linux:samba-test", "p-cpe:/a:amazon:linux:samba-test-libs", "p-cpe:/a:amazon:linux:samba-winbind", "p-cpe:/a:amazon:linux:samba-winbind-clients", "p-cpe:/a:amazon:linux:samba-winbind-krb5-locator", "p-cpe:/a:amazon:linux:samba-winbind-modules", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1126.NASL", "href": "https://www.tenable.com/plugins/nessus/121359", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1126.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121359);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/20\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"ALAS\", value:\"2018-1126\");\n\n script_name(english:\"Amazon Linux AMI : samba (ALAS-2018-1126)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was found in Samba RPC external\nprinter service. An attacker could use this flaw to cause the printer\nspooler service to crash. (CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed\nextra long filename in a directory listing. A malicious samba server\ncould use this flaw to cause arbitrary code execution on a samba\nclient. (CVE-2018-10858)\n\nA flaw was found in the way samba allowed the use of weak NTLMv1\nauthentication even when NTLMv1 was explicitly disabled. A\nman-in-the-middle attacker could use this flaw to read the credential\nand other details passed between the samba server and client.\n(CVE-2018-1139)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1126.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update samba' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ctdb-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ctdb-tests-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libsmbclient-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libsmbclient-devel-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libwbclient-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libwbclient-devel-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-client-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-client-libs-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-common-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-common-libs-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-common-tools-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-debuginfo-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-devel-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-krb5-printing-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-libs-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-pidl-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-python-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-python-test-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-test-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-test-libs-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-winbind-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-winbind-clients-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-winbind-krb5-locator-4.8.3-4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"samba-winbind-modules-4.8.3-4.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-tests / libsmbclient / libsmbclient-devel / libwbclient / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:36", "description": "An update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das (Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-17T00:00:00", "type": "nessus", "title": "CentOS 7 : samba (CESA-2018:3056)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2020-03-27T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ctdb", "p-cpe:/a:centos:centos:ctdb-tests", "p-cpe:/a:centos:centos:libsmbclient", "p-cpe:/a:centos:centos:libsmbclient-devel", "p-cpe:/a:centos:centos:libwbclient", "p-cpe:/a:centos:centos:libwbclient-devel", "p-cpe:/a:centos:centos:samba", "p-cpe:/a:centos:centos:samba-client", "p-cpe:/a:centos:centos:samba-client-libs", "p-cpe:/a:centos:centos:samba-common", "p-cpe:/a:centos:centos:samba-common-libs", "p-cpe:/a:centos:centos:samba-common-tools", "p-cpe:/a:centos:centos:samba-dc", "p-cpe:/a:centos:centos:samba-dc-libs", "p-cpe:/a:centos:centos:samba-devel", "p-cpe:/a:centos:centos:samba-krb5-printing", "p-cpe:/a:centos:centos:samba-libs", "p-cpe:/a:centos:centos:samba-pidl", "p-cpe:/a:centos:centos:samba-python", "p-cpe:/a:centos:centos:samba-python-test", "p-cpe:/a:centos:centos:samba-test", "p-cpe:/a:centos:centos:samba-test-libs", "p-cpe:/a:centos:centos:samba-vfs-glusterfs", "p-cpe:/a:centos:centos:samba-winbind", "p-cpe:/a:centos:centos:samba-winbind-clients", "p-cpe:/a:centos:centos:samba-winbind-krb5-locator", "p-cpe:/a:centos:centos:samba-winbind-modules", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2018-3056.NASL", "href": "https://www.tenable.com/plugins/nessus/119691", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:3056 and \n# CentOS Errata and Security Advisory 2018:3056 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119691);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/27\");\n\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\", \"CVE-2018-1139\");\n script_xref(name:\"RHSA\", value:\"2018:3056\");\n\n script_name(english:\"CentOS 7 : samba (CESA-2018:3056)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for samba is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSamba is an open source implementation of the Server Message Block\n(SMB) protocol and the related Common Internet File System (CIFS)\nprotocol, which allow PC-compatible machines to share files, printers,\nand various information.\n\nThe following packages have been upgraded to a later upstream version:\nsamba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es) :\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process\n(CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Samba project for reporting\nCVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das\n(Red Hat).\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.6 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2018-December/005789.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5856e51f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ctdb-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ctdb-tests-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libsmbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libsmbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libwbclient-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libwbclient-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-client-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-client-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-common-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-common-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-common-tools-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-dc-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-dc-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-devel-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-krb5-printing-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-pidl-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-python-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-python-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-test-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-test-libs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-vfs-glusterfs-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-clients-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-krb5-locator-4.8.3-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"samba-winbind-modules-4.8.3-4.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-tests / libsmbclient / libsmbclient-devel / libwbclient / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:41", "description": "This update for samba fixes the following issues: Security issues fixed :\n\n - CVE-2018-1050: Fixed denial of service vulnerability when SPOOLSS is run externally (bsc#1081741).\n\n - CVE-2017-14746: Fixed use-after-free vulnerability (bsc#1060427).\n\n - CVE-2017-15275: Fixed server heap memory information leak (bsc#1063008).\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow (bsc#1103411) Bug fixes :\n\n - bsc#1027593: Update 'winbind expand groups' doc in smb.conf man page.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : samba (SUSE-SU-2018:2321-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14746", "CVE-2017-15275", "CVE-2018-1050", "CVE-2018-10858"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ctdb", "p-cpe:/a:novell:suse_linux:ctdb-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:libgensec0", "p-cpe:/a:novell:suse_linux:libgensec0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:libregistry0", "p-cpe:/a:novell:suse_linux:libregistry0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient-raw0", "p-cpe:/a:novell:suse_linux:libsmbclient-raw0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap0", "p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-2321-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111742", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2321-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111742);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2017-14746\", \"CVE-2017-15275\", \"CVE-2018-1050\", \"CVE-2018-10858\");\n\n script_name(english:\"SUSE SLES12 Security Update : samba (SUSE-SU-2018:2321-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for samba fixes the following issues: Security issues\nfixed :\n\n - CVE-2018-1050: Fixed denial of service vulnerability\n when SPOOLSS is run externally (bsc#1081741).\n\n - CVE-2017-14746: Fixed use-after-free vulnerability\n (bsc#1060427).\n\n - CVE-2017-15275: Fixed server heap memory information\n leak (bsc#1063008).\n\n - CVE-2018-10858: smbc_urlencode helper function is a\n subject to buffer overflow (bsc#1103411) Bug fixes :\n\n - bsc#1027593: Update 'winbind expand groups' doc in\n smb.conf man page.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027593\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1063008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1081741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14746/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-15275/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1050/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10858/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182321-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?10e0fa61\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-1559=1\n\nSUSE Linux Enterprise High Availability 12:zypper in -t patch\nSUSE-SLE-HA-12-2018-1559=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgensec0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgensec0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libregistry0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libregistry0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient-raw0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient-raw0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"ctdb-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"ctdb-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libdcerpc-binding0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libdcerpc-binding0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libdcerpc-binding0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libdcerpc-binding0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libdcerpc0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libdcerpc0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libdcerpc0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libdcerpc0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libgensec0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libgensec0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libgensec0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libgensec0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-krb5pac0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-krb5pac0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-krb5pac0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-krb5pac0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-nbt0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-nbt0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-nbt0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-nbt0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-standard0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-standard0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-standard0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr-standard0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libndr0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libnetapi0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libnetapi0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libnetapi0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libnetapi0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libregistry0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libregistry0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-credentials0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-credentials0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-credentials0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-credentials0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-hostconfig0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-hostconfig0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-hostconfig0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-hostconfig0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-passdb0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-passdb0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-passdb0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-passdb0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-util0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-util0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-util0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamba-util0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamdb0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamdb0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamdb0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsamdb0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbclient-raw0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbclient-raw0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbclient-raw0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbclient-raw0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbclient0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbclient0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbclient0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbclient0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbconf0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbconf0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbconf0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbconf0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbldap0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbldap0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbldap0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsmbldap0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libtevent-util0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libtevent-util0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libtevent-util0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libtevent-util0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwbclient0-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwbclient0-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwbclient0-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwbclient0-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-client-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-client-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-client-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-client-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-debugsource-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-libs-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-libs-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-libs-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-libs-debuginfo-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-winbind-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-winbind-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-winbind-debuginfo-32bit-4.2.4-18.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"samba-winbind-debuginfo-4.2.4-18.49.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-13T14:41:03", "description": "Svyatoslav Phirsov discovered that the Samba libsmbclient library incorrectly handled extra long filenames. A malicious server could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-10858)\n\nVolker Mauel discovered that Samba incorrectly handled database output. When used as an Active Directory Domain Controller, a remote authenticated attacker could use this issue to cause Samba to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-10918)\n\nPhillip Kuhrt discovered that the Samba LDAP server incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. (CVE-2018-10919)\n\nVivek Das discovered that Samba incorrectly handled NTLMv1 being explicitly disabled on the server. A remote user could possibly be authenticated using NTLMv1, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-1139).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Samba vulnerabilities (USN-3738-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libsmbclient", "p-cpe:/a:canonical:ubuntu_linux:samba", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-3738-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111748", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3738-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111748);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\");\n script_xref(name:\"USN\", value:\"3738-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Samba vulnerabilities (USN-3738-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Svyatoslav Phirsov discovered that the Samba libsmbclient library\nincorrectly handled extra long filenames. A malicious server could use\nthis issue to cause Samba to crash, resulting in a denial of service,\nor possibly execute arbitrary code. (CVE-2018-10858)\n\nVolker Mauel discovered that Samba incorrectly handled database\noutput. When used as an Active Directory Domain Controller, a remote\nauthenticated attacker could use this issue to cause Samba to crash,\nresulting in a denial of service. This issue only affected Ubuntu\n18.04 LTS. (CVE-2018-10918)\n\nPhillip Kuhrt discovered that the Samba LDAP server incorrectly\nhandled certain confidential attribute values. A remote authenticated\nattacker could possibly use this issue to obtain certain sensitive\ninformation. (CVE-2018-10919)\n\nVivek Das discovered that Samba incorrectly handled NTLMv1 being\nexplicitly disabled on the server. A remote user could possibly be\nauthenticated using NTLMv1, contrary to expectations. This issue only\naffected Ubuntu 18.04 LTS. (CVE-2018-1139).