{"id": "SAMBA:CVE-2018-14629", "bulletinFamily": "software", "title": "Unprivileged adding of CNAME record causing loop in AD Internal DNS server ", "description": "All versions of Samba from 4.0.0 onwards are vulnerable to infinite query recursion caused by CNAME loops. Any dns record can be added via ldap by an unprivileged user using the ldbadd tool, so this is a security issue.", "published": "2018-11-27T00:00:00", "modified": "2018-11-27T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "href": "https://www.samba.org/samba/security/CVE-2018-14629.html", "reporter": "Samba", "references": [], "cvelist": ["CVE-2018-14629"], "type": "samba", "lastseen": "2020-12-24T13:20:54", "edition": 4, "viewCount": 96, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-14629"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310875317", "OPENVAS:1361412562310876593", "OPENVAS:1361412562310876099", "OPENVAS:1361412562310876810", "OPENVAS:1361412562310704345", "OPENVAS:1361412562310843831", "OPENVAS:1361412562310891607", "OPENVAS:1361412562310141732", "OPENVAS:1361412562310875625", "OPENVAS:1361412562310876380"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4345-1:CA772", "DEBIAN:DLA-1607-1:AD011"]}, {"type": "nessus", "idList": ["FEDORA_2018-C2A93F8E1B.NASL", "DEBIAN_DLA-1607.NASL", "SAMBA_4_7_12.NASL", "GENTOO_GLSA-202003-52.NASL", "DEBIAN_DSA-4345.NASL", "SLACKWARE_SSA_2018-333-01.NASL", "FREEBSD_PKG_54976998F24811E881E2005056A311D1.NASL", "FEDORA_2018-E423E8743F.NASL", "SUSE_SU-2018-4066-1.NASL", "UBUNTU_USN-3827-1.NASL"]}, {"type": "ubuntu", "idList": ["USN-3827-2", "USN-3827-1"]}, {"type": "fedora", "idList": ["FEDORA:18CD06266DFD", "FEDORA:2E1DE608BFF0", "FEDORA:80C5D6057708", "FEDORA:2D34260A7563", "FEDORA:60770610D7D4", "FEDORA:7C7AD6076F44", "FEDORA:D5AF26049ECF", "FEDORA:7681F605F904"]}, {"type": "archlinux", "idList": ["ASA-201811-22"]}, {"type": "freebsd", "idList": ["54976998-F248-11E8-81E2-005056A311D1"]}, {"type": "cisa", "idList": ["CISA:E567C6CBA6FFDD941FA9D9550C4601C9"]}, {"type": "slackware", "idList": ["SSA-2018-333-01"]}, {"type": "gentoo", "idList": ["GLSA-202003-52"]}], "modified": "2020-12-24T13:20:54", "rev": 2}, "score": {"value": 5.0, "vector": "NONE", "modified": "2020-12-24T13:20:54", "rev": 2}, "vulnersScore": 5.0}, "affectedSoftware": [{"name": "samba", "operator": "gt", "version": "4.0.0"}], "scheme": null}

{"cve": [{"lastseen": "2020-12-09T20:25:35", "description": "A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.", "edition": 9, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-11-28T14:29:00", "title": "CVE-2018-14629", "type": "cve", "cwe": ["CWE-835"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14629"], "modified": "2019-10-09T23:35:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-14629", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14629", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:33:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16851", "CVE-2018-14629"], "description": "Samba is prone to multiple vulnerabilities.", "modified": "2019-02-07T00:00:00", "published": "2018-11-29T00:00:00", "id": "OPENVAS:1361412562310141732", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141732", "type": "openvas", "title": "Samba 4.x Multiple DoS Vulnerabilities", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_samba_mult_vuln2.nasl 13517 2019-02-07 07:51:12Z mmartin $\n#\n# Samba 4.x Multiple DoS Vulnerabilities\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:samba:samba\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141732\");\n script_version(\"$Revision: 13517 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-07 08:51:12 +0100 (Thu, 07 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 10:17:12 +0700 (Thu, 29 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16851\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Samba 4.x Multiple DoS Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_samba_detect.nasl\");\n script_mandatory_keys(\"samba/smb_or_ssh/detected\");\n\n script_tag(name:\"summary\", value:\"Samba is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"Samba is prone to multiple vulnerabilities:\n\n - CNAME loops can cause DNS server crashes, and CNAMEs can be added by unprivileged users. (CVE-2018-14629)\n\n - A user able to read more than 256MB of LDAP entries can crash the Samba AD DC's LDAP server.\n (CVE-2018-16851)\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Samba version 4.x.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 4.7.12, 4.8.7, 4.9.3 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-14629.html\");\n script_xref(name:\"URL\", value:\"https://www.samba.org/samba/security/CVE-2018-16851.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"4.0.0\", test_version2: \"4.7.11\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.7.12\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.8.0\", test_version2: \"4.8.6\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.8.7\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.9.0\", test_version2: \"4.9.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.9.3\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T20:08:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16851", "CVE-2018-14629"], "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-14629\n\nFlorian Stuelpner discovered that Samba is vulnerable to\ninfinite query recursion caused by CNAME loops, resulting in\ndenial of service.\n\nCVE-2018-16851\n\nGarming Sam of the Samba Team and Catalyst discovered a NULL pointer\ndereference vulnerability in the Samba AD DC LDAP server allowing a\nuser able to read more than 256MB of LDAP entries to crash the Samba\nAD DC", "modified": "2020-01-29T00:00:00", "published": "2018-12-18T00:00:00", "id": "OPENVAS:1361412562310891607", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891607", "type": "openvas", "title": "Debian LTS: Security Advisory for samba (DLA-1607-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891607\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16851\");\n script_name(\"Debian LTS: Security Advisory for samba (DLA-1607-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-12-18 00:00:00 +0100 (Tue, 18 Dec 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/12/msg00005.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"samba on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2:4.2.14+dfsg-0+deb8u11.\n\nWe recommend that you upgrade your samba packages.\");\n\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-14629\n\nFlorian Stuelpner discovered that Samba is vulnerable to\ninfinite query recursion caused by CNAME loops, resulting in\ndenial of service.\n\nCVE-2018-16851\n\nGarming Sam of the Samba Team and Catalyst discovered a NULL pointer\ndereference vulnerability in the Samba AD DC LDAP server allowing a\nuser able to read more than 256MB of LDAP entries to crash the Samba\nAD DC's LDAP server.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"ctdb\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-smbpass\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libparse-pidl-perl\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-samba\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"registry-tools\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dbg\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dev\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-doc\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-libs\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-testsuite\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-vfs-modules\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"winbind\", ver:\"2:4.2.14+dfsg-0+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841"], "description": "The remote host is missing an update for the ", "modified": "2019-03-18T00:00:00", "published": "2018-11-27T00:00:00", "id": "OPENVAS:1361412562310843831", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843831", "type": "openvas", "title": "Ubuntu Update for samba USN-3827-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3827_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for samba USN-3827-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843831\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-11-27 15:43:28 +0100 (Tue, 27 Nov 2018)\");\n script_name(\"Ubuntu Update for samba USN-3827-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|18\\.10|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3827-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3827-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the USN-3827-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Florian Stuelpner discovered that Samba incorrectly handled CNAME records.\nA remote attacker could use this issue to cause Samba to crash, resulting\nin a denial of service. (CVE-2018-14629)\n\nAlex MacCuish discovered that Samba incorrectly handled memory when\nconfigured to accept smart-card authentication. A remote attacker could\npossibly use this issue to cause Samba to crash, resulting in a denial of\nservice. (CVE-2018-16841)\n\nGarming Sam discovered that Samba incorrectly handled memory when\nprocessing LDAP searches. A remote attacker could possibly use this issue\nto cause Samba to crash, resulting in a denial of service. (CVE-2018-16851)\");\n\n script_tag(name:\"affected\", value:\"samba on Ubuntu 18.10,\n Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.14.04.19\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.5\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.8.4+dfsg-2ubuntu2.1\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.3.11+dfsg-0ubuntu0.16.04.18\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-07-04T18:55:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841"], "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-14629\nFlorian Stuelpner discovered that Samba is vulnerable to\ninfinite query recursion caused by CNAME loops, resulting in\ndenial of service.