ID SECURITYVULNS:DOC:29271 Type securityvulns Reporter Securityvulns Modified 2013-04-22T00:00:00
Description
==========================================================================
Ubuntu Security Notice USN-1802-1
April 16, 2013
samba vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 12.04 LTS
Summary:
Samba would allow unintended write access to files over the network.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
It was discovered that Samba incorrectly handled CIFS share attributes when
SMB2 was used. A remote authenticated user could possibly gain write access
to certain shares, bypassing the intended permissions.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
samba 2:3.6.3-2ubuntu2.6
In general, a standard system update will make all the necessary changes.
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
{"id": "SECURITYVULNS:DOC:29271", "bulletinFamily": "software", "title": "[USN-1802-1] Samba vulnerability", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1802-1\r\nApril 16, 2013\r\n\r\nsamba vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nSamba would allow unintended write access to files over the network.\r\n\r\nSoftware Description:\r\n- samba: SMB/CIFS file, print, and login server for Unix\r\n\r\nDetails:\r\n\r\nIt was discovered that Samba incorrectly handled CIFS share attributes when\r\nSMB2 was used. A remote authenticated user could possibly gain write access\r\nto certain shares, bypassing the intended permissions.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 12.04 LTS:\r\n samba 2:3.6.3-2ubuntu2.6\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1802-1\r\n CVE-2013-0454\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/samba/2:3.6.3-2ubuntu2.6\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "published": "2013-04-22T00:00:00", "modified": "2013-04-22T00:00:00", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29271", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2013-0454"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:47", "edition": 1, "viewCount": 7, "enchantments": {"score": {"value": 6.1, "vector": "NONE", "modified": "2018-08-31T11:10:47", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-0454"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310841403", "OPENVAS:841403"]}, {"type": "ubuntu", "idList": ["USN-1802-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13027"]}, {"type": "nessus", "idList": ["UBUNTU_USN-1802-1.NASL", "SAMBA_3_6_6.NASL", "OPENSUSE-2013-435.NASL"]}, {"type": "samba", "idList": ["SAMBA:CVE-2013-0454"]}], "modified": "2018-08-31T11:10:47", "rev": 2}, "vulnersScore": 6.1}, "affectedSoftware": []}
{"cve": [{"lastseen": "2021-02-02T06:06:46", "description": "The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a read-only share; (2) trigger data-integrity problems related to the oplock, locking, coherency, or leases attribute; or (3) have an unspecified impact by leveraging incorrect handling of the browseable or \"hide unreadable\" parameter.", "edition": 6, "cvss3": {}, "published": "2013-03-26T21:55:00", "title": "CVE-2013-0454", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0454"], "modified": "2017-08-29T01:33:00", "cpe": ["cpe:/a:ibm:storwize:v7000", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:samba:samba:3.6.2", "cpe:/a:samba:samba:3.6.0", "cpe:/a:samba:samba:3.6.1", "cpe:/a:samba:samba:3.6.3", "cpe:/a:samba:samba:3.6.4", "cpe:/a:samba:samba:3.6.5"], "id": "CVE-2013-0454", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0454", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:samba:samba:3.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:storwize:v7000:1.3:*:*:*:*:*:*", "cpe:2.3:a:ibm:storwize:v7000:1.4:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", "cpe:2.3:a:samba:samba:3.6.1:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-02T11:44:58", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0454"], "description": "It was discovered that Samba incorrectly handled CIFS share attributes when \nSMB2 was used. A remote authenticated user could possibly gain write access \nto certain shares, bypassing the intended permissions.", "edition": 5, "modified": "2013-04-16T00:00:00", "published": "2013-04-16T00:00:00", "id": "USN-1802-1", "href": "https://ubuntu.com/security/notices/USN-1802-1", "title": "Samba vulnerability", "type": "ubuntu", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2018-02-06T13:10:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0454"], "description": "Check for the Version of samba", "modified": "2018-02-05T00:00:00", "published": "2013-04-19T00:00:00", "id": "OPENVAS:841403", "href": "http://plugins.openvas.org/nasl.php?oid=841403", "type": "openvas", "title": "Ubuntu Update for samba USN-1802-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1802_1.nasl 8672 2018-02-05 16:39:18Z teissa $\n#\n# Ubuntu Update for samba USN-1802-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"samba on Ubuntu 12.04 LTS\";\ntag_insight = \"It was discovered that Samba incorrectly handled CIFS share attributes when\n SMB2 was used. A remote authenticated user could possibly gain write access\n to certain shares, bypassing the intended permissions.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(841403);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-19 10:09:06 +0530 (Fri, 19 Apr 2013)\");\n script_cve_id(\"CVE-2013-0454\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_name(\"Ubuntu Update for samba USN-1802-1\");\n\n script_xref(name: \"USN\", value: \"1802-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1802-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of samba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:3.6.3-2ubuntu2.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0454"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-04-19T00:00:00", "id": "OPENVAS:1361412562310841403", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841403", "type": "openvas", "title": "Ubuntu Update for samba USN-1802-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1802_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for samba USN-1802-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841403\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-19 10:09:06 +0530 (Fri, 19 Apr 2013)\");\n script_cve_id(\"CVE-2013-0454\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_name(\"Ubuntu Update for samba USN-1802-1\");\n\n script_xref(name:\"USN\", value:\"1802-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1802-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'samba'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n script_tag(name:\"affected\", value:\"samba on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"It was discovered that Samba incorrectly handled CIFS share attributes when\n SMB2 was used. A remote authenticated user could possibly gain write access\n to certain shares, bypassing the intended permissions.