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3738-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libsmbclient and / or samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libsmbclient\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.14.04.16\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"samba\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.14.04.16\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libsmbclient\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.16.04.15\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"samba\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.16.04.15\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libsmbclient\", pkgver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"samba\", pkgver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmbclient / samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:03", "description": "The samba project reports :\n\nSamba releases 4.7.0 to 4.8.3 (inclusive) contain an error which allows authentication using NTLMv1 over an SMB1 transport (either directory or via NETLOGON SamLogon calls from a member server), even when NTLMv1 is explicitly disabled on the server.\n\nMissing input sanitization checks on some of the input parameters to LDB database layer cause the LDAP server and DNS server to crash when following a NULL pointer.\n\nSamba releases 3.2.0 to 4.8.3 (inclusive) contain an error in libsmbclient that could allow a malicious server to overwrite client heap memory by returning an extra long filename in a directory listing.\n\nMissing database output checks on the returned directory attributes from the LDB database layer cause the DsCrackNames call in the DRSUAPI server to crash when following a NULL pointer.\n\nAll versions of the Samba Active Directory LDAP server from 4.0.0 onwards are vulnerable to the disclosure of confidential attribute values, both of attributes where the schema SEARCH_FLAG_CONFIDENTIAL (0x80) searchFlags bit and where an explicit Access Control Entry has been specified on the ntSecurityDescriptor.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "FreeBSD : samba -- multiple vulnerabilities (c4e9a427-9fc2-11e8-802a-000c29a1e3ec)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:samba46", "p-cpe:/a:freebsd:freebsd:samba47", "p-cpe:/a:freebsd:freebsd:samba48", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C4E9A4279FC211E8802A000C29A1E3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/111722", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111722);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:47\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n\n script_name(english:\"FreeBSD : samba -- multiple vulnerabilities (c4e9a427-9fc2-11e8-802a-000c29a1e3ec)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The samba project reports :\n\nSamba releases 4.7.0 to 4.8.3 (inclusive) contain an error which\nallows authentication using NTLMv1 over an SMB1 transport (either\ndirectory or via NETLOGON SamLogon calls from a member server), even\nwhen NTLMv1 is explicitly disabled on the server.\n\nMissing input sanitization checks on some of the input parameters to\nLDB database layer cause the LDAP server and DNS server to crash when\nfollowing a NULL pointer.\n\nSamba releases 3.2.0 to 4.8.3 (inclusive) contain an error in\nlibsmbclient that could allow a malicious server to overwrite client\nheap memory by returning an extra long filename in a directory\nlisting.\n\nMissing database output checks on the returned directory attributes\nfrom the LDB database layer cause the DsCrackNames call in the DRSUAPI\nserver to crash when following a NULL pointer.\n\nAll versions of the Samba Active Directory LDAP server from 4.0.0\nonwards are vulnerable to the disclosure of confidential attribute\nvalues, both of attributes where the schema SEARCH_FLAG_CONFIDENTIAL\n(0x80) searchFlags bit and where an explicit Access Control Entry has\nbeen specified on the ntSecurityDescriptor.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-1139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-1140.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-10858.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-10918.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-10919.html\"\n );\n # https://vuxml.freebsd.org/freebsd/c4e9a427-9fc2-11e8-802a-000c29a1e3ec.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b8245a72\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba46\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba47\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba48\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"samba46<4.6.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba47<4.7.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba48<4.8.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:52", "description": "The version of Samba running on the remote host is 4.6.x prior to 4.6.16, or 4.7.x prior to 4.7.9, or 4.8.x prior to 4.8.4. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-17T00:00:00", "type": "nessus", "title": "4.6.x < 4.6.16 / 4.7.x < 4.7.9 / 4.8.x < 4.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2019-11-04T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_4_6_15.NASL", "href": "https://www.tenable.com/plugins/nessus/111974", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111974);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/04\");\n\n script_cve_id(\n \"CVE-2018-1139\",\n \"CVE-2018-1140\",\n \"CVE-2018-10858\",\n \"CVE-2018-10918\",\n \"CVE-2018-10919\"\n );\n script_bugtraq_id(\n 105081,\n 105082,\n 105083,\n 105084,\n 105085\n );\n\n script_name(english:\"4.6.x < 4.6.16 / 4.7.x < 4.7.9 / 4.8.x < 4.8.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Samba.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Samba running on the remote host is 4.6.x prior to \n4.6.16, or 4.7.x prior to 4.7.9, or 4.8.x prior to 4.8.4. It is,\ntherefore, affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-1139.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-1140.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-10919.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-10918.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-10858.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Samba version 4.6.16 / 4.7.9 / 4.8.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\nlanman = get_kb_item_or_exit(\"SMB/NativeLanManager\");\n\nif (\"Samba \" >!< lanman) audit(AUDIT_NOT_LISTEN, \"Samba\", port);\n\nversion = lanman - 'Samba ';\n\nif (version =~ \"^4(\\.[0-8])?$\")\n audit(AUDIT_VER_NOT_GRANULAR, \"Samba\", port, version);\n\nfix = NULL;\n\nregexes = make_array(-2, \"a(\\d+)\", -1, \"rc(\\d+)\");\n\n# Affected :\n# Note versions prior to 4.4 are EoL\n# 4.6.x < 4.6.16\n# 4.7.x < 4.7.9\n# 4.8.x < 4.8.4\nif (version =~ \"^4\\.6\\.\")\n fix = '4.6.16';\nelse if (version =~ \"^4\\.7\\.\")\n fix = '4.7.9';\nelse if (version =~ \"^4\\.8\\.\")\n fix = '4.8.4';\n\nif ( !isnull(fix) &&\n (ver_compare(ver:version, fix:fix, regexes:regexes) < 0) &&\n (ver_compare(ver:version, fix:'4.0.0', regexes:regexes) >= 0) )\n{\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_report_v4(port:port, severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Samba\", port, version);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:42", "description": "This update for samba fixes the following issues :\n\nThe following security vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user without a SPN; (bsc#1103414)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : samba (openSUSE-2018-891)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-tests", "p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac0", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt-devel", "p-cpe:/a:novell:opensuse:libndr-nbt0", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard-devel", "p-cpe:/a:novell:opensuse:libndr-standard0", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo", "p-cpe:/a:novell:opensuse:libndr0", "p-cpe:/a:novell:opensuse:libndr0-32bit", "p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi-devel", "p-cpe:/a:novell:opensuse:libnetapi0", "p-cpe:/a:novell:opensuse:libnetapi0-32bit", "p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials-devel", "p-cpe:/a:novell:opensuse:libsamba-credentials0", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors-devel", "p-cpe:/a:novell:opensuse:libsamba-errors0", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb-devel", "p-cpe:/a:novell:opensuse:libsamba-passdb0", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamba-policy0", "p-cpe:/a:novell:opensuse:libsamba-policy0-32bit", "p-cpe:/a:novell:opensuse:libsamba-policy0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util-devel", "p-cpe:/a:novell:opensuse:libsamba-util0", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb-devel", "p-cpe:/a:novell:opensuse:libsamdb0", "p-cpe:/a:novell:opensuse:libsamdb0-32bit", "p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient-devel", "p-cpe:/a:novell:opensuse:libsmbclient0", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf-devel", "p-cpe:/a:novell:opensuse:libsmbconf0", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap-devel", "p-cpe:/a:novell:opensuse:libsmbldap2", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util-devel", "p-cpe:/a:novell:opensuse:libtevent-util0", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient-devel", "p-cpe:/a:novell:opensuse:libwbclient0", "p-cpe:/a:novell:opensuse:libwbclient0-32bit", "p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:samba-ceph-debuginfo", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-debuginfo", "p-cpe:/a:novell:opensuse:samba-core-devel", "p-cpe:/a:novell:opensuse:samba-debuginfo", "p-cpe:/a:novell:opensuse:samba-debugsource", "p-cpe:/a:novell:opensuse:samba-dsdb-modules", "p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo", "p-cpe:/a:novell:opensuse:samba-kdc", "p-cpe:/a:novell:opensuse:samba-kdc-32bit", "p-cpe:/a:novell:opensuse:samba-kdc-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-kdc-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-debuginfo", "p-cpe:/a:novell:opensuse:samba-pidl", "p-cpe:/a:novell:opensuse:samba-python", "p-cpe:/a:novell:opensuse:samba-python-debuginfo", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:samba-test-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:samba-winbind-32bit", "p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-891.NASL", "href": "https://www.tenable.com/plugins/nessus/112000", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-891.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(112000);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n\n script_name(english:\"openSUSE Security Update : samba (openSUSE-2018-891)\");\n script_summary(english:\"Check for the openSUSE-2018-891 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for samba fixes the following issues :\n\nThe following security vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't\n allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and\n DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via\n substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a\n subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames\n on a user without a SPN; (bsc#1103414)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103414\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-pcp-pmda-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-pcp-pmda-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-tests-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-tests-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-binding0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-binding0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap2-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap2-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-client-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-client-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-core-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-debugsource-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-dsdb-modules-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-dsdb-modules-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-kdc-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-kdc-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-libs-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-libs-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-pidl-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-python-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-python-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-test-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-test-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-winbind-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-winbind-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-policy0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-policy0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-ceph-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-client-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-kdc-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-kdc-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-debuginfo / ctdb-pcp-pmda / ctdb-pcp-pmda-debuginfo / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:16", "description": "Update to Samba 4.7.9, Security fix for CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-22T00:00:00", "type": "nessus", "title": "Fedora 27 : 2:samba (2018-8e4d871867)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:samba", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-8E4D871867.NASL", "href": "https://www.tenable.com/plugins/nessus/112051", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-8e4d871867.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(112051);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n script_xref(name:\"FEDORA\", value:\"2018-8e4d871867\");\n\n script_name(english:\"Fedora 27 : 2:samba (2018-8e4d871867)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Samba 4.7.9, Security fix for CVE-2018-1139, CVE-2018-1140,\nCVE-2018-10858, CVE-2018-10918, CVE-2018-10919\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-8e4d871867\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:samba package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"samba-4.7.9-0.fc27\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:08", "description": "This update for samba fixes the following issues :\n\nThe following security vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user without a SPN; (bsc#1103414)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : samba (openSUSE-2019-617)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-tests", "p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac-devel", "p-cpe:/a:novell:opensuse:libndr-krb5pac0", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt-devel", "p-cpe:/a:novell:opensuse:libndr-nbt0", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard-devel", "p-cpe:/a:novell:opensuse:libndr-standard0", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo", "p-cpe:/a:novell:opensuse:libndr0", "p-cpe:/a:novell:opensuse:libndr0-32bit", "p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi-devel", "p-cpe:/a:novell:opensuse:libnetapi0", "p-cpe:/a:novell:opensuse:libnetapi0-32bit", "p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials-devel", "p-cpe:/a:novell:opensuse:libsamba-credentials0", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors-devel", "p-cpe:/a:novell:opensuse:libsamba-errors0", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb-devel", "p-cpe:/a:novell:opensuse:libsamba-passdb0", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamba-policy0", "p-cpe:/a:novell:opensuse:libsamba-policy0-32bit", "p-cpe:/a:novell:opensuse:libsamba-policy0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util-devel", "p-cpe:/a:novell:opensuse:libsamba-util0", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb-devel", "p-cpe:/a:novell:opensuse:libsamdb0", "p-cpe:/a:novell:opensuse:libsamdb0-32bit", "p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient-devel", "p-cpe:/a:novell:opensuse:libsmbclient0", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf-devel", "p-cpe:/a:novell:opensuse:libsmbconf0", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap-devel", "p-cpe:/a:novell:opensuse:libsmbldap2", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util-devel", "p-cpe:/a:novell:opensuse:libtevent-util0", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient-devel", "p-cpe:/a:novell:opensuse:libwbclient0", "p-cpe:/a:novell:opensuse:libwbclient0-32bit", "p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:samba-ceph-debuginfo", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-debuginfo", "p-cpe:/a:novell:opensuse:samba-core-devel", "p-cpe:/a:novell:opensuse:samba-debuginfo", "p-cpe:/a:novell:opensuse:samba-debugsource", "p-cpe:/a:novell:opensuse:samba-dsdb-modules", "p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo", "p-cpe:/a:novell:opensuse:samba-kdc", "p-cpe:/a:novell:opensuse:samba-kdc-32bit", "p-cpe:/a:novell:opensuse:samba-kdc-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-kdc-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-debuginfo", "p-cpe:/a:novell:opensuse:samba-pidl", "p-cpe:/a:novell:opensuse:samba-python", "p-cpe:/a:novell:opensuse:samba-python-debuginfo", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:samba-test-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:samba-winbind-32bit", "p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-617.NASL", "href": "https://www.tenable.com/plugins/nessus/123268", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-617.