\n\nCVE-2018-16841\nAlex MacCuish discovered that a user with a valid certificate or\nsmart card can crash the Samba AD DC", "modified": "2019-07-04T00:00:00", "published": "2018-11-27T00:00:00", "id": "OPENVAS:1361412562310704345", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704345", "type": "openvas", "title": "Debian Security Advisory DSA 4345-1 (samba - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4345-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704345\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\");\n script_name(\"Debian Security Advisory DSA 4345-1 (samba - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-27 00:00:00 +0100 (Tue, 27 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4345.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"samba on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2:4.5.12+dfsg-2+deb9u4.\n\nWe recommend that you upgrade your samba packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/samba\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-14629\nFlorian Stuelpner discovered that Samba is vulnerable to\ninfinite query recursion caused by CNAME loops, resulting in\ndenial of service.\n\nCVE-2018-16841\nAlex MacCuish discovered that a user with a valid certificate or\nsmart card can crash the Samba AD DC's KDC when configured to accept\nsmart-card authentication.\n\nCVE-2018-16851\nGarming Sam of the Samba Team and Catalyst discovered a NULL pointer\ndereference vulnerability in the Samba AD DC LDAP server allowing a\nuser able to read more than 256MB of LDAP entries to crash the Samba\nAD DC's LDAP server.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"ctdb\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-winbind\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-winbind\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libparse-pidl-perl\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsmbclient-dev\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient-dev\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwbclient0\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-samba\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"registry-tools\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-common-bin\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dev\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-dsdb-modules\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-libs\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-testsuite\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"samba-vfs-modules\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"smbclient\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"winbind\", ver:\"2:4.5.12+dfsg-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16857", "CVE-2018-16852", "CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310876099", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876099", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-e423e8743f", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876099\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:34:29 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2018-e423e8743f\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-e423e8743f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RZQ6ORDPCGDR4IZCRLBSB5LHT6NLZQBO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2018-e423e8743f advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.3~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3880", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-3870", "CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875625", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875625", "type": "openvas", "title": "Fedora Update for samba FEDORA-2019-db21b5f1d2", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875625\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-3870\", \"CVE-2019-3880\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:12:28 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-db21b5f1d2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-db21b5f1d2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2019-db21b5f1d2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.6~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2019-08-15T14:38:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3880", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-3870", "CVE-2018-16851", "CVE-2018-16860", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "description": "The remote host is missing an update for the\n ", "modified": "2019-08-14T00:00:00", "published": "2019-05-19T00:00:00", "id": "OPENVAS:1361412562310876380", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876380", "type": "openvas", "title": "Fedora Update for samba FEDORA-2019-208cc34d40", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876380\");\n script_version(\"2019-08-14T06:47:48+0000\");\n script_cve_id(\"CVE-2018-16860\", \"CVE-2019-3870\", \"CVE-2019-3880\", \"CVE-2018-14629\",\n \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\",\n \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-08-14 06:47:48 +0000 (Wed, 14 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-19 02:09:46 +0000 (Sun, 19 May 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-208cc34d40\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-208cc34d40\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OM5TYKT3Y2N2WB5QQKKEFQAF752FN3JJ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'samba' package(s) announced via the FEDORA-2019-208cc34d40 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability\n suite of programs for Linux and Unix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.8~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-08-15T14:36:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3880", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-3870", "CVE-2018-16851", "CVE-2018-16860", "CVE-2019-12435", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "description": "The remote host is missing an update for the ", "modified": "2019-08-14T00:00:00", "published": "2019-07-21T00:00:00", "id": "OPENVAS:1361412562310876593", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876593", "type": "openvas", "title": "Fedora Update for samba FEDORA-2019-8966706e33", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876593\");\n script_version(\"2019-08-14T06:47:48+0000\");\n script_cve_id(\"CVE-2019-12435\", \"CVE-2018-16860\", \"CVE-2019-3870\", \"CVE-2019-3880\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-08-14 06:47:48 +0000 (Wed, 14 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-07-21 02:19:08 +0000 (Sun, 21 Jul 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-8966706e33\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-8966706e33\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSG3TLPZP35RH5DWAIDC7MHXRK5DFKOE\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2019-8966706e33 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.11~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-09-20T14:34:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3880", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-3870", "CVE-2018-16851", "CVE-2018-16860", "CVE-2019-12435", "CVE-2018-14629", "CVE-2018-16841", "CVE-2019-10197", "CVE-2018-16853"], "description": "The remote host is missing an update for the ", "modified": "2019-09-20T00:00:00", "published": "2019-09-19T00:00:00", "id": "OPENVAS:1361412562310876810", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876810", "type": "openvas", "title": "Fedora Update for samba FEDORA-2019-eb1e982800", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876810\");\n script_version(\"2019-09-20T05:25:28+0000\");\n script_cve_id(\"CVE-2019-10197\", \"CVE-2019-12435\", \"CVE-2018-16860\", \"CVE-2019-3870\", \"CVE-2019-3880\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-09-20 05:25:28 +0000 (Fri, 20 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-19 02:30:42 +0000 (Thu, 19 Sep 2019)\");\n script_name(\"Fedora Update for samba FEDORA-2019-eb1e982800\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-eb1e982800\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56ZUXHGDHPM7S6RVAKULZT5EATS37OKA\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2019-eb1e982800 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Samba is the standard Windows interoperability suite of programs for Linux and\nUnix.\");\n\n script_tag(name:\"affected\", value:\"'samba' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.9.13~0.