DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENSUSE-SU-2022:0283-1", "vendorId": null, "type": "suse", "bulletinFamily": "unix", "title": "Security update for samba (important)", "description": "An update that solves 8 vulnerabilities, contains one\n feature and has two fixes is now available.\n\nDescription:\n\n\n\n - CVE-2021-44141: Information leak via symlinks of existance of files or\n directories outside of the exported share; (bso#14911); (bsc#1193690);\n - CVE-2021-44142: Out-of-bounds heap read/write vulnerability in VFS\n module vfs_fruit allows code execution; (bso#14914); (bsc#1194859);\n - CVE-2022-0336: Samba AD users with permission to write to an account can\n impersonate arbitrary services; (bso#14950); (bsc#1195048);\n\n samba was updated to 4.15.4 (jsc#SLE-23329);\n\n * Duplicate SMB file_ids leading to Windows client cache poisoning;\n (bso#14928);\n * Failed to parse NTLMv2_RESPONSE length 95 - Buffer Size Error -\n NT_STATUS_BUFFER_TOO_SMALL; (bso#14932);\n * kill_tcp_connections does not work; (bso#14934);\n * Can't connect to Windows shares not requiring authentication using\n KDE/Gnome; (bso#14935);\n * smbclient -L doesn't set \"client max protocol\" to NT1 before calling the\n \"Reconnecting with SMB1 for workgroup listing\" path; (bso#14939);\n * Cross device copy of the crossrename module always fails; (bso#14940);\n * symlinkat function from VFS cap module always fails with an error;\n (bso#14941);\n * Fix possible fsp pointer deference; (bso#14942);\n * Missing pop_sec_ctx() in error path inside close_directory();\n (bso#14944);\n * \"smbd --build-options\" no longer works without an smb.conf file;\n (bso#14945);\n\n Samba was updated to version 4.15.3\n\n + CVE-2021-43566: Symlink race error can allow directory creation\n outside of the exported share; (bsc#1139519);\n + CVE-2021-20316: Symlink race error can allow metadata read and modify\n outside of the exported share; (bsc#1191227);\n - Reorganize libs packages. Split samba-libs into samba-client-libs,\n samba-libs, samba-winbind-libs and samba-ad-dc-libs, merging samba\n public libraries depending on internal samba libraries into these\n packages as there were dependency problems everytime one of these public\n libraries changed its version (bsc#1192684). The devel packages are\n merged into samba-devel.\n - Rename package samba-core-devel to samba-devel\n - Update the symlink create by samba-dsdb-modules to private samba ldb\n modules following libldb2 changes from /usr/lib64/ldb/samba to\n /usr/lib64/ldb2/modules/ldb/samba\n\n krb5 was updated to 1.16.3 to 1.19.2\n\n * Fix a denial of service attack against the KDC encrypted challenge code;\n (CVE-2021-36222);\n * Fix a memory leak when gss_inquire_cred() is called without a credential\n handle.\n\n Changes from 1.19.1:\n\n * Fix a linking issue with Samba.\n * Better support multiple pkinit_identities values by checking whether\n certificates can be loaded for each value.\n\n Changes from 1.19\n\n Administrator experience\n * When a client keytab is present, the GSSAPI krb5 mech will refresh\n credentials even if the current credentials were acquired manually.\n * It is now harder to accidentally delete the K/M entry from a KDB.\n Developer experience\n * gss_acquire_cred_from() now supports the \"password\" and \"verify\"\n options, allowing credentials to be acquired via password and verified\n using a keytab key.\n * When an application accepts a GSS security context, the new\n GSS_C_CHANNEL_BOUND_FLAG will be set if the initiator and acceptor\n both provided matching channel bindings.\n * Added the GSS_KRB5_NT_X509_CERT name type, allowing S4U2Self requests\n to identify the desired client principal by certificate.\n * PKINIT certauth modules can now cause the hw-authent flag to be set in\n issued tickets.\n * The krb5_init_creds_step() API will now issue the same password\n expiration warnings as krb5_get_init_creds_password(). Protocol\n evolution\n * Added client and KDC support for Microsoft's Resource-Based\n Constrained Delegation, which allows cross-realm S4U2Proxy requests. A\n third-party database module is required for KDC support.\n * kadmin/admin is now the preferred server principal name for kadmin\n connections, and the host-based form is no longer created by default.\n The client will still try the host-based form as a fallback.\n * Added client and server support for Microsoft's KERB_AP_OPTIONS_CBT\n extension, which causes channel bindings to be required for the\n initiator if the acceptor provided them. The client will send this\n option if the client_aware_gss_bindings profile option is set. User\n experience\n * kinit will now issue a warning if the des3-cbc-sha1 encryption type is\n used in the reply. This encryption type will be deprecated and removed\n in future releases.\n * Added kvno flags --out-cache, --no-store, and --cached-only (inspired\n by Heimdal's kgetcred).\n\n Changes from 1.18.3\n * Fix a denial of service vulnerability when decoding Kerberos protocol\n messages.\n * Fix a locking issue with the LMDB KDB module which could cause KDC and\n kadmind processes to lose access to the database.\n * Fix an assertion failure when libgssapi_krb5 is repeatedly loaded and\n unloaded while libkrb5support remains loaded.\n\n Changes from 1.18.2\n * Fix a SPNEGO regression where an acceptor using the default credential\n would improperly filter mechanisms, causing a negotiation failure.\n * Fix a bug where the KDC would fail to issue tickets if the local krbtgt\n principal's first key has a single-DES enctype.\n * Add stub functions to allow old versions of OpenSSL libcrypto to link\n against libkrb5.\n * Fix a NegoEx bug where the client name and delegated credential might\n not be reported.