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"samba\", ver:\"2:3.6.3-2ubuntu2.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "samba": [{"lastseen": "2020-12-24T13:21:00", "bulletinFamily": "software", "cvelist": ["CVE-2013-0454"], "description": "Due to a assignment vs equality bug a share reference might get overwritten. This can lead to 'read only = no' from another share to leak into a 'read only = yes' share for a subsequent connections. This is a re-evaluation of an already fixed bug.", "edition": 5, "modified": "2013-04-02T00:00:00", "published": "2013-04-02T00:00:00", "id": "SAMBA:CVE-2013-0454", "href": "https://www.samba.org/samba/security/CVE-2013-0454.html", "title": "A writable configured share might get read only ", "type": "samba", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:51", "bulletinFamily": "software", "cvelist": ["CVE-2013-0454"], "description": "It's possible o bypass share attributes limitations.", "edition": 1, "modified": "2013-04-22T00:00:00", "published": "2013-04-22T00:00:00", "id": "SECURITYVULNS:VULN:13027", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13027", "title": "Samba limitations bypass", "type": "securityvulns", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2021-01-20T12:26:37", "description": "This submission supersedes the Samba packages currently available from\nhttp://download.openSUSE.org/pub/opensuse/update/ for openSUSE\nversions 12.1 through 12.3.\n\n - Add support for PFC_FLAG_OBJECT_UUID when parsing\n packets; (bso#9382).\n\n - Fix 'guest ok', 'force user' and 'force group' for guest\n users; (bso#9746).\n\n - Fix 'map untrusted to domain' with NTLMv2; (bso#9817).\n\n - Fix crash bug in Winbind; (bso#9854).\n\n - Fix panic in nt_printer_publish_ads; (bso#9830).", "edition": 20, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : samba (openSUSE-SU-2013:0933-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0454"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:samba-winbind-debuginfo-32bit", "p-cpe:/a:novell:opensuse:samba-devel", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:libtevent0-debuginfo", "p-cpe:/a:novell:opensuse:libldb-devel", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libtdb1-32bit", "p-cpe:/a:novell:opensuse:libtevent0-32bit", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:libldb1", "p-cpe:/a:novell:opensuse:libldb1-debuginfo", "p-cpe:/a:novell:opensuse:libtdb-devel", "p-cpe:/a:novell:opensuse:libwbclient0-32bit", "p-cpe:/a:novell:opensuse:libtdb1", "p-cpe:/a:novell:opensuse:samba-krb-printing-debuginfo", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:libtalloc-devel", "p-cpe:/a:novell:opensuse:libsmbsharemodes0-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient0-32bit", "p-cpe:/a:novell:opensuse:libldb1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:libwbclient0-debuginfo", "p-cpe:/a:novell:opensuse:libtdb1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libldb1-32bit", "p-cpe:/a:novell:opensuse:libwbclient-devel", "p-cpe:/a:novell:opensuse:samba-client-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libtevent0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libtalloc2", "p-cpe:/a:novell:opensuse:libsmbclient0", "p-cpe:/a:novell:opensuse:libtevent-devel", "p-cpe:/a:novell:opensuse:libtdb1-debuginfo", "p-cpe:/a:novell:opensuse:libtevent0", "p-cpe:/a:novell:opensuse:samba-debugsource", "p-cpe:/a:novell:opensuse:ldapsmb", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo", "p-cpe:/a:novell:opensuse:samba-32bit", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-winbind-debuginfo", "p-cpe:/a:novell:opensuse:libtalloc2-debuginfo", "p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libnetapi0-debuginfo", "p-cpe:/a:novell:opensuse:samba-client-debuginfo", "p-cpe:/a:novell:opensuse:libtalloc2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:samba-winbind-32bit", "p-cpe:/a:novell:opensuse:libnetapi-devel", "p-cpe:/a:novell:opensuse:samba-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsmbsharemodes-devel", "p-cpe:/a:novell:opensuse:libsmbsharemodes0", "p-cpe:/a:novell:opensuse:samba-krb-printing", "p-cpe:/a:novell:opensuse:libsmbclient-devel", "p-cpe:/a:novell:opensuse:libtalloc2-32bit", "p-cpe:/a:novell:opensuse:libnetapi0", "p-cpe:/a:novell:opensuse:libwbclient0", "cpe:/o:novell:opensuse:12.2", "p-cpe:/a:novell:opensuse:samba-debuginfo"], "id": "OPENSUSE-2013-435.NASL", "href": "https://www.tenable.com/plugins/nessus/75007", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-435.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75007);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-0454\");\n\n script_name(english:\"openSUSE Security Update : samba (openSUSE-SU-2013:0933-1)\");\n script_summary(english:\"Check for the openSUSE-2013-435 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This submission supersedes the Samba packages currently available from\nhttp://download.openSUSE.org/pub/opensuse/update/ for openSUSE\nversions 12.1 through 12.3.\n\n - Add support for PFC_FLAG_OBJECT_UUID when parsing\n packets; (bso#9382).\n\n - Fix 'guest ok', 'force user' and 'force group' for guest\n users; (bso#9746).\n\n - Fix 'map untrusted to domain' with NTLMv2; (bso#9817).\n\n - Fix crash bug in Winbind; (bso#9854).\n\n - Fix panic in nt_printer_publish_ads; (bso#9830).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://download.openSUSE.org/pub/opensuse/update/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=786350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=792294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=800782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=802031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=807334\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=811975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=815994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=7825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9130\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9378\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9474\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9541\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9568\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9574\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9585\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9586\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9587\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9588\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9633\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9646\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9723\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9724\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9727\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9736\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9747\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9809\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9811\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.samba.org/show_bug.cgi?id=9854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-05/msg00029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-06/msg00070.