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:33:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1139", "CVE-2018-16851", "CVE-2018-10858", "CVE-2018-1050", "CVE-2018-1057", "CVE-2018-14629", "CVE-2018-1140", "CVE-2018-10919", "CVE-2018-16841", "CVE-2018-10918", "CVE-2018-16853"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310875317", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875317", "type": "openvas", "title": "Fedora Update for samba FEDORA-2018-c2a93f8e1b", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_c2a93f8e1b_samba_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for samba FEDORA-2018-c2a93f8e1b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875317\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16853\", \"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1050\", \"CVE-2018-1057\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:28:08 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for samba FEDORA-2018-c2a93f8e1b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-c2a93f8e1b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O6CDGPQKS2VCHWPTF4BNRGR5Y5AV7NWW\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the FEDORA-2018-c2a93f8e1b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"samba on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"samba\", rpm:\"samba~4.8.7~0.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T09:40:10", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS\nfile, print, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues :\n\nCVE-2018-14629\n\nFlorian Stuelpner discovered that Samba is vulnerable to infinite\nquery recursion caused by CNAME loops, resulting in denial of service.\n\nCVE-2018-16851\n\nGarming Sam of the Samba Team and Catalyst discovered a NULL pointer\ndereference vulnerability in the Samba AD DC LDAP server allowing a\nuser able to read more than 256MB of LDAP entries to crash the Samba\nAD DC's LDAP server.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2:4.2.14+dfsg-0+deb8u11.\n\nWe recommend that you upgrade your samba packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 15, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-12-17T00:00:00", "title": "Debian DLA-1607-1 : samba security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16851", "CVE-2018-14629"], "modified": "2018-12-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:winbind", "p-cpe:/a:debian:debian_linux:samba-doc", "p-cpe:/a:debian:debian_linux:samba", "p-cpe:/a:debian:debian_linux:samba-dsdb-modules", "p-cpe:/a:debian:debian_linux:registry-tools", "p-cpe:/a:debian:debian_linux:libwbclient0", "p-cpe:/a:debian:debian_linux:samba-testsuite", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:libsmbsharemodes-dev", "p-cpe:/a:debian:debian_linux:smbclient", "p-cpe:/a:debian:debian_linux:samba-common", "p-cpe:/a:debian:debian_linux:libsmbclient", "p-cpe:/a:debian:debian_linux:samba-dev", "p-cpe:/a:debian:debian_linux:samba-common-bin", "p-cpe:/a:debian:debian_linux:libwbclient-dev", "p-cpe:/a:debian:debian_linux:libsmbclient-dev", "p-cpe:/a:debian:debian_linux:libparse-pidl-perl", "p-cpe:/a:debian:debian_linux:libsmbsharemodes0", "p-cpe:/a:debian:debian_linux:libpam-smbpass", "p-cpe:/a:debian:debian_linux:samba-dbg", "p-cpe:/a:debian:debian_linux:libnss-winbind", "p-cpe:/a:debian:debian_linux:libpam-winbind", "p-cpe:/a:debian:debian_linux:samba-vfs-modules", "p-cpe:/a:debian:debian_linux:python-samba", "p-cpe:/a:debian:debian_linux:samba-libs"], "id": "DEBIAN_DLA-1607.NASL", "href": "https://www.tenable.com/plugins/nessus/119694", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1607-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119694);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16851\");\n\n script_name(english:\"Debian DLA-1607-1 : samba security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS\nfile, print, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues :\n\nCVE-2018-14629\n\nFlorian Stuelpner discovered that Samba is vulnerable to infinite\nquery recursion caused by CNAME loops, resulting in denial of service.\n\nCVE-2018-16851\n\nGarming Sam of the Samba Team and Catalyst discovered a NULL pointer\ndereference vulnerability in the Samba AD DC LDAP server allowing a\nuser able to read more than 256MB of LDAP entries to crash the Samba\nAD DC's LDAP server.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2:4.2.14+dfsg-0+deb8u11.\n\nWe recommend that you upgrade your samba packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/12/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/samba\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpam-smbpass\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpam-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libparse-pidl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbsharemodes-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsmbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:registry-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-common-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba-vfs-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:smbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libnss-winbind\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpam-smbpass\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpam-winbind\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libparse-pidl-perl\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbclient\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbclient-dev\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbsharemodes-dev\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsmbsharemodes0\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwbclient-dev\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwbclient0\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-samba\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"registry-tools\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-common\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-common-bin\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-dbg\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-dev\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-doc\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-dsdb-modules\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-libs\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-testsuite\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"samba-vfs-modules\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"smbclient\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"winbind\", reference:\"2:4.2.14+dfsg-0+deb8u11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-09-14T13:41:47", "description": "Several vulnerabilities have been discovered in Samba, a SMB/CIFS\nfile, print, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues :\n\n - CVE-2018-14629\n Florian Stuelpner discovered that Samba is vulnerable to\n infinite query recursion caused by CNAME loops,\n resulting in denial of service.\n\n https://www.samba.org/samba/security/CVE-2018-14629.html\n\n - CVE-2018-16841\n Alex MacCuish discovered that a user with a valid\n certificate or smart card can crash the Samba AD DC's\n KDC when configured to accept smart-card authentication.\n\n https://www.samba.org/samba/security/CVE-2018-16841.html\n\n - CVE-2018-16851\n Garming Sam of the Samba Team and Catalyst discovered a\n NULL pointer dereference vulnerability in the Samba AD\n DC LDAP server allowing a user able to read more than\n 256MB of LDAP entries to crash the Samba AD DC's LDAP\n server.\n\n https://www.samba.org/samba/security/CVE-2018-16851.html", "edition": 16, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-11-29T00:00:00", "title": "Debian DSA-4345-1 : samba - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841"], "modified": "2018-11-29T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:samba", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4345.NASL", "href": "https://www.tenable.com/plugins/nessus/119268", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4345. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119268);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/25\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\");\n script_xref(name:\"DSA\", value:\"4345\");\n\n script_name(english:\"Debian DSA-4345-1 : samba - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in Samba, a SMB/CIFS\nfile, print, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues :\n\n - CVE-2018-14629\n Florian Stuelpner discovered that Samba is vulnerable to\n infinite query recursion caused by CNAME loops,\n resulting in denial of service.\n\n https://www.samba.org/samba/security/CVE-2018-14629.html\n\n - CVE-2018-16841\n Alex MacCuish discovered that a user with a valid\n certificate or smart card can crash the Samba AD DC's\n KDC when configured to accept smart-card authentication.\n\n https://www.samba.org/samba/security/CVE-2018-16841.html\n\n - CVE-2018-16851\n Garming Sam of the Samba Team and Catalyst discovered a\n NULL pointer dereference vulnerability in the Samba AD\n DC LDAP server allowing a user able to read more than\n 256MB of LDAP entries to crash the Samba AD DC's LDAP\n server.\n\n https://www.samba.org/samba/security/CVE-2018-16851.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-14629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-14629.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16841.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16851.