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123268);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n\n script_name(english:\"openSUSE Security Update : samba (openSUSE-2019-617)\");\n script_summary(english:\"Check for the openSUSE-2019-617 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for samba fixes the following issues :\n\nThe following security vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't\n allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and\n DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via\n substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a\n subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames\n on a user without a SPN; (bsc#1103414)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103414\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-kdc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-pcp-pmda-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-pcp-pmda-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-tests-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ctdb-tests-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-binding0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-binding0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc-samr0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libdcerpc0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-krb5pac0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-nbt0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr-standard0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libndr0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libnetapi0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-credentials0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-errors0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-passdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-policy0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamba-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsamdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbconf0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap2-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsmbldap2-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtevent-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient0-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-client-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-client-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-core-devel-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-debugsource-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-dsdb-modules-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-dsdb-modules-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-kdc-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-kdc-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-libs-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-libs-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-pidl-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-python-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-python-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-test-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-test-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-winbind-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"samba-winbind-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-policy0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-policy0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-ceph-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-client-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-kdc-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-kdc-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.7.8+git.86.94b6d10f7dd-lp150.3.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ctdb / ctdb-debuginfo / ctdb-pcp-pmda / ctdb-pcp-pmda-debuginfo / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:50", "description": "This update for samba fixes the following issues: The following security vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user without a SPN; (bsc#1103414)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2018:2318-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2020-03-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-devel", "p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt-devel", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard-devel", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi-devel", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials-devel", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors-devel", "p-cpe:/a:novell:suse_linux:libsamba-errors0", "p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb-devel", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-policy-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy0", "p-cpe:/a:novell:suse_linux:libsamba-util-devel", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamdb-devel", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient-devel", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf-devel", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap-devel", "p-cpe:/a:novell:suse_linux:libsmbldap2", "p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util-devel", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient-devel", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:samba-core-devel", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-2318-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120077", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2318-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120077);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/18\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2018:2318-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for samba fixes the following issues: The following\nsecurity vulnerabilities were fixed :\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't\n allow it; (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and\n DNS query with escapes crashes; (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via\n substring search; (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a\n subject to buffer overflow; (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames\n on a user without a SPN; (bsc#1103414)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103414\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10858/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10918/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10919/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1139/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1140/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182318-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9d1de0a9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-1555=1\n\nSUSE Linux Enterprise High Availability 15:zypper in -t patch\nSUSE-SLE-Product-HA-15-2018-1555=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-binding0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-binding0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-policy-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-policy0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap2-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap2-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-client-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-client-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-core-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-debugsource-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-libs-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-libs-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-winbind-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-winbind-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-binding0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-binding0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-policy-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-policy0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap2-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap2-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient0-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient0-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-client-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-client-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-core-devel-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-debugsource-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-libs-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-libs-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-winbind-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-winbind-debuginfo-4.7.8+git.86.94b6d10f7dd-4.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:49", "description": "Update to Samba 4.8.4, Security fix for CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : 2:samba / libldb (2018-bc22d6c7bc)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:samba", "p-cpe:/a:fedoraproject:fedora:libldb", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-BC22D6C7BC.NASL", "href": "https://www.tenable.com/plugins/nessus/120746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-bc22d6c7bc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120746);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n script_xref(name:\"FEDORA\", value:\"2018-bc22d6c7bc\");\n\n script_name(english:\"Fedora 28 : 2:samba / libldb (2018-bc22d6c7bc)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Samba 4.8.4, Security fix for CVE-2018-1139, CVE-2018-1140,\nCVE-2018-10858, CVE-2018-10918, CVE-2018-10919\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc22d6c7bc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:samba and / or libldb packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"samba-4.8.4-0.fc28\", epoch:\"2\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"libldb-1.4.0-3.fc28.1.3.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:samba / libldb\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-26T12:34:15", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.(CVE-2018-1050)\n\n - A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.\n (CVE-2018-10858)\n\n - A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code.(CVE-2017-14746)\n\n - A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server.(CVE-2017-15275)\n\n - It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.(CVE-2017-12150)\n\n - A flaw was found in the way samba client used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.(CVE-2017-12151)\n\n - An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.(CVE-2017-12163)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : samba (EulerOS-SA-2019-1408)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12150", "CVE-2017-12151", "CVE-2017-12163", "CVE-2017-14746", "CVE-2017-15275", "CVE-2018-1050", "CVE-2018-10858"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1408.NASL", "href": "https://www.tenable.com/plugins/nessus/124911", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124911);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-12150\",\n \"CVE-2017-12151\",\n \"CVE-2017-12163\",\n \"CVE-2017-14746\",\n \"CVE-2017-15275\",\n \"CVE-2018-1050\",\n \"CVE-2018-10858\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : samba (EulerOS-SA-2019-1408)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - A null pointer dereference flaw was found in Samba RPC\n external printer service. An attacker could use this\n flaw to cause the printer spooler service to\n crash.(CVE-2018-1050)\n\n - A heap-buffer overflow was found in the way samba\n clients processed extra long filename in a directory\n listing. A malicious samba server could use this flaw\n to cause arbitrary code execution on a samba client.\n (CVE-2018-10858)\n\n - A use-after-free flaw was found in the way samba\n servers handled certain SMB1 requests. An\n unauthenticated attacker could send specially-crafted\n SMB1 requests to cause the server to crash or execute\n arbitrary code.(CVE-2017-14746)\n\n - A memory disclosure flaw was found in samba. An\n attacker could retrieve parts of server memory, which\n could contain potentially sensitive data, by sending\n specially-crafted requests to the samba\n server.(CVE-2017-15275)\n\n - It was found that samba did not enforce 'SMB signing'\n when certain configuration options were enabled. A\n remote attacker could launch a man-in-the-middle attack\n and retrieve information in plain-text.(CVE-2017-12150)\n\n - A flaw was found in the way samba client used\n encryption with the max protocol set as SMB3. The\n connection could lose the requirement for signing and\n encrypting to any DFS redirects, allowing an attacker\n to read or alter the contents of the connection via a\n man-in-the-middle attack.(CVE-2017-12151)\n\n - An information leak flaw was found in the way SMB1\n protocol was implemented by Samba. A malicious client\n could use this flaw to dump server memory contents to a\n file on the samba share or to a shared printer, though\n the exact area of server memory cannot be controlled by\n the attacker.(CVE-2017-12163)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1408\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9766417c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.7.1-9.h2\",\n \"libwbclient-4.7.1-9.h2\",\n \"samba-client-libs-4.7.1-9.h2\",\n \"samba-common-4.7.1-9.h2\",\n \"samba-common-libs-4.7.1-9.h2\",\n \"samba-common-tools-4.7.1-9.h2\",\n \"samba-libs-4.7.1-9.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-08T14:49:07", "description": "The remote host is affected by the vulnerability described in GLSA-202003-52 (Samba: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could possibly execute arbitrary code, cause a Denial of Service condition, conduct a man-in-the-middle attack, or obtain sensitive information.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-03-26T00:00:00", "type": "nessus", "title": "GLSA-202003-52 : Samba: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2018-16860", "CVE-2019-10197", "CVE-2019-14861", "CVE-2019-14870", "CVE-2019-14902", "CVE-2019-14907", "CVE-2019-19344"], "modified": "2022-05-16T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:samba", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202003-52.NASL", "href": "https://www.tenable.com/plugins/nessus/134927", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202003-52.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134927);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\", \"CVE-2018-16860\", \"CVE-2019-10197\", \"CVE-2019-14861\", \"CVE-2019-14870\", \"CVE-2019-14902\", \"CVE-2019-14907\", \"CVE-2019-19344\");\n script_xref(name:\"GLSA\", value:\"202003-52\");\n\n script_name(english:\"GLSA-202003-52 : Samba: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202003-52\n(Samba: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Samba. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code, cause a Denial\n of Service condition, conduct a man-in-the-middle attack, or obtain\n sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202003-52\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Samba 4.9.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-4.9.18'\n All Samba 4.10.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-4.10.13'\n All Samba 4.11.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-4.11.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-fs/samba\", unaffected:make_list(\"rge 4.9.18\", \"rge 4.10.13\", \"rge 4.11.6\"), vulnerable:make_list(\"lt 4.11.6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:23", "description": "An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor.\nRed Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es) :\n\n* spice: Missing check in demarshal.py:write_validate_array_item() allows for buffer overflow and denial of service (CVE-2018-10873)\n\n* glusterfs: Multiple flaws (CVE-2018-10904, CVE-2018-10907, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-10911, CVE-2018-10914, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661, CVE-2018-10913)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Michael Hanselmann (hansmi.ch) for reporting CVE-2018-10904, CVE-2018-10907, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-10911, CVE-2018-10914, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661, and CVE-2018-10913. The CVE-2018-10873 issue was discovered by Frediano Ziglio (Red Hat).\n\nBug Fix(es) :\n\n* When upgrading Red Hat Virtualization Host (RHVH), imgbased fails to run garbage collection on previous layers, so new logical volumes are removed, and the boot entry points to a logical volume that was removed.\n\nIf the RHVH upgrade finishes successfully, the hypervisor boots successfully, even if garbage collection fails. (BZ#1632058)\n\n* During the upgrade process, when lvremove runs garbage collection, it prompts for user confirmation, causing the upgrade process to fail.\nNow the process uses 'lvremove --force' when trying to remove logical volumes and does not fail even if garbage collection fails, and as a result, the upgrade process finishes successfully. (BZ#1632585)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-07T00:00:00", "type": "nessus", "title": "RHEL 7 : Virtualization Manager (RHSA-2018:3470)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000805", "CVE-2018-10858", "CVE-2018-10873", "CVE-2018-10904", "CVE-2018-10907", "CVE-2018-10911", "CVE-2018-10913", "CVE-2018-10914", "CVE-2018-10923", "CVE-2018-10926", "CVE-2018-10927", "CVE-2018-10928", "CVE-2018-10929", "CVE-2018-10930", "CVE-2018-14652", "CVE-2018-14653", "CVE-2018-14654", "CVE-2018-14659", "CVE-2018-14660", "CVE-2018-14661"], "modified": "2022-05-31T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:imgbased", "p-cpe:/a:redhat:enterprise_linux:python-imgbased", "p-cpe:/a:redhat:enterprise_linux:redhat-release-virtualization-host", "p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update", "p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update-placeholder", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-3470.NASL", "href": "https://www.tenable.com/plugins/nessus/118790", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:3470. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118790);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/31\");\n\n script_cve_id(\n \"CVE-2018-10858\",\n \"CVE-2018-10873\",\n \"CVE-2018-10904\",\n \"CVE-2018-10907\",\n \"CVE-2018-10911\",\n \"CVE-2018-10913\",\n \"CVE-2018-10914\",\n \"CVE-2018-10923\",\n \"CVE-2018-10926\",\n \"CVE-2018-10927\",\n \"CVE-2018-10928\",\n \"CVE-2018-10929\",\n \"CVE-2018-10930\",\n \"CVE-2018-14652\",\n \"CVE-2018-14653\",\n \"CVE-2018-14654\",\n \"CVE-2018-14659\",\n \"CVE-2018-14660\",\n \"CVE-2018-14661\",\n \"CVE-2018-1000805\"\n );\n script_xref(name:\"RHSA\", value:\"2018:3470\");\n\n script_name(english:\"RHEL 7 : Virtualization Manager (RHSA-2018:3470)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for imgbased, redhat-release-virtualization-host, and\nredhat-virtualization-host is now available for Red Hat Virtualization\n4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe redhat-virtualization-host packages provide the Red Hat\nVirtualization Host. These packages include\nredhat-release-virtualization-host, ovirt-node, and rhev-hypervisor.