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected samba packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldapsmb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbsharemodes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbsharemodes0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsmbsharemodes0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-krb-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-krb-printing-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ldapsmb-1.34b-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libldb-devel-1.0.2-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libldb1-1.0.2-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libldb1-debuginfo-1.0.2-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libnetapi-devel-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libnetapi0-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libnetapi0-debuginfo-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsmbclient-devel-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsmbclient0-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsmbclient0-debuginfo-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsmbsharemodes-devel-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsmbsharemodes0-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsmbsharemodes0-debuginfo-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtalloc-devel-2.0.5-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtalloc2-2.0.5-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtalloc2-debuginfo-2.0.5-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtdb-devel-1.2.9-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtdb1-1.2.9-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtdb1-debuginfo-1.2.9-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtevent-devel-0.9.11-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtevent0-0.9.11-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtevent0-debuginfo-0.9.11-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libwbclient-devel-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libwbclient0-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libwbclient0-debuginfo-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"samba-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"samba-client-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"samba-client-debuginfo-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"samba-debuginfo-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"samba-debugsource-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"samba-devel-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"samba-krb-printing-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"samba-krb-printing-debuginfo-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"samba-winbind-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"samba-winbind-debuginfo-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libldb1-32bit-1.0.2-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libldb1-debuginfo-32bit-1.0.2-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libsmbclient0-debuginfo-32bit-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libtalloc2-32bit-2.0.5-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libtalloc2-debuginfo-32bit-2.0.5-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libtdb1-32bit-1.2.9-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libtdb1-debuginfo-32bit-1.2.9-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libtevent0-32bit-0.9.11-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libtevent0-debuginfo-32bit-0.9.11-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libwbclient0-debuginfo-32bit-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"samba-32bit-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"samba-client-32bit-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"samba-client-debuginfo-32bit-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"samba-debuginfo-32bit-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"samba-winbind-debuginfo-32bit-3.6.3-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ldapsmb-1.34b-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libnetapi-devel-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libnetapi0-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libnetapi0-debuginfo-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libsmbclient-devel-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libsmbclient0-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libsmbclient0-debuginfo-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libsmbsharemodes-devel-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libsmbsharemodes0-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libsmbsharemodes0-debuginfo-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libwbclient-devel-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libwbclient0-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libwbclient0-debuginfo-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"samba-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"samba-client-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"samba-client-debuginfo-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"samba-debuginfo-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"samba-debugsource-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"samba-devel-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"samba-krb-printing-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"samba-krb-printing-debuginfo-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"samba-winbind-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"samba-winbind-debuginfo-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libsmbclient0-debuginfo-32bit-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libwbclient0-debuginfo-32bit-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"samba-32bit-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"samba-client-32bit-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"samba-client-debuginfo-32bit-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"samba-debuginfo-32bit-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"samba-winbind-debuginfo-32bit-3.6.7-48.