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/samba\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/samba\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4345\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the samba packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2:4.5.12+dfsg-2+deb9u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"ctdb\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-winbind\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpam-winbind\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libparse-pidl-perl\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsmbclient\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsmbclient-dev\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwbclient-dev\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwbclient0\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-samba\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"registry-tools\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-common\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-common-bin\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-dev\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-dsdb-modules\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-libs\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-testsuite\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"samba-vfs-modules\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"smbclient\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"winbind\", reference:\"2:4.5.12+dfsg-2+deb9u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-09-18T10:57:41", "description": "Florian Stuelpner discovered that Samba incorrectly handled CNAME\nrecords. A remote attacker could use this issue to cause Samba to\ncrash, resulting in a denial of service. (CVE-2018-14629)\n\nAlex MacCuish discovered that Samba incorrectly handled memory when\nconfigured to accept smart-card authentication. A remote attacker\ncould possibly use this issue to cause Samba to crash, resulting in a\ndenial of service. (CVE-2018-16841)\n\nGarming Sam discovered that Samba incorrectly handled memory when\nprocessing LDAP searches. A remote attacker could possibly use this\nissue to cause Samba to crash, resulting in a denial of service.\n(CVE-2018-16851).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-11-28T00:00:00", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : Samba vulnerabilities (USN-3827-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841"], "modified": "2018-11-28T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:samba", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3827-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119254", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3827-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119254);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\");\n script_xref(name:\"USN\", value:\"3827-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : Samba vulnerabilities (USN-3827-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Florian Stuelpner discovered that Samba incorrectly handled CNAME\nrecords. A remote attacker could use this issue to cause Samba to\ncrash, resulting in a denial of service. (CVE-2018-14629)\n\nAlex MacCuish discovered that Samba incorrectly handled memory when\nconfigured to accept smart-card authentication. A remote attacker\ncould possibly use this issue to cause Samba to crash, resulting in a\ndenial of service. (CVE-2018-16841)\n\nGarming Sam discovered that Samba incorrectly handled memory when\nprocessing LDAP searches. A remote attacker could possibly use this\nissue to cause Samba to crash, resulting in a denial of service.\n(CVE-2018-16851).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3827-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected samba package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"samba\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.14.04.19\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"samba\", pkgver:\"2:4.3.11+dfsg-0ubuntu0.16.04.18\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"samba\", pkgver:\"2:4.7.6+dfsg~ubuntu-0ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"samba\", pkgver:\"2:4.8.4+dfsg-2ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:21:13", "description": "Update to Samba 4.8.7\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 15, "cvss3": {"score": 5.9, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 28 : 2:samba (2018-c2a93f8e1b)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:samba", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-C2A93F8E1B.NASL", "href": "https://www.tenable.com/plugins/nessus/120763", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-c2a93f8e1b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120763);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16853\");\n script_xref(name:\"FEDORA\", value:\"2018-c2a93f8e1b\");\n\n script_name(english:\"Fedora 28 : 2:samba (2018-c2a93f8e1b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Samba 4.8.7\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-c2a93f8e1b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:samba package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16853\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"samba-4.8.7-0.fc28\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:samba\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-14T06:16:32", "description": "This update for samba fixes the following issues :\n\nUpdate to samba version 4.7.11.\n\nSecurity issues fixed :\n\nCVE-2018-14629: Fixed CNAME loops in Samba AD DC DNS server\n(bsc#1116319).\n\nCVE-2018-16841: Fixed segfault on PKINIT when mis-matching principal\n(bsc#1116320).\n\nCVE-2018-16851: Fixed NULL pointer de-reference in Samba AD DC LDAP\nserver (bsc#1116322).\n\nCVE-2018-16853: Mark MIT support for the AD DC experimental\n(bsc#1116324).\n\nNon-security issues fixed: Fixed do not take over stderr when there is\nno log file (bsc#1101499).\n\nFixed ctdb_mutex_ceph_rados_helper deadlock; (bsc#1102230).\n\nFixed ntlm authentications with 'winbind use default domain = yes';\n(bsc#1068059).\n\nFixed idmap_rid to have primary group other than 'Domain Users';\n(bsc#1087931).\n\nFixed windows domain with one way trust that was not working\n(bsc#1087303).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "cvss3": {"score": 5.9, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-01-02T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2018:4066-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "modified": "2019-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials-devel", "p-cpe:/a:novell:suse_linux:ctdb-pcp-pmda-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-util-devel", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libsmbldap2", "p-cpe:/a:novell:suse_linux:libsamba-policy0", "p-cpe:/a:novell:suse_linux:libsamba-passdb-devel", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:samba-test-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libndr-devel", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi-devel", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap-devel", "p-cpe:/a:novell:suse_linux:libndr-nbt-devel", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:samba-core-devel", "p-cpe:/a:novell:suse_linux:libsamdb-devel", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:samba-test", "p-cpe:/a:novell:suse_linux:libdcerpc-devel", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors-devel", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel", "p-cpe:/a:novell:suse_linux:ctdb-pcp-pmda", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util-devel", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors0", "p-cpe:/a:novell:suse_linux:libsmbconf-devel", "p-cpe:/a:novell:suse_linux:samba-python", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:ctdb-tests-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:ctdb-tests", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:libndr-standard-devel", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-policy-devel", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo"], "id": "SUSE_SU-2018-4066-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120184", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:4066-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120184);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16853\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2018:4066-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for samba fixes the following issues :\n\nUpdate to samba version 4.7.11.\n\nSecurity issues fixed :\n\nCVE-2018-14629: Fixed CNAME loops in Samba AD DC DNS server\n(bsc#1116319).\n\nCVE-2018-16841: Fixed segfault on PKINIT when mis-matching principal\n(bsc#1116320).\n\nCVE-2018-16851: Fixed NULL pointer de-reference in Samba AD DC LDAP\nserver (bsc#1116322).\n\nCVE-2018-16853: Mark MIT support for the AD DC experimental\n(bsc#1116324).\n\nNon-security issues fixed: Fixed do not take over stderr when there is\nno log file (bsc#1101499).\n\nFixed ctdb_mutex_ceph_rados_helper deadlock; (bsc#1102230).\n\nFixed ntlm authentications with 'winbind use default domain = yes';\n(bsc#1068059).\n\nFixed idmap_rid to have primary group other than 'Domain Users';\n(bsc#1087931).\n\nFixed windows domain with one way trust that was not working\n(bsc#1087303).