\nRed Hat Virtualization Hosts (RHVH) are installed using a special\nbuild of Red Hat Enterprise Linux with only the packages required to\nhost virtual machines. RHVH features a Cockpit user interface for\nmonitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es) :\n\n* spice: Missing check in demarshal.py:write_validate_array_item()\nallows for buffer overflow and denial of service (CVE-2018-10873)\n\n* glusterfs: Multiple flaws (CVE-2018-10904, CVE-2018-10907,\nCVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928,\nCVE-2018-10929, CVE-2018-10930, CVE-2018-10911, CVE-2018-10914,\nCVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659,\nCVE-2018-14660, CVE-2018-14661, CVE-2018-10913)\n\n* samba: Insufficient input validation in libsmbclient\n(CVE-2018-10858)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Michael Hanselmann (hansmi.ch) for\nreporting CVE-2018-10904, CVE-2018-10907, CVE-2018-10923,\nCVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929,\nCVE-2018-10930, CVE-2018-10911, CVE-2018-10914, CVE-2018-14652,\nCVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660,\nCVE-2018-14661, and CVE-2018-10913. The CVE-2018-10873 issue was\ndiscovered by Frediano Ziglio (Red Hat).\n\nBug Fix(es) :\n\n* When upgrading Red Hat Virtualization Host (RHVH), imgbased fails to\nrun garbage collection on previous layers, so new logical volumes are\nremoved, and the boot entry points to a logical volume that was\nremoved.\n\nIf the RHVH upgrade finishes successfully, the hypervisor boots\nsuccessfully, even if garbage collection fails. (BZ#1632058)\n\n* During the upgrade process, when lvremove runs garbage collection,\nit prompts for user confirmation, causing the upgrade process to fail.\nNow the process uses 'lvremove --force' when trying to remove logical\nvolumes and does not fail even if garbage collection fails, and as a\nresult, the upgrade process finishes successfully. (BZ#1632585)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:3470\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10873\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10907\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10911\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10913\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10914\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10927\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10928\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-10930\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-14652\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-14653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-14654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-14659\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-14660\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-14661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-1000805\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14654\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-14653\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:imgbased\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-imgbased\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-release-virtualization-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update-placeholder\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:3470\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"redhat-release-virtualization-host-4.2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Red Hat Virtualization 4\");\n\n if (rpm_check(release:\"RHEL7\", reference:\"imgbased-1.0.29-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"python-imgbased-1.0.29-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"redhat-release-virtualization-host-4.2-7.3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"redhat-virtualization-host-image-update-4.2-20181026.0.el7_6\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"redhat-virtualization-host-image-update-placeholder-4.2-7.3.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"imgbased / python-imgbased / redhat-release-virtualization-host / etc\");\n }\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:S/C:N/I:C/A:C"}}], "redhatcve": [{"lastseen": "2023-03-11T08:36:13", "description": "A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-30T03:57:42", "type": "redhatcve", "title": "CVE-2018-10858", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2023-03-11T05:37:22", "id": "RH:CVE-2018-10858", "href": "https://access.redhat.com/security/cve/cve-2018-10858", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:47:12", "description": "A heap-buffer overflow was found in the way samba clients processed extra\nlong filename in a directory listing. A malicious samba server could use\nthis flaw to cause arbitrary code execution on a samba client. Samba\nversions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.\n\n#### Bugs\n\n * <https://bugzilla.samba.org/show_bug.cgi?id=13453>\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-14T00:00:00", "type": "ubuntucve", "title": "CVE-2018-10858", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2018-08-14T00:00:00", "id": "UB:CVE-2018-10858", "href": "https://ubuntu.com/security/CVE-2018-10858", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-07-17T14:13:11", "description": "This host is running Samba and is prone\n to a heap based buffer overflow vulnerability.", "cvss3": {}, "published": "2018-08-17T00:00:00", "type": "openvas", "title": "Samba 'libsmbclient' Heap Buffer Overflow Vulnerability - Aug18", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310813782", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813782", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Samba 'libsmbclient' Heap Buffer Overflow Vulnerability - Aug18\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:samba:samba\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813782\");\n script_version(\"2019-07-05T09:54:18+0000\");\n script_cve_id(\"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:54:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-17 12:10:38 +0530 (Fri, 17 Aug 2018)\");\n script_name(\"Samba 'libsmbclient' Heap Buffer Overflow Vulnerability - Aug18\");\n\n script_tag(name:\"summary\", value:\"This host is running Samba and is prone\n to a heap based buffer overflow vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to insufficient input\n validation on client directory listing in libsmbclient.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to conduct a denial of service attack.\");\n\n script_tag(name:\"affected\", value:\"Samba versions 3.2.0 through 4.8.3\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Samba 4.6.16, 4.7.9 or 4.8.4\n or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-10858.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/history/samba-4.6.16.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/history/samba-4.7.9.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/history/samba-4.8.4.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"smb_nativelanman.nasl\", \"gb_samba_detect.nasl\");\n script_mandatory_keys(\"samba/smb_or_ssh/detected\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE))) exit(0);\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\nloc = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"3.2.0\", test_version2:\"4.6.15\")){\n fix = \"4.6.16\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"4.7.0\", test_version2:\"4.7.8\")){\n fix = \"4.7.9\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"4.8.0\", test_version2:\"4.8.3\")){\n fix = \"4.8.4\";\n}\n\nif(fix){\n report = report_fixed_ver( installed_version:vers, fixed_version: fix + \" or apply patch\", install_path:loc);\n security_message( data:report, port:port);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:40:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-18T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for samba (openSUSE-SU-2018:2396-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851862", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851862", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851862\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-18 06:33:39 +0200 (Sat, 18 Aug 2018)\");\n script_cve_id(\"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for samba (openSUSE-SU-2018:2396-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for samba fixes the following issues:\n\n The following security vulnerability was fixed:\n\n - CVE-2018-10858: Fixed insufficient input validation on client directory\n listing in libsmbclient (bsc#1103411)\n\n The following other change was made:\n\n - s3: winbind: Fix 'winbind normalize names' in wb_getpwsid()\n\n - winbind: honor 'winbind use default domain' with empty domain\n (bsc#1087303)\n\n - winbind: do not modify credentials in NTLM passthru (bsc#1068059)\n\n - net: fix net ads keytab handling (bsc#1067700)\n\n - fix vfs_ceph flock stub\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-890=1\");\n\n script_tag(name:\"affected\", value:\"samba on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:2396-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-08/msg00056.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"ctdb\", rpm:\"ctdb~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-debuginfo\", rpm:\"ctdb-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-tests\", rpm:\"ctdb-tests~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-tests-debuginfo\", rpm:\"ctdb-tests-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0\", rpm:\"libdcerpc-binding0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-debuginfo\", rpm:\"libdcerpc-binding0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-devel\", rpm:\"libdcerpc-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr-devel\", rpm:\"libdcerpc-samr-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0\", rpm:\"libdcerpc-samr0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-debuginfo\", rpm:\"libdcerpc-samr0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0\", rpm:\"libdcerpc0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-debuginfo\", rpm:\"libdcerpc0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-devel\", rpm:\"libndr-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac-devel\", rpm:\"libndr-krb5pac-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0\", rpm:\"libndr-krb5pac0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-debuginfo\", rpm:\"libndr-krb5pac0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt-devel\", rpm:\"libndr-nbt-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0\", rpm:\"libndr-nbt0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-debuginfo\", rpm:\"libndr-nbt0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard-devel\", rpm:\"libndr-standard-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0\", rpm:\"libndr-standard0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-debuginfo\", rpm:\"libndr-standard0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0\", rpm:\"libndr0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-debuginfo\", rpm:\"libndr0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-debuginfo\", rpm:\"libnetapi0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials-devel\", rpm:\"libsamba-credentials-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0\", rpm:\"libsamba-credentials0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-debuginfo\", rpm:\"libsamba-credentials0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors-devel\", rpm:\"libsamba-errors-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0\", rpm:\"libsamba-errors0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-debuginfo\", rpm:\"libsamba-errors0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig-devel\", rpm:\"libsamba-hostconfig-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0\", rpm:\"libsamba-hostconfig0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-debuginfo\", rpm:\"libsamba-hostconfig0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb-devel\", rpm:\"libsamba-passdb-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0\", rpm:\"libsamba-passdb0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-debuginfo\", rpm:\"libsamba-passdb0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy-devel\", rpm:\"libsamba-policy-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0\", rpm:\"libsamba-policy0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-debuginfo\", rpm:\"libsamba-policy0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util-devel\", rpm:\"libsamba-util-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0\", rpm:\"libsamba-util0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-debuginfo\", rpm:\"libsamba-util0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb-devel\", rpm:\"libsamdb-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0\", rpm:\"libsamdb0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-debuginfo\", rpm:\"libsamdb0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo\", rpm:\"libsmbclient0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf-devel\", rpm:\"libsmbconf-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0\", rpm:\"libsmbconf0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-debuginfo\", rpm:\"libsmbconf0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap-devel\", rpm:\"libsmbldap-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap0\", rpm:\"libsmbldap0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap0-debuginfo\", rpm:\"libsmbldap0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util-devel\", rpm:\"libtevent-util-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0\", rpm:\"libtevent-util0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-debuginfo\", rpm:\"libtevent-util0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo\", rpm:\"libwbclient0-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo\", rpm:\"samba-client-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-core-devel\", rpm:\"samba-core-devel~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debugsource\", rpm:\"samba-debugsource~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-debuginfo\", rpm:\"samba-libs-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-pidl\", rpm:\"samba-pidl~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python-debuginfo\", rpm:\"samba-python-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-test\", rpm:\"samba-test~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-test-debuginfo\", rpm:\"samba-test-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo\", rpm:\"samba-winbind-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-32bit\", rpm:\"libdcerpc-binding0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-debuginfo-32bit\", rpm:\"libdcerpc-binding0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-32bit\", rpm:\"libdcerpc-samr0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-debuginfo-32bit\", rpm:\"libdcerpc-samr0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-32bit\", rpm:\"libdcerpc0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-debuginfo-32bit\", rpm:\"libdcerpc0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-32bit\", rpm:\"libndr-krb5pac0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-debuginfo-32bit\", rpm:\"libndr-krb5pac0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-32bit\", rpm:\"libndr-nbt0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-debuginfo-32bit\", rpm:\"libndr-nbt0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-32bit\", rpm:\"libndr-standard0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-debuginfo-32bit\", rpm:\"libndr-standard0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-32bit\", rpm:\"libndr0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-debuginfo-32bit\", rpm:\"libndr0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-32bit\", rpm:\"libnetapi0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-debuginfo-32bit\", rpm:\"libnetapi0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-32bit\", rpm:\"libsamba-credentials0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-debuginfo-32bit\", rpm:\"libsamba-credentials0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-32bit\", rpm:\"libsamba-errors0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-debuginfo-32bit\", rpm:\"libsamba-errors0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-32bit\", rpm:\"libsamba-hostconfig0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-debuginfo-32bit\", rpm:\"libsamba-hostconfig0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-32bit\", rpm:\"libsamba-passdb0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-debuginfo-32bit\", rpm:\"libsamba-passdb0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-32bit\", rpm:\"libsamba-policy0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-debuginfo-32bit\", rpm:\"libsamba-policy0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-32bit\", rpm:\"libsamba-util0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-debuginfo-32bit\", rpm:\"libsamba-util0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-32bit\", rpm:\"libsamdb0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-debuginfo-32bit\", rpm:\"libsamdb0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-32bit\", rpm:\"libsmbclient0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo-32bit\", rpm:\"libsmbclient0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-32bit\", rpm:\"libsmbconf0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-debuginfo-32bit\", rpm:\"libsmbconf0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap0-32bit\", rpm:\"libsmbldap0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap0-debuginfo-32bit\", rpm:\"libsmbldap0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-32bit\", rpm:\"libtevent-util0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-debuginfo-32bit\", rpm:\"libtevent-util0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-32bit\", rpm:\"libwbclient0-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo-32bit\", rpm:\"libwbclient0-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-ceph\", rpm:\"samba-ceph~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-ceph-debuginfo\", rpm:\"samba-ceph-debuginfo~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo-32bit\", rpm:\"samba-client-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-32bit\", rpm:\"samba-libs-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-debuginfo-32bit\", rpm:\"samba-libs-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo-32bit\", rpm:\"samba-winbind-debuginfo-32bit~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~4.6.14+git.157.c2d53c2b191~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:55:32", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-10858\nSvyatoslav Phirsov discovered that insufficient input validation in\nlibsmbclient allowed a malicious Samba server to write to the\nclient", "cvss3": {}, "published": "2018-08-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4271-1 (samba - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704271", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704271", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4271-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704271\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10919\");\n script_name(\"Debian Security Advisory DSA 4271-1 (samba - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-14 00:00:00 +0200 (Tue, 14 Aug 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4271.