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ldapsmb-1.34b-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libnetapi-devel-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libnetapi0-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libnetapi0-debuginfo-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsmbclient-devel-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsmbclient0-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsmbclient0-debuginfo-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsmbsharemodes-devel-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsmbsharemodes0-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsmbsharemodes0-debuginfo-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libwbclient-devel-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libwbclient0-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libwbclient0-debuginfo-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"samba-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"samba-client-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"samba-client-debuginfo-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"samba-debuginfo-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"samba-debugsource-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"samba-devel-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"samba-krb-printing-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"samba-krb-printing-debuginfo-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"samba-winbind-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"samba-winbind-debuginfo-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libsmbclient0-32bit-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libsmbclient0-debuginfo-32bit-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libwbclient0-32bit-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libwbclient0-debuginfo-32bit-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"samba-32bit-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"samba-client-32bit-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"samba-client-debuginfo-32bit-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"samba-debuginfo-32bit-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"samba-winbind-32bit-3.6.12-59.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"samba-winbind-debuginfo-32bit-3.6.12-59.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldapsmb / libldb-devel / libldb1 / libldb1-32bit / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2021-02-01T06:01:20", "description": "According to its banner, the version of Samba 3.6.x running on the\nremote host is earlier than 3.6.6, and as such, it is potentially\naffected by a remote security bypass vulnerability because it fails to\nproperly enforce CIFS share attributes. \n\nThis may allow a remote, authenticated attacker to write to read-only\nshares, impact integrity related to oplock, locking, coherency, or\nleases or leases attributes. \n\nNote that Nessus has not actually tried to exploit this issue or\notherwise determine if the patch or workaround has been applied.", "edition": 25, "published": "2013-07-01T00:00:00", "title": "Samba 3.6.x < 3.6.6 Remote Security Bypass", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0454"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_3_6_6.NASL", "href": "https://www.tenable.com/plugins/nessus/67118", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(67118);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\"CVE-2013-0454\");\n script_bugtraq_id(58655);\n\n script_name(english:\"Samba 3.6.x < 3.6.6 Remote Security Bypass\");\n script_summary(english:\"Checks version of Samba\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is affected by a remote security bypass\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Samba 3.6.x running on the\nremote host is earlier than 3.6.6, and as such, it is potentially\naffected by a remote security bypass vulnerability because it fails to\nproperly enforce CIFS share attributes. \n\nThis may allow a remote, authenticated attacker to write to read-only\nshares, impact integrity related to oplock, locking, coherency, or\nleases or leases attributes. \n\nNote that Nessus has not actually tried to exploit this issue or\notherwise determine if the patch or workaround has been applied.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2013-0454.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/samba-3.6.6.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Either install the patch referenced in the project's advisory or\nupgrade to 3.6.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/01\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\nlanman = get_kb_item_or_exit(\"SMB/NativeLanManager\");\nif (\"Samba \" >!< lanman) audit(AUDIT_NOT_LISTEN, \"Samba\", port);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (lanman =~ '^Samba 3(\\\\.6)?$') exit(1, \"The version, \"+lanman+\", of the SMB service listening on port \"+port+\" is not granular enough to make a determination.\");\n\n\nversion = lanman - 'Samba ';\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n\n# 3.6\nif (ver[0] == 3 && ver[1] == 6 && ver[2] < 6)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : 3.6.6\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Samba\", port, version);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2021-02-01T07:17:01", "description": "It was discovered that Samba incorrectly handled CIFS share attributes\nwhen SMB2 was used. A remote authenticated user could possibly gain\nwrite access to certain shares, bypassing the intended permissions.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2013-04-17T00:00:00", "title": "Ubuntu 12.04 LTS : samba vulnerability (USN-1802-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0454"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:samba", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1802-1.NASL", "href": "https://www.tenable.com/plugins/nessus/65994", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1802-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65994);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-0454\");\n script_bugtraq_id(58655);\n script_xref(name:\"USN\", value:\"1802-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : samba vulnerability (USN-1802-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Samba incorrectly handled CIFS share attributes\nwhen SMB2 was used. A remote authenticated user could possibly gain\nwrite access to certain shares, bypassing the intended permissions.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1802-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected samba package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"samba\", pkgver:\"2:3.6.3-2ubuntu2.6\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}]}