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14629/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16841/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16851/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16853/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20184066-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d47dd622\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Packagehub Subpackages 15:zypper in\n-t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2018-2888=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2018-2888=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-2888=1\n\nSUSE Linux Enterprise High Availability 15:zypper in -t patch\nSUSE-SLE-Product-HA-15-2018-2888=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16853\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb-pcp-pmda-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ctdb-pcp-pmda-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ctdb-pcp-pmda-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ctdb-tests-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ctdb-tests-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-binding0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-binding0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc-samr0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libdcerpc0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-krb5pac0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-nbt0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr-standard0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libndr0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libnetapi0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-credentials0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-errors0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-passdb0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-policy-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-policy0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamba-util0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsamdb0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbclient0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbconf0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap2-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsmbldap2-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtevent-util0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwbclient0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-client-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-client-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-core-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-debugsource-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-libs-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-libs-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-python-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-test-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-test-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-winbind-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"samba-winbind-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ctdb-pcp-pmda-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ctdb-pcp-pmda-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ctdb-tests-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ctdb-tests-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-binding0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-binding0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc-samr0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libdcerpc0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-krb5pac0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-nbt0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr-standard0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libndr0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libnetapi0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-credentials0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-errors0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-hostconfig0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-passdb0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-policy-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-policy0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamba-util0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsamdb0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbclient0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbconf0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap2-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsmbldap2-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtevent-util0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient0-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwbclient0-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-client-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-client-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-core-devel-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-debugsource-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-libs-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-libs-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-python-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-test-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-test-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-winbind-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"samba-winbind-debuginfo-4.7.11+git.140.6bd0e5b30d8-4.21.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T05:31:47", "description": "The version of Samba running on the remote host is 4.7.x prior to\n4.7.12, or 4.8.x prior to 4.8.7, or 4.9.x prior to 4.9.3. It is,\ntherefore, affected by multiple vulnerabilities.\n\nNotes: \n - Refer to vendor advisories for possible workarounds.\n - CVE-2018-16852 and CVE-2018-16857 only apply to 4.9.x.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 23, "cvss3": {"score": 5.9, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2018-11-30T00:00:00", "title": "Samba 4.7.x < 4.7.12 / 4.8.x < 4.8.7 / 4.9.x < 4.9.3 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16857", "CVE-2018-16852", "CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_4_7_12.NASL", "href": "https://www.tenable.com/plugins/nessus/119306", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119306);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-14629\",\n \"CVE-2018-16841\",\n \"CVE-2018-16851\",\n \"CVE-2018-16852\",\n \"CVE-2018-16853\",\n \"CVE-2018-16857\"\n );\n\n script_name(english:\"Samba 4.7.x < 4.7.12 / 4.8.x < 4.8.7 / 4.9.x < 4.9.3 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Samba.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Samba running on the remote host is 4.7.x prior to\n4.7.12, or 4.8.x prior to 4.8.7, or 4.9.x prior to 4.9.3. It is,\ntherefore, affected by multiple vulnerabilities.\n\nNotes: \n - Refer to vendor advisories for possible workarounds.\n - CVE-2018-16852 and CVE-2018-16857 only apply to 4.9.x.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-14629.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-16841.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-16851.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-16852.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-16853.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2018-16857.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-4.7.12.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-4.8.7.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-4.9.3.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Samba version 4.7.12 / 4.8.7 / 4.9.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16857\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/30\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp = vcf::samba::get_app_info();\nvcf::check_granularity(app_info:app, sig_segments:3);\n\n# Note: versions < 4.7 are EOL\nconstraints = \n[\n {\"min_version\" : \"4.7.0\", \"fixed_version\" : \"4.7.12\"},\n {\"min_version\" : \"4.8.0\", \"fixed_version\" : \"4.8.7\"},\n {\"min_version\" : \"4.9.0\", \"fixed_version\" : \"4.9.3\"}\n];\n\nvcf::check_version_and_report(app_info:app, constraints:constraints, severity:SECURITY_WARNING, strict:FALSE);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-07T10:22:01", "description": "Update to Samba 4.9.3\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 15, "cvss3": {"score": 5.9, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2019-01-03T00:00:00", "title": "Fedora 29 : 2:samba (2018-e423e8743f)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16857", "CVE-2018-16852", "CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "modified": "2019-01-03T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:29", "p-cpe:/a:fedoraproject:fedora:2:samba"], "id": "FEDORA_2018-E423E8743F.NASL", "href": "https://www.tenable.com/plugins/nessus/120862", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-e423e8743f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120862);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_xref(name:\"FEDORA\", value:\"2018-e423e8743f\");\n\n script_name(english:\"Fedora 29 : 2:samba (2018-e423e8743f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Samba 4.9.3\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-e423e8743f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:samba package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16857\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"samba-4.9.3-0.fc29\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:samba\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-09-14T14:46:28", "description": "The samba project reports :\n\nAll versions of Samba from 4.0.0 onwards are vulnerable to infinite\nquery recursion caused by CNAME loops. Any dns record can be added via\nldap by an unprivileged user using the ldbadd tool, so this is a\nsecurity issue.\n\nWhen configured to accept smart-card authentication, Samba's KDC will\ncall talloc_free() twice on the same memory if the principal in a\nvalidly signed certificate does not match the principal in the AS-REQ.\n\nDuring the processing of an LDAP search before Samba's AD DC returns\nthe LDAP entries to the client, the entries are cached in a single\nmemory object with a maximum size of 256MB. When this size is reached,\nthe Samba process providing the LDAP service will follow the NULL\npointer, terminating the process.