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"samba on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2:4.5.12+dfsg-2+deb9u3.\n\nWe recommend that you upgrade your samba packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/samba\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-10858\nSvyatoslav Phirsov discovered that insufficient input validation in\nlibsmbclient allowed a malicious Samba server to write to the\nclient's heap memory.\n\nCVE-2018-10919\nPhillip Kuhrt discovered that Samba when acting as an Active Domain\ncontroller disclosed some sensitive attributes.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"ctdb\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libparse-pidl-perl\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-samba\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"registry-tools\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dev\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-libs\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-testsuite\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-vfs-modules\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"winbind\", ver:\"2:4.5.12+dfsg-2+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:07", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1150)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-1050"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191150", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191150", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1150\");\n script_version(\"2020-01-23T11:32:56+0000\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:32:56 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:32:56 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1150)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1150\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1150\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-1150 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\nsamba: NULL pointer dereference in printer server process (CVE-2018-1050)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.7.1~9.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:33:51", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1125)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-1050"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191125", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191125", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1125\");\n script_version(\"2020-01-23T11:32:08+0000\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:32:08 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:32:08 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1125)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1125\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1125\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-1125 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\nsamba: NULL pointer dereference in printer server process (CVE-2018-1050)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.6.2~8.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:34:18", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1342)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-1050"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191342", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1342\");\n script_version(\"2020-01-23T11:39:56+0000\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:39:56 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:39:56 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1342)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1342\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1342\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-1342 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.(CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.(CVE-2018-10858)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-clients\", rpm:\"samba-winbind-clients~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-modules\", rpm:\"samba-winbind-modules~4.6.2~8.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:45", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1273)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10858", "CVE-2018-1050"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191273", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191273", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1273\");\n script_version(\"2020-01-23T11:37:03+0000\");\n script_cve_id(\"CVE-2018-1050\", \"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:37:03 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:37:03 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1273)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1273\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1273\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-1273 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash. (CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.(CVE-2018-10858)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.6.2~8.h6\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "openvas", "title": "Ubuntu Update for samba USN-3738-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-10919", "CVE-2018-10918"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843615", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843615", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3738_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for samba USN-3738-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843615\");\n script_version(\"$Revision: 14288 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 06:19:51 +0200 (Wed, 15 Aug 2018)\");\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for samba USN-3738-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"insight\", value:\"Svyatoslav Phirsov discovered that the Samba\n libsmbclient library incorrectly handled extra long filenames. A malicious server\n could use this issue to cause Samba to crash, resulting in a denial of service, or\npossibly execute arbitrary code. (CVE-2018-10858)\n\nVolker Mauel discovered that Samba incorrectly handled database output.\nWhen used as an Active Directory Domain Controller, a remote authenticated\nattacker could use this issue to cause Samba to crash, resulting in a\ndenial of service. This issue only affected Ubuntu 18.04 LTS.\n(CVE-2018-10918)\n\nPhillip Kuhrt discovered that the Samba LDAP server incorrectly handled\ncertain confidential attribute values. A remote authenticated attacker\ncould possibly use this issue to obtain certain sensitive information.\n(CVE-2018-10919)\n\nVivek Das discovered that Samba incorrectly handled NTLMv1 being explicitly\ndisabled on the server. A remote user could possibly be authenticated using\nNTLMv1, contrary to expectations. This issue only affected Ubuntu 18.04\nLTS. (CVE-2018-1139)\");\n script_tag(name:\"affected\", value:\"samba on Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"USN\", value:\"3738-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3738-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.3.11+dfsg-0ubuntu0.14.04.16\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.14.04.16\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.3.11+dfsg-0ubuntu0.16.04.15\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.16.04.15\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:33:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for samba (openSUSE-SU-2018:2400-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-10918"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852010", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852010", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852010\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:33:53 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for samba (openSUSE-SU-2018:2400-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:2400-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-08/msg00059.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the openSUSE-SU-2018:2400-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for samba fixes the following issues:\n\n The following security vulnerabilities were fixed:\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it\n (bsc#1095048)\n\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with\n escapes crashes (bsc#1095056)\n\n - CVE-2018-10919: Confidential attribute disclosure via substring search\n (bsc#1095057)\n\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer\n overflow (bsc#1103411)\n\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user\n without a SPN (bsc#1103414)\n\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-891=1\");\n\n script_tag(name:\"affected\", value:\"samba on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"ctdb\", rpm:\"ctdb~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-debuginfo\", rpm:\"ctdb-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-pcp-pmda\", rpm:\"ctdb-pcp-pmda~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-pcp-pmda-debuginfo\", rpm:\"ctdb-pcp-pmda-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-tests\", rpm:\"ctdb-tests~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ctdb-tests-debuginfo\", rpm:\"ctdb-tests-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0\", rpm:\"libdcerpc-binding0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-debuginfo\", rpm:\"libdcerpc-binding0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-devel\", rpm:\"libdcerpc-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr-devel\", rpm:\"libdcerpc-samr-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0\", rpm:\"libdcerpc-samr0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-debuginfo\", rpm:\"libdcerpc-samr0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0\", rpm:\"libdcerpc0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-debuginfo\", rpm:\"libdcerpc0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-devel\", rpm:\"libndr-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac-devel\", rpm:\"libndr-krb5pac-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0\", rpm:\"libndr-krb5pac0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-debuginfo\", rpm:\"libndr-krb5pac0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt-devel\", rpm:\"libndr-nbt-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0\", rpm:\"libndr-nbt0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-debuginfo\", rpm:\"libndr-nbt0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard-devel\", rpm:\"libndr-standard-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0\", rpm:\"libndr-standard0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-debuginfo\", rpm:\"libndr-standard0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0\", rpm:\"libndr0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-debuginfo\", rpm:\"libndr0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi-devel\", rpm:\"libnetapi-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0\", rpm:\"libnetapi0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-debuginfo\", rpm:\"libnetapi0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials-devel\", rpm:\"libsamba-credentials-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0\", rpm:\"libsamba-credentials0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-debuginfo\", rpm:\"libsamba-credentials0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors-devel\", rpm:\"libsamba-errors-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0\", rpm:\"libsamba-errors0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-debuginfo\", rpm:\"libsamba-errors0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig-devel\", rpm:\"libsamba-hostconfig-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0\", rpm:\"libsamba-hostconfig0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-debuginfo\", rpm:\"libsamba-hostconfig0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb-devel\", rpm:\"libsamba-passdb-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0\", rpm:\"libsamba-passdb0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-debuginfo\", rpm:\"libsamba-passdb0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy-devel\", rpm:\"libsamba-policy-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0\", rpm:\"libsamba-policy0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-debuginfo\", rpm:\"libsamba-policy0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util-devel\", rpm:\"libsamba-util-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0\", rpm:\"libsamba-util0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-debuginfo\", rpm:\"libsamba-util0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb-devel\", rpm:\"libsamdb-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0\", rpm:\"libsamdb0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-debuginfo\", rpm:\"libsamdb0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient-devel\", rpm:\"libsmbclient-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0\", rpm:\"libsmbclient0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-debuginfo\", rpm:\"libsmbclient0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf-devel\", rpm:\"libsmbconf-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0\", rpm:\"libsmbconf0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-debuginfo\", rpm:\"libsmbconf0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap-devel\", rpm:\"libsmbldap-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap2\", rpm:\"libsmbldap2~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap2-debuginfo\", rpm:\"libsmbldap2-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util-devel\", rpm:\"libtevent-util-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0\", rpm:\"libtevent-util0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-debuginfo\", rpm:\"libtevent-util0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient-devel\", rpm:\"libwbclient-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0\", rpm:\"libwbclient0~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-debuginfo\", rpm:\"libwbclient0-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client\", rpm:\"samba-client~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-debuginfo\", rpm:\"samba-client-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-core-devel\", rpm:\"samba-core-devel~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debuginfo\", rpm:\"samba-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-debugsource\", rpm:\"samba-debugsource~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-dsdb-modules\", rpm:\"samba-dsdb-modules~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-dsdb-modules-debuginfo\", rpm:\"samba-dsdb-modules-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-kdc\", rpm:\"samba-kdc~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-kdc-debuginfo\", rpm:\"samba-kdc-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-debuginfo\", rpm:\"samba-libs-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-pidl\", rpm:\"samba-pidl~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python\", rpm:\"samba-python~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-python-debuginfo\", rpm:\"samba-python-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-test\", rpm:\"samba-test~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-test-debuginfo\", rpm:\"samba-test-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind\", rpm:\"samba-winbind~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-debuginfo\", rpm:\"samba-winbind-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-32bit\", rpm:\"libdcerpc-binding0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-binding0-32bit-debuginfo\", rpm:\"libdcerpc-binding0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-32bit\", rpm:\"libdcerpc-samr0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc-samr0-32bit-debuginfo\", rpm:\"libdcerpc-samr0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-32bit\", rpm:\"libdcerpc0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdcerpc0-32bit-debuginfo\", rpm:\"libdcerpc0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-32bit\", rpm:\"libndr-krb5pac0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-krb5pac0-32bit-debuginfo\", rpm:\"libndr-krb5pac0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-32bit\", rpm:\"libndr-nbt0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-nbt0-32bit-debuginfo\", rpm:\"libndr-nbt0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-32bit\", rpm:\"libndr-standard0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr-standard0-32bit-debuginfo\", rpm:\"libndr-standard0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-32bit\", rpm:\"libndr0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libndr0-32bit-debuginfo\", rpm:\"libndr0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-32bit\", rpm:\"libnetapi0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libnetapi0-32bit-debuginfo\", rpm:\"libnetapi0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-32bit\", rpm:\"libsamba-credentials0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-credentials0-32bit-debuginfo\", rpm:\"libsamba-credentials0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-32bit\", rpm:\"libsamba-errors0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-errors0-32bit-debuginfo\", rpm:\"libsamba-errors0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-32bit\", rpm:\"libsamba-hostconfig0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-hostconfig0-32bit-debuginfo\", rpm:\"libsamba-hostconfig0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-32bit\", rpm:\"libsamba-passdb0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-passdb0-32bit-debuginfo\", rpm:\"libsamba-passdb0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-32bit\", rpm:\"libsamba-policy0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-policy0-32bit-debuginfo\", rpm:\"libsamba-policy0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-32bit\", rpm:\"libsamba-util0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamba-util0-32bit-debuginfo\", rpm:\"libsamba-util0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-32bit\", rpm:\"libsamdb0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsamdb0-32bit-debuginfo\", rpm:\"libsamdb0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-32bit\", rpm:\"libsmbclient0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient0-32bit-debuginfo\", rpm:\"libsmbclient0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-32bit\", rpm:\"libsmbconf0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbconf0-32bit-debuginfo\", rpm:\"libsmbconf0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap2-32bit\", rpm:\"libsmbldap2-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbldap2-32bit-debuginfo\", rpm:\"libsmbldap2-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-32bit\", rpm:\"libtevent-util0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtevent-util0-32bit-debuginfo\", rpm:\"libtevent-util0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-32bit\", rpm:\"libwbclient0-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient0-32bit-debuginfo\", rpm:\"libwbclient0-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-ceph\", rpm:\"samba-ceph~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-ceph-debuginfo\", rpm:\"samba-ceph-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-32bit\", rpm:\"samba-client-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-32bit-debuginfo\", rpm:\"samba-client-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-kdc-32bit\", rpm:\"samba-kdc-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-kdc-32bit-debuginfo\", rpm:\"samba-kdc-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-32bit\", rpm:\"samba-libs-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs-32bit-debuginfo\", rpm:\"samba-libs-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-32bit\", rpm:\"samba-winbind-32bit~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-winbind-32bit-debuginfo\", rpm:\"samba-winbind-32bit-debuginfo~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-doc\", rpm:\"samba-doc~4.7.8+git.86.94b6d10f7dd~lp150.3.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-21T00:00:00", "type": "openvas", "title": "Fedora Update for libldb FEDORA-2018-bc22d6c7bc", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-10918"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874977", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874977", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_bc22d6c7bc_libldb_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libldb FEDORA-2018-bc22d6c7bc\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874977\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-21 06:56:45 +0200 (Tue, 21 Aug 2018)\");\n script_cve_id(\"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\",\n \"CVE-2018-10919\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libldb FEDORA-2018-bc22d6c7bc\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libldb'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"libldb on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-bc22d6c7bc\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMELAF56SFMIHXRXGSB7LFC6JJDUHRUA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldb\", rpm:\"libldb~1.4.0~3.fc28.1.3.5\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-21T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-bc22d6c7bc", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-1050", "CVE-2018-1057", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-10918"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874976", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874976", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_bc22d6c7bc_samba_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for samba FEDORA-2018-bc22d6c7bc\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874976\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-21 06:55:59 +0200 (Tue, 21 Aug 2018)\");\n script_cve_id(\"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\",\n \"CVE-2018-10919\", \"CVE-2018-1050\", \"CVE-2018-1057\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for samba FEDORA-2018-bc22d6c7bc\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"samba on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-bc22d6c7bc\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JLO2ZIZN3LCSYBMKQC6WDL5AJYSE2UG2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.8.4~0.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:36:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1408)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12150", "CVE-2018-10858", "CVE-2018-1050", "CVE-2017-12163", "CVE-2017-12151", "CVE-2017-14746", "CVE-2017-15275"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191408", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191408", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1408\");\n script_version(\"2020-01-23T11:42:49+0000\");\n script_cve_id(\"CVE-2017-12150\", \"CVE-2017-12151\", \"CVE-2017-12163\", \"CVE-2017-14746\", \"CVE-2017-15275\", \"CVE-2018-1050\", \"CVE-2018-10858\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:42:49 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:42:49 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1408)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1408\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1408\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'samba' package(s) announced via the EulerOS-SA-2019-1408 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.(CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. (CVE-2018-10858)\n\nA use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code.(CVE-2017-14746)\n\nA memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server.(CVE-2017-15275)\n\nIt was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.(CVE-2017-12150)\n\nA flaw was found in the way samba client used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.(CVE-2017-12151)\n\nAn information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.(CVE-2017-12163)\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsmbclient\", rpm:\"libsmbclient~4.7.1~9.h2\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwbclient\", rpm:\"libwbclient~4.7.1~9.h2\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-client-libs\", rpm:\"samba-client-libs~4.7.1~9.h2\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common\", rpm:\"samba-common~4.7.1~9.h2\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-libs\", rpm:\"samba-common-libs~4.7.1~9.h2\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-common-tools\", rpm:\"samba-common-tools~4.7.1~9.h2\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"samba-libs\", rpm:\"samba-libs~4.7.1~9.h2\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-22T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-8e4d871867", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-1050", "CVE-2018-1057", "CVE-2018-1140", "CVE-2017-14746", "CVE-2018-10919", "CVE-2018-10918", "CVE-2017-15275"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874979", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874979", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_8e4d871867_samba_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for samba FEDORA-2018-8e4d871867\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874979\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-22 06:58:16 +0200 (Wed, 22 Aug 2018)\");\n script_cve_id(\"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\",\n \"CVE-2018-10919\", \"CVE-2018-1050\", \"CVE-2018-1057\", \"CVE-2017-14746\",\n \"CVE-2017-15275\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for samba FEDORA-2018-8e4d871867\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"samba on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-8e4d871867\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7YJYQHQW2OGFNOT7P6SZ5G7A4EDHC2ND\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.7.9~0.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-c2a93f8e1b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-16851", "CVE-2018-10858", "CVE-2018-1050", "CVE-2018-1057", "CVE-2018-14629", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-16841", "CVE-2018-10918", "CVE-2018-16853"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875317", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875317", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_c2a93f8e1b_samba_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for samba FEDORA-2018-c2a93f8e1b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875317\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16853\", \"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1050\", \"CVE-2018-1057\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:28:08 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for samba FEDORA-2018-c2a93f8e1b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-c2a93f8e1b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O6CDGPQKS2VCHWPTF4BNRGR5Y5AV7NWW\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2018-c2a93f8e1b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"samba on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.8.7~0.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-30T00:00:00", "type": "openvas", "title": "Fedora Update for samba FEDORA-2019-019c5314a0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3880", "CVE-2018-1139", "CVE-2018-16851", "CVE-2018-10858", "CVE-2018-1050", "CVE-2018-1057", "CVE-2018-14629", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-16841", "CVE-2018-10918", "CVE-2018-16853"], "modified": "2019-04-30T00:00:00", "id": "OPENVAS:1361412562310875582", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875582", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875582\");\n script_version(\"2019-04-30T06:40:08+0000\");\n script_cve_id(\"CVE-2019-3880\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16853\", \"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1050\", \"CVE-2018-1057\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-04-30 06:40:08 +0000 (Tue, 30 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-30 02:12:09 +0000 (Tue, 30 Apr 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-019c5314a0\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-019c5314a0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRLRO7BPRFETVFZ4TVJL2VFZEPHKJY4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2019-019c5314a0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.8.11~0.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2018-08-17T15:01:24", "description": "This update for samba fixes the following issues:\n\n The following security vulnerability was fixed:\n\n - CVE-2018-10858: Fixed insufficient input validation on client directory\n listing in libsmbclient; (bsc#1103411);\n\n The following other change was made:\n\n - s3: winbind: Fix 'winbind normalize names' in wb_getpwsid();\n - winbind: honor "winbind use default domain" with empty domain\n (bsc#1087303)\n - winbind: do not modify credentials in NTLM passthru (bsc#1068059)\n - net: fix net ads keytab handling (bsc#1067700)\n - fix vfs_ceph flock stub\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n", "cvss3": {}, "published": "2018-08-17T12:07:57", "type": "suse", "title": "Security update for samba (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-10858"], "modified": "2018-08-17T12:07:57", "id": "OPENSUSE-SU-2018:2396-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-08/msg00056.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-17T15:01:24", "description": "This update for samba fixes the following issues:\n\n The following security vulnerabilities were fixed:\n\n - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it;\n (bsc#1095048)\n - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with\n escapes crashes; (bsc#1095056)\n - CVE-2018-10919: Confidential attribute disclosure via substring search;\n (bsc#1095057)\n - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer\n overflow; (bsc#1103411)\n - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user\n without a SPN; (bsc#1103414)\n\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-08-17T12:12:13", "type": "suse", "title": "Security update for samba (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-1139", "CVE-2018-10858", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-10918"], "modified": "2018-08-17T12:12:13", "id": "OPENSUSE-SU-2018:2400-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-08/msg00059.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "ibm": [{"lastseen": "2023-02-21T21:46:21", "description": "## Summary\n\nA Samba vulnerability affects IBM Spectrum Scale SMB protocol access method to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-10858](<https://vulners.com/cve/CVE-2018-10858>) \n**DESCRIPTION:** Samba is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148710> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM Spectrum Scale V5.0.0.0 thru V5.0.2.0\n\nIBM Spectrum Scale V4.2.0.0 thru V4.2.3.10\n\nIBM Spectrum Scale V4.1.1.0 thru V4.1.1.20\n\n## Remediation/Fixes\n\nFor IBM Spectrum Scale V5.0.0.0 thru V5.0.2.0, apply V5.0.2.1 available from FixCentral at \n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=5.0.2&platform=All&function=all](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=5.0.2&platform=All&function=all>) \n \nFor IBM Spectrum Scale V4.2.0.0 thru V4.2.3.10, apply V4.2.3.11 available from FixCentral at \n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=4.2.3&platform=All&function=all](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=4.2.3&platform=All&function=all>) \n \nFor IBM Spectrum Scale V4.1.0.0 (GPFS) thru V4.1.1.20, apply V4.1.1.21 available from FixCentral at \n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%2Bdefined%2Bstorage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=4.1.1&platform=All&function=all](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%2Bdefined%2Bstorage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=4.1.1&platform=All&function=all>) \n \nIf you cannot apply the latest level of service, contact IBM Service for an efix\n\n * IBM Specrum Scale V5.0.0.0 thru V5.0.2.0, reference APAR IJ09591\n * IBM Spectrum Scale 4.2.0.0 thru 4.2.3.10, reference APAR IJ09590\n * IBM Spectrum Scale 4.1.0.0 thru 4.1.1.20, reference APAR IJ09563\n\n \n \nTo contact IBM Service, see [_http://www.ibm.com/planetwide/_](<http://www.ibm.com/planetwide/>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-30T07:40:02", "type": "ibm", "title": "Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2018-10858)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2018-10-30T07:40:02", "id": "DB12F66FB174F7639D4040E533C9C3C2B38EB2659C60753763F3D5DF7F1BDD5D", "href": "https://www.ibm.com/support/pages/node/732876", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:48:55", "description": "## Summary\n\nPublicly disclosed Samba vulnerabilities\n\n## Vulnerability Details\n\n**CVEID: ** [CVE-2018-10858](<https://vulners.com/cve/CVE-2018-10858>) \n**Description: **Samba is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n**CVSS Base Score: **7.3 \n**CVSS Temporal Score: ** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148710> for the current score \n**CVSS Environmental Score: ***Undefined \n**CVSS Vector: **CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L \n \n**CVEID: ** [CVE-2018-1139](<https://vulners.com/cve/CVE-2018-1139>) \n**Description: **Samba could allow a remote attacker to obtain sensitive information, caused by the use of weak NTLMv1 authentication over an SMB1 transport. An attacker could exploit this vulnerability using man-in-the-middle techniques to read details passed between the samba server and client. \n**CVSS Base Score: **5.4 \n**CVSS Temporal Score: ** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148707> for the current score \n**CVSS Environmental Score: ***Undefined \n**CVSS Vector: **CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N \n\n\n## Affected Products and Versions\n\n * IBM QRadar SIEM 7.3.0 - 7.3.1 Patch 7\n\n## Remediation/Fixes\n\n * [QRadar / QRM / QVM / QRIF / QNI 7.3.1 Patch 8](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Vulnerability+Manager&release=All&platform=All&function=fixId&fixids=7.3.1-QRADAR-QRSIEM-20190228154648&includeRequisites=1&includeSupersedes=0&downloadMethod=http>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-05T18:15:01", "type": "ibm", "title": "Security Bulletin: IBM QRadar SIEM is vulnerable to Publicly disclosed Samba vulnerabilities (CVE-2018-10858, CVE-2018-1139)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-1139"], "modified": "2019-03-05T18:15:01", "id": "DF2732B37749E838D568058735FFDC547A56C12DBE652124924CA2895A6EAA3F", "href": "https://www.ibm.com/support/pages/node/874886", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:42:53", "description": "## Summary\n\nSamba is supported on IBM i. IBM i has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-10918](<https://vulners.com/cve/CVE-2018-10918>) \n**DESCRIPTION:** Samba is vulnerable to a denial of service, caused by a NULL pointer dereference when checking database outputs from the LDB database layer. If Samba is in an Active Directory Domain Controller configuration, a remote attacker could exploit this vulnerability to cause the \"samba\" process to crash. \nCVSS Base Score: 5.