\n\nDuring the processing of an DNS zone in the DNS management DCE/RPC\nserver, the internal DNS server or the Samba DLZ plugin for BIND9, if\nthe DSPROPERTY_ZONE_MASTER_SERVERS property or\nDSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will\nfollow a NULL pointer and terminate\n\nA user in a Samba AD domain can crash the KDC when Samba is built in\nthe non-default MIT Kerberos configuration.\n\nAD DC Configurations watching for bad passwords (to restrict brute\nforcing of passwords) in a window of more than 3 minutes may not watch\nfor bad passwords at all.", "edition": 18, "cvss3": {"score": 5.9, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2018-11-28T00:00:00", "title": "FreeBSD : samba -- multiple vulnerabilities (54976998-f248-11e8-81e2-005056a311d1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16857", "CVE-2018-16852", "CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "modified": "2018-11-28T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:samba48", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:samba49", "p-cpe:/a:freebsd:freebsd:samba47", "p-cpe:/a:freebsd:freebsd:samba46"], "id": "FREEBSD_PKG_54976998F24811E881E2005056A311D1.NASL", "href": "https://www.tenable.com/plugins/nessus/119246", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119246);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/25\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n\n script_name(english:\"FreeBSD : samba -- multiple vulnerabilities (54976998-f248-11e8-81e2-005056a311d1)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The samba project reports :\n\nAll versions of Samba from 4.0.0 onwards are vulnerable to infinite\nquery recursion caused by CNAME loops. Any dns record can be added via\nldap by an unprivileged user using the ldbadd tool, so this is a\nsecurity issue.\n\nWhen configured to accept smart-card authentication, Samba's KDC will\ncall talloc_free() twice on the same memory if the principal in a\nvalidly signed certificate does not match the principal in the AS-REQ.\n\nDuring the processing of an LDAP search before Samba's AD DC returns\nthe LDAP entries to the client, the entries are cached in a single\nmemory object with a maximum size of 256MB. When this size is reached,\nthe Samba process providing the LDAP service will follow the NULL\npointer, terminating the process.\n\nDuring the processing of an DNS zone in the DNS management DCE/RPC\nserver, the internal DNS server or the Samba DLZ plugin for BIND9, if\nthe DSPROPERTY_ZONE_MASTER_SERVERS property or\nDSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will\nfollow a NULL pointer and terminate\n\nA user in a Samba AD domain can crash the KDC when Samba is built in\nthe non-default MIT Kerberos configuration.\n\nAD DC Configurations watching for bad passwords (to restrict brute\nforcing of passwords) in a window of more than 3 minutes may not watch\nfor bad passwords at all.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-14629.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16841.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16851.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16852.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16853.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2018-16857.html\"\n );\n # https://vuxml.freebsd.org/freebsd/54976998-f248-11e8-81e2-005056a311d1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ec8b9b49\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16857\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba46\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba47\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba48\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba49\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"samba46<=4.6.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba47<4.7.12\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba48<4.8.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba49<4.9.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-25T08:56:00", "description": "New samba packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.", "edition": 15, "cvss3": {"score": 5.9, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2018-11-29T00:00:00", "title": "Slackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2018-333-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16857", "CVE-2018-16852", "CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "modified": "2018-11-29T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:14.2", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux", "p-cpe:/a:slackware:slackware_linux:samba"], "id": "SLACKWARE_SSA_2018-333-01.NASL", "href": "https://www.tenable.com/plugins/nessus/119280", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2018-333-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119280);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/24\");\n\n script_cve_id(\"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\");\n script_xref(name:\"SSA\", value:\"2018-333-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2018-333-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New samba packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.507711\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c18ee90c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected samba package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16857\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i486\", pkgnum:\"2_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i486\", pkgnum:\"2_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"i586\", pkgnum:\"2_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.6.16\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"samba\", pkgver:\"4.9.3\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"samba\", pkgver:\"4.9.3\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-31T00:28:47", "description": "The remote host is affected by the vulnerability described in GLSA-202003-52\n(Samba: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Samba. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code, cause a Denial\n of Service condition, conduct a man-in-the-middle attack, or obtain\n sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 2, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-26T00:00:00", "title": "GLSA-202003-52 : Samba: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1139", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-14861", "CVE-2018-16851", "CVE-2018-10858", "CVE-2018-16860", "CVE-2019-19344", "CVE-2018-14629", "CVE-2018-1140", "CVE-2019-14902", "CVE-2018-10919", "CVE-2019-14907", "CVE-2018-16841", "CVE-2018-10918", "CVE-2019-14870", "CVE-2019-10197", "CVE-2018-16853"], "modified": "2020-03-26T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:samba"], "id": "GENTOO_GLSA-202003-52.NASL", "href": "https://www.tenable.com/plugins/nessus/134927", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202003-52.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134927);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/30\");\n\n script_cve_id(\"CVE-2018-10858\", \"CVE-2018-10918\", \"CVE-2018-10919\", \"CVE-2018-1139\", \"CVE-2018-1140\", \"CVE-2018-14629\", \"CVE-2018-16841\", \"CVE-2018-16851\", \"CVE-2018-16852\", \"CVE-2018-16853\", \"CVE-2018-16857\", \"CVE-2018-16860\", \"CVE-2019-10197\", \"CVE-2019-14861\", \"CVE-2019-14870\", \"CVE-2019-14902\", \"CVE-2019-14907\", \"CVE-2019-19344\");\n script_xref(name:\"GLSA\", value:\"202003-52\");\n\n script_name(english:\"GLSA-202003-52 : Samba: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-202003-52\n(Samba: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Samba. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code, cause a Denial\n of Service condition, conduct a man-in-the-middle attack, or obtain\n sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202003-52\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Samba 4.9.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-4.9.18'\n All Samba 4.10.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-4.10.13'\n All Samba 4.11.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-fs/samba-4.11.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10858\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-fs/samba\", unaffected:make_list(\"rge 4.9.18\", \"rge 4.10.13\", \"rge 4.11.6\"), vulnerable:make_list(\"lt 4.11.6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Samba\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T01:03:18", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16851", "CVE-2018-14629"], "description": "Package : samba\nVersion : 2:4.2.14+dfsg-0+deb8u11\nCVE ID : CVE-2018-14629 CVE-2018-16851\n\nSeveral vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-14629\n\n Florian Stuelpner discovered that Samba is vulnerable to\n infinite query recursion caused by CNAME loops, resulting in\n denial of service.\n\nCVE-2018-16851\n\n Garming Sam of the Samba Team and Catalyst discovered a NULL pointer\n dereference vulnerability in the Samba AD DC LDAP server allowing a\n user able to read more than 256MB of LDAP entries to crash the Samba\n AD DC&#x27;s LDAP server.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2:4.2.14+dfsg-0+deb8u11.\n\nWe recommend that you upgrade your samba packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 9, "modified": "2018-12-15T10:17:13", "published": "2018-12-15T10:17:13", "id": "DEBIAN:DLA-1607-1:AD011", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201812/msg00005.html", "title": "[SECURITY] [DLA 1607-1] samba security update", "type": "debian", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-11-24T01:21:48", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4345-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nNovember 27, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : samba\nCVE ID : CVE-2018-14629 CVE-2018-16841 CVE-2018-16851\n\nSeveral vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2018-14629\n\n Florian Stuelpner discovered that Samba is vulnerable to\n infinite query recursion caused by CNAME loops, resulting in\n denial of service.\n\n https://www.samba.org/samba/security/CVE-2018-14629.html\n\nCVE-2018-16841\n\n Alex MacCuish discovered that a user with a valid certificate or\n smart card can crash the Samba AD DC&#x27;s KDC when configured to accept\n smart-card authentication.\n\n https://www.samba.org/samba/security/CVE-2018-16841.html\n\nCVE-2018-16851\n\n Garming Sam of the Samba Team and Catalyst discovered a NULL pointer\n dereference vulnerability in the Samba AD DC LDAP server allowing a\n user able to read more than 256MB of LDAP entries to crash the Samba\n AD DC&#x27;s LDAP server.\n\n https://www.samba.org/samba/security/CVE-2018-16851.html\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:4.5.12+dfsg-2+deb9u4.\n\nWe recommend that you upgrade your samba packages.\n\nFor the detailed security status of samba please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/samba\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 11, "modified": "2018-11-27T11:35:22", "published": "2018-11-27T11:35:22", "id": "DEBIAN:DSA-4345-1:CA772", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00277.html", "title": "[SECURITY] [DSA 4345-1] samba security update", "type": "debian", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:37:41", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841"], "description": "USN-3827-1 fixed a vulnerability in samba. This update provides \nthe corresponding update for Ubuntu 12.04 ESM.\n\nOriginal advisory details:\n\nFlorian Stuelpner discovered that Samba incorrectly handled CNAME records. \nA remote attacker could use this issue to cause Samba to crash, resulting \nin a denial of service. (CVE-2018-14629)\n\nAlex MacCuish discovered that Samba incorrectly handled memory when \nconfigured to accept smart-card authentication. A remote attacker could \npossibly use this issue to cause Samba to crash, resulting in a denial of \nservice. (CVE-2018-16841)\n\nGarming Sam discovered that Samba incorrectly handled memory when \nprocessing LDAP searches. A remote attacker could possibly use this issue \nto cause Samba to crash, resulting in a denial of service. (CVE-2018-16851)", "edition": 5, "modified": "2018-11-27T00:00:00", "published": "2018-11-27T00:00:00", "id": "USN-3827-2", "href": "https://ubuntu.com/security/notices/USN-3827-2", "title": "Samba vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-07-02T11:37:14", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841"], "description": "Florian Stuelpner discovered that Samba incorrectly handled CNAME records. \nA remote attacker could use this issue to cause Samba to crash, resulting \nin a denial of service. (CVE-2018-14629)\n\nAlex MacCuish discovered that Samba incorrectly handled memory when \nconfigured to accept smart-card authentication. A remote attacker could \npossibly use this issue to cause Samba to crash, resulting in a denial of \nservice. (CVE-2018-16841)\n\nGarming Sam discovered that Samba incorrectly handled memory when \nprocessing LDAP searches. A remote attacker could possibly use this issue \nto cause Samba to crash, resulting in a denial of service. (CVE-2018-16851)", "edition": 4, "modified": "2018-11-27T00:00:00", "published": "2018-11-27T00:00:00", "id": "USN-3827-1", "href": "https://ubuntu.com/security/notices/USN-3827-1", "title": "Samba vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2018-12-02T08:28:26", "published": "2018-12-02T08:28:26", "id": "FEDORA:7681F605F904", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.3-0.fc29", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2019-3870", "CVE-2019-3880"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2019-04-16T04:05:09", "published": "2019-04-16T04:05:09", "id": "FEDORA:2D34260A7563", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.6-0.fc29", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2018-16860", "CVE-2019-3870", "CVE-2019-3880"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2019-05-18T03:21:47", "published": "2019-05-18T03:21:47", "id": "FEDORA:60770610D7D4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.8-0.fc29", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2018-16860", "CVE-2019-12435", "CVE-2019-3870", "CVE-2019-3880"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2019-07-20T03:47:09", "published": "2019-07-20T03:47:09", "id": "FEDORA:18CD06266DFD", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.11-0.fc29", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16853"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2018-12-02T07:37:56", "published": "2018-12-02T07:37:56", "id": "FEDORA:80C5D6057708", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: samba-4.8.7-0.fc28", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2018-16860", "CVE-2019-10197", "CVE-2019-12435", "CVE-2019-3870", "CVE-2019-3880"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2019-09-19T01:53:43", "published": "2019-09-19T01:53:43", "id": "FEDORA:7C7AD6076F44", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.13-0.fc29", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1050", "CVE-2018-10858", "CVE-2018-10918", "CVE-2018-10919", "CVE-2018-1139", "CVE-2018-1140", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16853", "CVE-2019-3880"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2019-04-30T01:41:00", "published": "2019-04-30T01:41:00", "id": "FEDORA:D5AF26049ECF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: samba-4.8.11-0.fc28", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857", "CVE-2018-16860", "CVE-2019-10197", "CVE-2019-10218", "CVE-2019-12435", "CVE-2019-14833", "CVE-2019-14847", "CVE-2019-3870", "CVE-2019-3880"], "description": "Samba is the standard Windows interoperability suite of programs for Linux and Unix. ", "modified": "2019-11-15T03:20:51", "published": "2019-11-15T03:20:51", "id": "FEDORA:2E1DE608BFF0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: samba-4.9.15-0.fc29", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:41", "bulletinFamily": "unix", "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857"], "description": "Arch Linux Security Advisory ASA-201811-22\n==========================================\n\nSeverity: High\nDate : 2018-11-28\nCVE-ID : CVE-2018-14629 CVE-2018-16841 CVE-2018-16851 CVE-2018-16852\nCVE-2018-16853 CVE-2018-16857\nPackage : samba\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-823\n\nSummary\n=======\n\nThe package samba before version 4.9.3-1 is vulnerable to multiple\nissues including denial of service and access restriction bypass.\n\nResolution\n==========\n\nUpgrade to 4.9.3-1.\n\n# pacman -Syu \"samba>=4.9.3-1\"\n\nThe problems have been fixed upstream in version 4.9.3.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2018-14629 (denial of service)\n\nA denial of service security issue has been found in samba from 4.0.0\nup to and including 4.9.2, where an unprivileged user can use the\nldbadd tool to add DNS records to create a CNAME loop, causing infinite\nquery recursion.\n\n- CVE-2018-16841 (denial of service)\n\nA double-free issue has been found in samba from 4.3.0 up to and\nincluding 4.9.2, where a user with a valid certificate or smart card\ncan crash the Samba AD DC's KDC.\nWhen configured to accept smart-card authentication, Samba's KDC\nwillcall talloc_free() twice on the same memory if the principal in a\nvalidly signed certificate does not match the principal in the AS-REQ.\nThis is only possible after authentication with a trusted certificate.\ntalloc is robust against further corruption from a double-free with\ntalloc_free() and directly calls abort(), terminating the KDC process.\nThere is no further vulnerability associated with this issue, merely a\ndenial of service.\n\n- CVE-2018-16851 (denial of service)\n\nA NULL pointer de-reference issue has been found in samba from 4.0.0 up\nto and including 4.9.2, where a user able to read more than 256MB of\nLDAP entries can crash the Samba AD DC's LDAP server.\n\n- CVE-2018-16852 (denial of service)\n\nA NULL pointer de-reference issue has been found in samba from 4.9.0 up\nto and including 4.9.2, where a user able to create or modify dnsZone\nobjects can crash the Samba AD DC's DNS management RPC server, DNS\nserver or BIND9 when using Samba's DLZ plugin\n\n- CVE-2018-16853 (denial of service)\n\nA denial of service has been found in samba from 4.7.0 up to and\nincluding 4.9.2, where a user in a Samba AD domain can crash the MIT\nKDC by requesting an S4U2Self ticket. This only happens if Samba is\nbuild in a experimental and unsupported MIT Kerberos configuration.\n\n- CVE-2018-16857 (access restriction bypass)\n\nA security issue has been found in samba from 4.9.0 up to and including\n4.9.2, where AD DC Configurations watching for bad passwords to\nrestrict brute forcing in a window of more than 3 minutes may not watch\nfor bad passwords at all.\n\nImpact\n======\n\nA remote authenticated user can crash a vulnerable samba server. A\nremote attacker can brute-force passwords without triggering the bad\npassword lockout protection.