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148709> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1139](<https://vulners.com/cve/CVE-2018-1139>) \n**DESCRIPTION:** Samba could allow a remote attacker to obtain sensitive information, caused by the use of weak NTLMv1 authentication over an SMB1 transport. An attacker could exploit this vulnerability using man-in-the-middle techniques to read details passed between the samba server and client. \nCVSS Base Score: 5.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148707> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-10919](<https://vulners.com/cve/CVE-2018-10919>) \n**DESCRIPTION:** Samba could allow a remote attacker to obtain sensitive information, caused by missing access control checks in the Active Directory LDAP server. An attacker could exploit this vulnerability using authenticated LDAP search expressions to obtain confidential attribute values. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148708> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-10858](<https://vulners.com/cve/CVE-2018-10858>) \n**DESCRIPTION:** Samba is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148710> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-1140](<https://vulners.com/cve/CVE-2018-1140>) \n**DESCRIPTION:** Samba is vulnerable to a denial of service, caused by missing NULL pointer checks on some of the input parameters to the implementation of LDP database. If Samba is in an Active Directory Domain Controller configuration, a remote attacker could exploit this vulnerability to cause the LDAP server and DNS server to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148706> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nReleases 7.2 and 7.3 of IBM are affected.\n\n## Remediation/Fixes\n\nThe issue can be fixed by applying a PTF to the IBM i Operating System.\n\nReleases 7.2 and 7.3 of IBM i are supported and will be fixed.\n\n<https://www-945.ibm.com/support/fixcentral/>\n\nThe IBM i PTF numbers are:\n\n**Release 7.2 **\\- SI68291\n\n**Release 7.3** \\- SI68292\n\n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-18T14:26:38", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Samba affect IBM i", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2019-12-18T14:26:38", "id": "FF8DCAF5269CDB0552E4DD23632ECE05975BD0C298A785C73A2CD22105F5CB55", "href": "https://www.ibm.com/support/pages/node/730345", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-22T01:46:44", "description": "## Summary\n\nThere are multiple security vulnerabilities in Samba that affect IBM Spectrum Protect Plus. These vulnerabilities may result in potential information disclosure, denial of service, or execution of arbitrary code on the system. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-1139](<https://vulners.com/cve/CVE-2018-1139>) \n**DESCRIPTION:** Samba could allow a remote attacker to obtain information, caused by the use of weak NTLMv1 authentication over an SMB1 transport. An attacker could exploit this vulnerability using man-in-the-middle techniques to read details passed between the samba server and client. \nCVSS Base Score: 5.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148707> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-1140](<https://vulners.com/cve/CVE-2018-1140>) \n**DESCRIPTION:** Samba is vulnerable to a denial of service, caused by missing NULL pointer checks on some of the input parameters to the implementation of LDP database. If Samba is in an Active Directory Domain Controller configuration, a remote attacker could exploit this vulnerability to cause the LDAP server and DNS server to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148706> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10858](<https://vulners.com/cve/CVE-2018-10858>) \n**DESCRIPTION:** Samba is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148710> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-10918](<https://vulners.com/cve/CVE-2018-10918>) \n**DESCRIPTION:** Samba is vulnerable to a denial of service, caused by a NULL pointer dereference when checking database outputs from the LDB database layer. If Samba is in an Active Directory Domain Controller configuration, a remote attacker could exploit this vulnerability to cause the \"samba\" process to crash. \nCVSS Base Score: 5.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148709> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10919](<https://vulners.com/cve/CVE-2018-10919>) \n**DESCRIPTION:** Samba could allow a remote attacker to obtain information, caused by missing access control checks in the Active Directory LDAP server. An attacker could exploit this vulnerability using authenticated LDAP search expressions to obtain confidential attribute values. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148708> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Spectrum Protect Plus versions 10.1.0 through 10.1.2.\n\n## Remediation/Fixes\n\n**_IBM Spectrum Protect Plus Release_**\n\n| **_First Fixing \nVRM Level_** | **_Platform_** | **_Link to Fix / Fix Availability Target_** \n---|---|---|--- \n \n10.1\n\n| 10.1.3 | Linux | \n\n[https://www.ibm.com/support/docview.wss?uid=ibm10743897](<https://www.ibm.com/support/docview.wss?uid=ibm10743897 >) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-26T19:00:01", "type": "ibm", "title": "Security Bulletin: Multiple Samba vulnerabilities affect IBM Spectrum Protect Plus (CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140"], "modified": "2019-02-26T19:00:01", "id": "C6ADA288A87D604AB7D198ABC38D3CC47C47074116F90BDEF9BF22DF090C9534", "href": "https://www.ibm.com/support/pages/node/796402", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-03-30T01:29:14", "description": "A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-22T17:29:00", "type": "debiancve", "title": "CVE-2018-10858", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2018-08-22T17:29:00", "id": "DEBIANCVE:CVE-2018-10858", "href": "https://security-tracker.debian.org/tracker/CVE-2018-10858", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-02-09T14:04:09", "description": "A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-22T17:29:00", "type": "cve", "title": "CVE-2018-10858", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858"], "modified": "2019-06-26T08:15:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/a:redhat:virtualization_host:4.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/a:redhat:virtualization:4.0", "cpe:/o:canonical:ubuntu_linux:18.04"], "id": "CVE-2018-10858", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10858", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}], "slackware": [{"lastseen": "2023-02-08T16:13:12", "description": "New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current\nto fix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/samba-4.6.16-i586-1_slack14.2.txz: Upgraded.\n This is a security release in order to address the following defects:\n Insufficient input validation on client directory listing in libsmbclient.\n A malicious server could return a directory entry that could corrupt\n libsmbclient memory.\n Confidential attribute disclosure from the AD LDAP server.\n Missing access control checks allow discovery of confidential attribute\n values via authenticated LDAP search expressions.\n For more information, see:\n https://www.samba.org/samba/security/CVE-2018-10858.html\n https://www.samba.org/samba/security/CVE-2018-10919.html\n https://vulners.com/cve/CVE-2018-10858\n https://vulners.com/cve/CVE-2018-10919\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/samba-4.6.16-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/samba-4.6.16-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/samba-4.6.16-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/samba-4.6.16-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/samba-4.6.16-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/samba-4.6.16-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-4.8.4-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/samba-4.8.4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n77145495c7596179c765c11515034dee samba-4.6.16-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\na30325cb28bdc8962baf2ed7d9825490 samba-4.6.16-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\na3ecca12612b54c71cf8ac1a2bb345a4 samba-4.6.16-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\nca7abaf3b91a765d14f2932ef2d4bba9 samba-4.6.16-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\n19ee8695015ead96d142a7f076def5d5 samba-4.6.16-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\ndd0fee60c7b8c21d18f1d9fda5f7963a samba-4.6.16-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n843aa03e813d10d25216cb2b0fb2884d n/samba-4.8.4-i586-1.txz\n\nSlackware x86_64 -current package:\nd6ec2116d531e3b3e17b3c4b54fa645c n/samba-4.8.4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg samba-4.6.16-i586-1_slack14.2.txz\n\nThen, if Samba is running restart it:\n\n > /etc/rc.d/rc.samba restart", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-17T17:43:54", "type": "slackware", "title": "[slackware-security] samba", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2018-08-17T17:43:54", "id": "SSA-2018-229-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.467546", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated samba packages fix security vulnerabilities: A malicious server could return a directory entry that could corrupt libsmbclient memory (CVE-2018-10858). Missing access control checks allow discovery of confidential attribute values via authenticated LDAP search expressions (CVE-2018-10919). The samba package has been updated to version 4.6.16, fixing these issues and other bugs. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-30T18:01:43", "type": "mageia", "title": "Updated samba packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2018-10-30T18:01:43", "id": "MGASA-2018-0424", "href": "https://advisories.mageia.org/MGASA-2018-0424.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2023-02-24T11:38:40", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4271-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 14, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : samba\nCVE ID : CVE-2018-10858 CVE-2018-10919\n\nSeveral vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-10858\n\n Svyatoslav Phirsov discovered that insufficient input validation in\n libsmbclient allowed a malicious Samba server to write to the\n client's heap memory.\n\nCVE-2018-10919\n\n Phillip Kuhrt discovered that Samba when acting as an Active Domain\n controller disclosed some sensitive attributes.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:4.5.12+dfsg-2+deb9u3.\n\nWe recommend that you upgrade your samba packages.\n\nFor the detailed security status of samba please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/samba\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-14T10:16:04", "type": "debian", "title": "[SECURITY] [DSA 4271-1] samba security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2018-08-14T10:16:04", "id": "DEBIAN:DSA-4271-1:FEBCF", "href": "https://lists.debian.org/debian-security-announce/2018/msg00200.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T18:33:08", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4271-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 14, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : samba\nCVE ID : CVE-2018-10858 CVE-2018-10919\n\nSeveral vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-10858\n\n Svyatoslav Phirsov discovered that insufficient input validation in\n libsmbclient allowed a malicious Samba server to write to the\n client's heap memory.\n\nCVE-2018-10919\n\n Phillip Kuhrt discovered that Samba when acting as an Active Domain\n controller disclosed some sensitive attributes.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:4.5.12+dfsg-2+deb9u3.\n\nWe recommend that you upgrade your samba packages.\n\nFor the detailed security status of samba please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/samba\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-14T10:16:04", "type": "debian", "title": "[SECURITY] [DSA 4271-1] samba security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2018-08-14T10:16:04", "id": "DEBIAN:DSA-4271-1:02F48", "href": "https://lists.debian.org/debian-security-announce/2018/msg00200.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-08-10T07:13:24", "description": "\nSeveral vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\n\n* [CVE-2018-10858](https://security-tracker.debian.org/tracker/CVE-2018-10858)\nSvyatoslav Phirsov discovered that insufficient input validation in\n libsmbclient allowed a malicious Samba server to write to the\n client's heap memory.\n* [CVE-2018-10919](https://security-tracker.debian.org/tracker/CVE-2018-10919)\nPhillip Kuhrt discovered that Samba when acting as an Active Domain\n controller disclosed some sensitive attributes.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:4.5.12+dfsg-2+deb9u3.\n\n\nWe recommend that you upgrade your samba packages.\n\n\nFor the detailed security status of samba please refer to its security\ntracker page at:\n<https://security-tracker.debian.org/tracker/samba>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-14T00:00:00", "type": "osv", "title": "samba - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2022-08-10T07:13:21", "id": "OSV:DSA-4271-1", "href": "https://osv.dev/vulnerability/DSA-4271-1", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:11:38", "description": "\nSeveral vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\n\n* [CVE-2018-10858](https://security-tracker.debian.org/tracker/CVE-2018-10858)\nSvyatoslav Phirsov discovered that insufficient input validation in\n libsmbclient allowed a malicious Samba server to write to the\n client's heap memory.\n* [CVE-2018-10919](https://security-tracker.debian.org/tracker/CVE-2018-10919)\nPhillip Kuhrt discovered that Samba when acting as an Active Domain\n controller disclosed some sensitive attributes.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n4.2.14+dfsg-0+deb8u10.\n\n\nWe recommend that you upgrade your samba packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-10-08T00:00:00", "type": "osv", "title": "samba - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10919"], "modified": "2022-07-21T06:02:21", "id": "OSV:DLA-1539-1", "href": "https://osv.dev/vulnerability/DLA-1539-1", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2023-01-01T05:08:24", "description": "**CentOS Errata and Security Advisory** CESA-2018:3056\n\n\nSamba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version: samba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es):\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das (Red Hat).\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-cr-announce/2018-December/025369.html\n\n**Affected packages:**\nctdb\nctdb-tests\nlibsmbclient\nlibsmbclient-devel\nlibwbclient\nlibwbclient-devel\nsamba\nsamba-client\nsamba-client-libs\nsamba-common\nsamba-common-libs\nsamba-common-tools\nsamba-dc\nsamba-dc-libs\nsamba-devel\nsamba-krb5-printing\nsamba-libs\nsamba-pidl\nsamba-python\nsamba-python-test\nsamba-test\nsamba-test-libs\nsamba-vfs-glusterfs\nsamba-winbind\nsamba-winbind-clients\nsamba-winbind-krb5-locator\nsamba-winbind-modules\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2018:3056", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-14T16:36:48", "type": "centos", "title": "ctdb, libsmbclient, libwbclient, samba security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2018-12-14T16:36:48", "id": "CESA-2018:3056", "href": "https://lists.centos.org/pipermail/centos-cr-announce/2018-December/025369.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T20:37:12", "description": "Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version: samba (4.8.3). (BZ#1558560)\n\nSecurity Fix(es):\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: NULL pointer dereference in printer server process (CVE-2018-1050)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1050. The CVE-2018-1139 issue was discovered by Vivek Das (Red Hat).\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-10-30T04:13:40", "type": "redhat", "title": "(RHSA-2018:3056) Moderate: samba security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2018-10-30T05:26:58", "id": "RHSA-2018:3056", "href": "https://access.redhat.com/errata/RHSA-2018:3056", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:40:45", "description": "Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nSecurity Fix(es):\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: Null pointer indirection in printer server process (CVE-2018-1050)\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red Hat) as the original reporter of CVE-2018-1139.\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, sharing a subdirectory of a Gluster volume failed with an I/O error when the shadow_copy2 vfs object was specified. This occurred because Gluster volumes are remote file systems, and shadow_copy2 only detected share paths in the local file system. This update forces the value of shadow:mountpath to '/', skipping the code related to mount point detection, and preventing this problem. However, this fix requires that the glusterfs vfs object is listed after the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)\n\n* As of Red Hat Gluster Storage 3.4, the libldb package is no longer shipped as an independent package in the Red Hat Gluster Storage Samba channel. The capabilities of the libldb package are now provided by a combination of the samba-client and samba-client-libs packages. In addition, the sub-packages previously provided by libldb are now provided by the samba-client and samba-client-libs packages. The samba-client sub-package provides ldb-tools, and the samba-client-libs sub-package provides pyldb. (BZ#1592794)\n\nEnhancement(s):\n\n* Red Hat Gluster Storage volumes exported using SMB can now be mounted on macOS clients using Finder. Configuration instructions are provided as part of the Red Hat Gluster Storage 3.4 documentation. (BZ#1446125)\n\nRed Hat strongly recommends upgrading to these updated packages.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-04T06:19:22", "type": "redhat", "title": "(RHSA-2018:2613) Moderate: samba security, bug fix and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2018-09-04T06:20:33", "id": "RHSA-2018:2613", "href": "https://access.redhat.com/errata/RHSA-2018:2613", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:44", "description": "Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nSecurity Fix(es):\n\n* samba: Weak authentication protocol regression (CVE-2018-1139)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\n* samba: Null pointer indirection in printer server process (CVE-2018-1050)\n\nRed Hat would like to thank the Samba project for reporting CVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red Hat) as the original reporter of CVE-2018-1139.