\n\nReferences\n==========\n\nhttps://download.samba.org/pub/samba/patches/security/samba-4.9.2-security-2018-11-27.patch\nhttps://www.samba.org/samba/security/CVE-2018-14629.html\nhttps://bugzilla.samba.org/show_bug.cgi?id=13600\nhttps://github.com/samba-team/samba/commit/bf596c14c2462b9a15ea738ef4f32b3abb8b63d1\nhttps://www.samba.org/samba/security/CVE-2018-16841.html\nhttps://bugzilla.samba.org/show_bug.cgi?id=13628\nhttps://github.com/samba-team/samba/commit/6e84215d4aa7ef51096db3b187adbe22cacdd921\nhttps://www.samba.org/samba/security/CVE-2018-16851.html\nhttps://bugzilla.samba.org/show_bug.cgi?id=13674\nhttps://github.com/samba-team/samba/commit/f33f52c366f7cf140f470de44579dcb7eb832629\nhttps://www.samba.org/samba/security/CVE-2018-16852.html\nhttps://bugzilla.samba.org/show_bug.cgi?id=13669\nhttps://github.com/samba-team/samba/commit/05f867db81f118215445f2c49eda4b9c3451d14a\nhttps://github.com/samba-team/samba/commit/c78ca8b9b48a19e71f4d6ddd2e300f282fb0b247\nhttps://www.samba.org/samba/security/CVE-2018-16853.html\nhttps://bugzilla.samba.org/show_bug.cgi?id=13571\nhttps://github.com/samba-team/samba/commit/4aabfecd290cd2769376abf7f170e832becc4112\nhttps://www.samba.org/samba/security/CVE-2018-16857.html\nhttps://bugzilla.samba.org/show_bug.cgi?id=13683\nhttps://github.com/samba-team/samba/commit/862d4909eccd18942e3de8e8b0dc6e1594ec27f1\nhttps://github.com/samba-team/samba/commit/4f86beeaf3408383385ee99a74520a805dd63c0f\nhttps://github.com/samba-team/samba/commit/d12b02c78842786969557b9be7c953e9594d90d\nhttps://github.com/samba-team/samba/commit/60b2cd50f4d0554cc5ca8c53b2d1fa89e56a6d06\nhttps://security.archlinux.org/CVE-2018-14629\nhttps://security.archlinux.org/CVE-2018-16841\nhttps://security.archlinux.org/CVE-2018-16851\nhttps://security.archlinux.org/CVE-2018-16852\nhttps://security.archlinux.org/CVE-2018-16853\nhttps://security.archlinux.org/CVE-2018-16857", "modified": "2018-11-28T00:00:00", "published": "2018-11-28T00:00:00", "id": "ASA-201811-22", "href": "https://security.archlinux.org/ASA-201811-22", "type": "archlinux", "title": "[ASA-201811-22] samba: multiple issues", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:31:49", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16857", "CVE-2018-16852", "CVE-2018-16851", "CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16853"], "description": "\nThe samba project reports:\n\nAll versions of Samba from 4.0.0 onwards are vulnerable to infinite\n\t query recursion caused by CNAME loops. Any dns record can be added via\n\t ldap by an unprivileged user using the ldbadd tool, so this is a\n\t security issue.\n\n\nWhen configured to accept smart-card authentication, Samba's KDC will call\n\t talloc_free() twice on the same memory if the principal in a validly signed\n\t certificate does not match the principal in the AS-REQ.\n\n\nDuring the processing of an LDAP search before Samba's AD DC returns\n\t the LDAP entries to the client, the entries are cached in a single\n\t memory object with a maximum size of 256MB. When this size is\n\t reached, the Samba process providing the LDAP service will follow the\n\t NULL pointer, terminating the process.\n\n\nDuring the processing of an DNS zone in the DNS management DCE/RPC server,\n\t the internal DNS server or the Samba DLZ plugin for BIND9, if the\n\t DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS\n\t property is set, the server will follow a NULL pointer and terminate\n\n\nA user in a Samba AD domain can crash the KDC when Samba is built in the\n\t non-default MIT Kerberos configuration.\n\n\nAD DC Configurations watching for bad passwords (to restrict brute forcing\n\t of passwords) in a window of more than 3 minutes may not watch for bad\n\t passwords at all.\n\n", "edition": 4, "modified": "2018-08-14T00:00:00", "published": "2018-08-14T00:00:00", "id": "54976998-F248-11E8-81E2-005056A311D1", "href": "https://vuxml.freebsd.org/freebsd/54976998-f248-11e8-81e2-005056a311d1.html", "title": "samba -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cisa": [{"lastseen": "2020-12-18T18:07:06", "bulletinFamily": "info", "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857"], "description": "The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.\n\nNCCIC encourages users and administrators to review the Samba Security Announcements for [CVE-2018-14629](<https://www.samba.org/samba/security/CVE-2018-14629.html>), [CVE-2018-16841](<https://www.samba.org/samba/security/CVE-2018-16841.html>), [CVE-2018-16851](<https://www.samba.org/samba/security/CVE-2018-16851.html>), [CVE-2018-16852](<https://www.samba.org/samba/security/CVE-2018-16852.html>), [CVE-2018-16853](<https://www.samba.org/samba/security/CVE-2018-16853.html>), and [CVE-2018-16857](<https://www.samba.org/samba/security/CVE-2018-16857.html>) and apply the necessary updates.\n\nThis product is provided subject to this Notification and this [Privacy &amp; Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://surveymonkey.com/r/G8STDRY?product=https://us-cert.cisa.gov/ncas/current-activity/2018/11/27/Samba-Releases-Security-Updates>); we'd welcome your feedback.\n", "modified": "2018-11-27T00:00:00", "published": "2018-11-27T00:00:00", "id": "CISA:E567C6CBA6FFDD941FA9D9550C4601C9", "href": "https://us-cert.cisa.gov/ncas/current-activity/2018/11/27/Samba-Releases-Security-Updates", "type": "cisa", "title": "Samba Releases Security Updates", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "slackware": [{"lastseen": "2020-10-25T16:36:01", "bulletinFamily": "unix", "cvelist": ["CVE-2018-14629", "CVE-2018-16841", "CVE-2018-16851", "CVE-2018-16852", "CVE-2018-16853", "CVE-2018-16857"], "description": "New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current\nto fix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/samba-4.6.16-i586-2_slack14.2.txz: Rebuilt.\n This update patches some security issues:\n CVE-2018-14629: Unprivileged adding of CNAME record causing loop in AD\n Internal DNS server\n CVE-2018-16841: Double-free in Samba AD DC KDC with PKINIT\n CVE-2018-16851: NULL pointer de-reference in Samba AD DC LDAP server\n CVE-2018-16852: NULL pointer de-reference in Samba AD DC DNS servers\n CVE-2018-16853: Samba AD DC S4U2Self crash in experimental MIT Kerberos\n configuration (unsupported)\n CVE-2018-16857: Bad password count in AD DC not always effective\n For more information, see:\n https://www.samba.org/samba/security/CVE-2018-14629.html\n https://www.samba.org/samba/security/CVE-2018-16841.html\n https://www.samba.org/samba/security/CVE-2018-16851.html\n https://www.samba.org/samba/security/CVE-2018-16852.html\n https://www.samba.org/samba/security/CVE-2018-16853.html\n https://www.samba.org/samba/security/CVE-2018-16857.html\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/samba-4.6.16-i486-2_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/samba-4.6.16-x86_64-2_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/samba-4.6.16-i486-2_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/samba-4.6.16-x86_64-2_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/samba-4.6.16-i586-2_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/samba-4.6.16-x86_64-2_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-4.9.3-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/samba-4.9.3-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\nef6b5b109beaee70cf8a558dcc3ff3d4 samba-4.6.16-i486-2_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n40b897540a27eb5daa3329a0e50fe0e8 samba-4.6.16-x86_64-2_slack14.0.txz\n\nSlackware 14.1 package:\n2bd298c4af25f04a1b24d2283bc0df4d samba-4.6.16-i486-2_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n8b31d1ae2e0da78e54c8add50b2022d8 samba-4.6.16-x86_64-2_slack14.1.txz\n\nSlackware 14.2 package:\n39da6c1775ca9510669591c32c13a9de samba-4.6.16-i586-2_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n79c2c4737179478277293fdf9400f056 samba-4.6.16-x86_64-2_slack14.2.txz\n\nSlackware -current package:\n8bee5f6f44e1110adfd30378cdb95664 n/samba-4.9.3-i586-1.txz\n\nSlackware x86_64 -current package:\n3b8e722a64af8a0190574ee4c5618e5b n/samba-4.9.3-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg samba-4.6.16-i586-2_slack14.2.txz\n\nThen, if Samba is running restart it:\n\n > /etc/rc.d/rc.samba restart", "modified": "2018-11-29T06:28:25", "published": "2018-11-29T06:28:25", "id": "SSA-2018-333-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.507711", "type": "slackware", "title": "[slackware-security] samba", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2020-03-25T20:37:37", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1139", "CVE-2018-16857", "CVE-2018-16852", "CVE-2019-14861", "CVE-2018-16851", "CVE-2018-10858", "CVE-2018-16860", "CVE-2019-19344", "CVE-2018-14629", "CVE-2018-1140", "CVE-2019-14902", "CVE-2018-10919", "CVE-2019-14907", "CVE-2018-16841", "CVE-2018-10918", "CVE-2019-14870", "CVE-2019-10197", "CVE-2018-16853"], "description": "### Background\n\nSamba is a suite of SMB and CIFS client/server programs.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code, cause a Denial of Service condition, conduct a man-in-the-middle attack, or obtain sensitive information. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Samba 4.9.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-fs/samba-4.9.18\"\n \n\nAll Samba 4.10.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-fs/samba-4.10.13\"\n \n\nAll Samba 4.11.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-fs/samba-4.11.6\"", "edition": 1, "modified": "2020-03-25T00:00:00", "published": "2020-03-25T00:00:00", "id": "GLSA-202003-52", "href": "https://security.gentoo.org/glsa/202003-52", "title": "Samba: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}]}