\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, sharing a subdirectory of a Gluster volume failed with an I/O error when the shadow_copy2 vfs object was specified. This occurred because Gluster volumes are remote file systems, and shadow_copy2 only detected share paths in the local file system. This update forces the value of shadow:mountpath to '/', skipping the code related to mount point detection, and preventing this problem. However, this fix requires that the glusterfs vfs object is listed after the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)\n\n* As of Red Hat Gluster Storage 3.4, the libldb package is no longer shipped as an independent package in the Red Hat Gluster Storage Samba channel. The capabilities of the libldb package are now provided by a combination of the samba-client and samba-client-libs packages. In addition, the sub-packages previously provided by libldb are now provided by the samba-client and samba-client-libs packages. The samba-client sub-package provides ldb-tools, and the samba-client-libs sub-package provides pyldb. (BZ#1592794)\n\nEnhancement(s):\n\n* Red Hat Gluster Storage volumes exported using SMB can now be mounted on macOS clients using Finder. Configuration instructions are provided as part of the Red Hat Gluster Storage 3.4 documentation. (BZ#1446125)\nRed Hat strongly recommends upgrading to these updated packages.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-04T06:19:17", "type": "redhat", "title": "(RHSA-2018:2612) Moderate: samba security, bug fix and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2018-09-04T06:20:37", "id": "RHSA-2018:2612", "href": "https://access.redhat.com/errata/RHSA-2018:2612", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-04-06T21:37:44", "description": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es):\n\n* spice: Missing check in demarshal.py:write_validate_array_item() allows for buffer overflow and denial of service (CVE-2018-10873)\n\n* glusterfs: Multiple flaws (CVE-2018-10904, CVE-2018-10907, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-10911, CVE-2018-10914, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661, CVE-2018-10913)\n\n* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Michael Hanselmann (hansmi.ch) for reporting CVE-2018-10904, CVE-2018-10907, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-10911, CVE-2018-10914, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661, and CVE-2018-10913. The CVE-2018-10873 issue was discovered by Frediano Ziglio (Red Hat).\n\nBug Fix(es):\n\n* When upgrading Red Hat Virtualization Host (RHVH), imgbased fails to run garbage collection on previous layers, so new logical volumes are removed, and the boot entry points to a logical volume that was removed.\n\nIf the RHVH upgrade finishes successfully, the hypervisor boots successfully, even if garbage collection fails. (BZ#1632058)\n\n* During the upgrade process, when lvremove runs garbage collection, it prompts for user confirmation, causing the upgrade process to fail. Now the process uses \"lvremove --force\" when trying to remove logical volumes and does not fail even if garbage collection fails, and as a result, the upgrade process finishes successfully. (BZ#1632585)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-05T13:52:45", "type": "redhat", "title": "(RHSA-2018:3470) Moderate: Red Hat Virtualization security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000805", "CVE-2018-10858", "CVE-2018-10873", "CVE-2018-10904", "CVE-2018-10907", "CVE-2018-10911", "CVE-2018-10913", "CVE-2018-10914", "CVE-2018-10923", "CVE-2018-10926", "CVE-2018-10927", "CVE-2018-10928", "CVE-2018-10929", "CVE-2018-10930", "CVE-2018-14652", "CVE-2018-14653", "CVE-2018-14654", "CVE-2018-14659", "CVE-2018-14660", "CVE-2018-14661"], "modified": "2018-12-14T02:29:39", "id": "RHSA-2018:3470", "href": "https://access.redhat.com/errata/RHSA-2018:3470", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:S/C:N/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:26", "description": "[4.8.3-4]\n- resolves: #1614132 - Fix delete-on-close after smb2_find\n- resolves: #1614265 - Fix CVE-2018-1139\n- resolves: #1614269 - Fix CVE-2018-10858\n[4.8.3-3]\n- resolves: #1581016 - Add smbclient quiet argument\n[4.8.3-2]\n- related: #1538743 - Fix local user account lookup with winbind\n[4.8.3-1]\n- related: #1558560 - Rebase to Samba version 4.8.3\n- resolves: #1579398 - Add winbind localauth krb5 plugin\n[4.8.2-2]\n- resolves: #1540457 - Fixed support for authenticaton on on way trusts\n[4.8.2-1]\n- related: #1558560 - Rebase to newer Samba version\n[4.8.1-4]\n- resolves: #1582541 - Fix anonymous auth with SMB2/3\n[4.8.1-3]\n- resolves: #1575205 - Fix segfault when updating DNS with 'net ads join'\n- resolves: #1525511 - Fix idmap_rid dependency on trusted domain list\n[4.8.1-2]\n- resolves: #1538743 - Fix UPN handling in winbind\n[4.8.1-1]\n- related: #1558560 - Rebase to newer Samba version\n- resolves: #1567896 - Fix possible crash if secrets db is emtpy\n- resolves: #1570020 - Fix a crash in smbd when dfsgetinfo is called\n[4.8.0-1]\n- resolves: #1558560 - Rebase to newer Samba version\n- resolves: #1558943 - Fix winbind requests getting stuck on a child\n- resolves: #1532618 - Fix segfault with NT1 connections in smbd", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-11-05T00:00:00", "type": "oraclelinux", "title": "samba security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2018-11-05T00:00:00", "id": "ELSA-2018-3056", "href": "http://linux.oracle.com/errata/ELSA-2018-3056.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2023-02-08T17:14:15", "description": "**Issue Overview:**\n\nA null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash. (CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. (CVE-2018-10858)\n\nA flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client. (CVE-2018-1139)\n\n \n**Affected Packages:** \n\n\nsamba\n\n \n**Issue Correction:** \nRun _yum update samba_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 samba-python-test-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 libsmbclient-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-libs-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-devel-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-test-libs-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-winbind-krb5-locator-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-winbind-clients-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-common-tools-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 ctdb-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-winbind-modules-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 libsmbclient-devel-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-krb5-printing-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-debuginfo-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-python-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 ctdb-tests-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-test-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 libwbclient-devel-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-client-libs-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-winbind-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-common-libs-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 libwbclient-4.8.3-4.amzn1.i686 \n \u00a0\u00a0\u00a0 samba-client-4.8.3-4.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 samba-common-4.8.3-4.amzn1.noarch \n \u00a0\u00a0\u00a0 samba-pidl-4.8.3-4.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 samba-4.8.3-4.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 samba-winbind-krb5-locator-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-test-libs-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-winbind-clients-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-winbind-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libsmbclient-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-python-test-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-python-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-devel-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libwbclient-devel-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-debuginfo-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-krb5-printing-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libwbclient-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-common-libs-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ctdb-tests-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-client-libs-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-client-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libsmbclient-devel-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ctdb-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-test-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-winbind-modules-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-libs-4.8.3-4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 samba-common-tools-4.8.3-4.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2018-1050](<https://access.redhat.com/security/cve/CVE-2018-1050>), [CVE-2018-10858](<https://access.redhat.com/security/cve/CVE-2018-10858>), [CVE-2018-1139](<https://access.redhat.com/security/cve/CVE-2018-1139>)\n\nMitre: [CVE-2018-1050](<https://vulners.com/cve/CVE-2018-1050>), [CVE-2018-10858](<https://vulners.com/cve/CVE-2018-10858>), [CVE-2018-1139](<https://vulners.com/cve/CVE-2018-1139>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-22T17:55:00", "type": "amazon", "title": "Medium: samba", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2019-01-25T02:42:00", "id": "ALAS-2018-1126", "href": "https://alas.aws.amazon.com/ALAS-2018-1126.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-08T17:39:53", "description": "**Issue Overview:**\n\nA null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.(CVE-2018-1050)\n\nA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.(CVE-2018-10858)\n\nA flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.(CVE-2018-1139)\n\n \n**Affected Packages:** \n\n\nsamba\n\n \n**Issue Correction:** \nRun _yum update samba_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 samba-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-client-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-client-libs-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-common-libs-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-common-tools-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-dc-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-dc-libs-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-devel-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-krb5-printing-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-libs-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 libsmbclient-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 libsmbclient-devel-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 libwbclient-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 libwbclient-devel-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-python-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-python-test-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-test-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-test-libs-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-winbind-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-winbind-clients-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-winbind-krb5-locator-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-winbind-modules-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 ctdb-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 ctdb-tests-4.8.3-4.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 samba-debuginfo-4.8.3-4.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 samba-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-client-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-client-libs-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-common-libs-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-common-tools-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-dc-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-dc-libs-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-devel-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-krb5-printing-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-libs-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 libsmbclient-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 libsmbclient-devel-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 libwbclient-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 libwbclient-devel-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-python-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-python-test-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-test-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-test-libs-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-winbind-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-winbind-clients-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-winbind-krb5-locator-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-winbind-modules-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 ctdb-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 ctdb-tests-4.8.3-4.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 samba-debuginfo-4.8.3-4.amzn2.0.1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 samba-common-4.8.3-4.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 samba-pidl-4.8.3-4.amzn2.0.1.noarch \n \n src: \n \u00a0\u00a0\u00a0 samba-4.8.3-4.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 samba-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-client-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-client-libs-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-common-libs-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-common-tools-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-dc-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-dc-libs-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-devel-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-vfs-glusterfs-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-krb5-printing-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-libs-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 libsmbclient-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 libsmbclient-devel-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 libwbclient-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 libwbclient-devel-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-python-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-python-test-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-test-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-test-libs-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-winbind-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-winbind-clients-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-winbind-krb5-locator-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-winbind-modules-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 ctdb-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 ctdb-tests-4.8.3-4.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 samba-debuginfo-4.8.3-4.amzn2.0.1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2018-1050](<https://access.redhat.com/security/cve/CVE-2018-1050>), [CVE-2018-10858](<https://access.redhat.com/security/cve/CVE-2018-10858>), [CVE-2018-1139](<https://access.redhat.com/security/cve/CVE-2018-1139>)\n\nMitre: [CVE-2018-1050](<https://vulners.com/cve/CVE-2018-1050>), [CVE-2018-10858](<https://vulners.com/cve/CVE-2018-10858>), [CVE-2018-1139](<https://vulners.com/cve/CVE-2018-1139>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-13T20:13:00", "type": "amazon", "title": "Medium: samba", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-1139"], "modified": "2018-12-19T17:55:00", "id": "ALAS2-2018-1126", "href": "https://alas.aws.amazon.com/AL2/ALAS-2018-1126.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-01-26T13:06:10", "description": "## Releases\n\n * Ubuntu 18.04 LTS\n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * samba \\- SMB/CIFS file, print, and login server for Unix\n\nSvyatoslav Phirsov discovered that the Samba libsmbclient library \nincorrectly handled extra long filenames. A malicious server could use this \nissue to cause Samba to crash, resulting in a denial of service, or \npossibly execute arbitrary code. (CVE-2018-10858)\n\nVolker Mauel discovered that Samba incorrectly handled database output. \nWhen used as an Active Directory Domain Controller, a remote authenticated \nattacker could use this issue to cause Samba to crash, resulting in a \ndenial of service. This issue only affected Ubuntu 18.04 LTS. \n(CVE-2018-10918)\n\nPhillip Kuhrt discovered that the Samba LDAP server incorrectly handled \ncertain confidential attribute values. A remote authenticated attacker \ncould possibly use this issue to obtain certain sensitive information. \n(CVE-2018-10919)\n\nVivek Das discovered that Samba incorrectly handled NTLMv1 being explicitly \ndisabled on the server. A remote user could possibly be authenticated using \nNTLMv1, contrary to expectations. This issue only affected Ubuntu 18.04 \nLTS. (CVE-2018-1139)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-14T00:00:00", "type": "ubuntu", "title": "Samba vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139"], "modified": "2018-08-14T00:00:00", "id": "USN-3738-1", "href": "https://ubuntu.com/security/notices/USN-3738-1", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "altlinux": [{"lastseen": "2023-03-31T16:55:17", "description": "Aug. 15, 2018 Evgeny Sinelnikov 4.7.9-alt1\n \n \n - Update to summer security release\n - Security fixes:\n + CVE-2018-1139 Weak authentication protocol allowed\n + CVE-2018-10858 Insufficient input validation on client directory\n listing in libsmbclient\n + CVE-2018-10918 Denial of Service Attack on AD DC DRSUAPI server\n + CVE-2018-10919 Confidential attribute disclosure from the AD LDAP server\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 8 package samba-DC version 4.7.9-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo&q
Insufficient input validation on client directory