\n\n Changes from 1.18.1\n * Fix a crash when qualifying short hostnames when the system has no\n primary DNS domain.\n * Fix a regression when an application imports \"service@\" as a GSS\n host-based name for its acceptor credential handle.\n * Fix KDC enforcement of auth indicators when they are modified by the KDB\n module.\n * Fix removal of require_auth string attributes when the LDAP KDB module\n is used.\n * Fix a compile error when building with musl libc on Linux.\n * Fix a compile error when building with gcc 4.x.\n * Change the KDC constrained delegation precedence order for consistency\n with Windows KDCs.\n\n Changes from 1.18 Administrator experience:\n * Remove support for single-DES encryption types.\n * Change the replay cache format to be more efficient and robust. Replay\n cache filenames using the new format end with \".rcache2\" by default.\n * setuid programs will automatically ignore environment variables that\n normally affect krb5 API functions, even if the caller does not use\n krb5_init_secure_context().\n * Add an \"enforce_ok_as_delegate\" krb5.conf relation to disable\n credential forwarding during GSSAPI authentication unless the KDC sets\n the ok-as-delegate bit in the service ticket.\n * Use the permitted_enctypes krb5.conf setting as the default value for\n default_tkt_enctypes and default_tgs_enctypes. Developer experience:\n * Implement krb5_cc_remove_cred() for all credential cache types.\n * Add the krb5_pac_get_client_info() API to get the client account name\n from a PAC. Protocol evolution:\n * Add KDC support for S4U2Self requests where the user is identified by\n X.509 certificate. (Requires support for certificate lookup from a\n third-party KDB module.)\n * Remove support for an old (\"draft 9\") variant of PKINIT.\n * Add support for Microsoft NegoEx. (Requires one or more third-party\n GSS modules implementing NegoEx mechanisms.) User experience:\n * Add support for \"dns_canonicalize_hostname=fallback\", causing\n host-based principal names to be tried first without DNS\n canonicalization, and again with DNS canonicalization if the\n un-canonicalized server is not found.\n * Expand single-component hostnames in host-based principal names when\n DNS canonicalization is not used, adding the system's first DNS search\n path as a suffix. Add a \"qualify_shortname\" krb5.conf relation to\n override this suffix or disable expansion.\n * Honor the transited-policy-checked ticket flag on application servers,\n eliminating the requirement to configure capaths on servers in some\n scenarios. Code quality:\n * The libkrb5 serialization code (used to export and import krb5 GSS\n security contexts) has been simplified and made type-safe.\n * The libkrb5 code for creating KRB-PRIV, KRB-SAFE, and KRB-CRED\n messages has been revised to conform to current coding practices.\n * The test suite has been modified to work with macOS System Integrity\n Protection enabled.\n * The test suite incorporates soft-pkcs11 so that PKINIT PKCS11 support\n can always be tested.\n\n Changes from 1.17.1\n * Fix a bug preventing \"addprinc -randkey -kvno\" from working in kadmin.\n * Fix a bug preventing time skew correction from working when a KCM\n credential cache is used.\n\n Changes from 1.17: Administrator experience:\n * A new Kerberos database module using the Lightning Memory-Mapped\n Database library (LMDB) has been added. The LMDB KDB module should be\n more performant and more robust than the DB2 module, and may become the\n default module for new databases in a future release.\n * \"kdb5_util dump\" will no longer dump policy entries when specific\n principal names are requested. Developer experience:\n * The new krb5_get_etype_info() API can be used to retrieve enctype, salt,\n and string-to-key parameters from the KDC for a client principal.\n * The new GSS_KRB5_NT_ENTERPRISE_NAME name type allows enterprise\n principal names to be used with GSS-API functions.\n * KDC and kadmind modules which call com_err() will now write to the log\n file in a format more consistent with other log messages.\n * Programs which use large numbers of memory credential caches should\n perform better. Protocol evolution:\n * The SPAKE pre-authentication mechanism is now supported. This mechanism\n protects against password dictionary attacks without requiring any\n additional infrastructure such as certificates. SPAKE is enabled by\n default on clients, but must be manually enabled on the KDC for this\n release.\n * PKINIT freshness tokens are now supported. Freshness tokens can protect\n against scenarios where an attacker uses temporary access to a smart\n card to generate authentication requests for the future.\n * Password change operations now prefer TCP over UDP, to avoid spurious\n error messages about replays when a response packet is dropped.\n * The KDC now supports cross-realm S4U2Self requests when used with a\n third-party KDB module such as Samba's. The client code for cross-realm\n S4U2Self requests is also now more robust. User experience:\n * The new ktutil addent -f flag can be used to fetch salt information from\n the KDC for password-based keys.\n * The new kdestroy -p option can be used to destroy a credential cache\n within a collection by client principal name.\n * The Kerberos man page has been restored, and documents the environment\n variables that affect programs using the Kerberos library. Code quality:\n * Python test scripts now use Python 3.\n * Python test scripts now display markers in verbose output, making it\n easier to find where a failure occurred within the scripts.\n * The Windows build system has been simplified and updated to work with\n more recent versions of Visual Studio. A large volume of unused\n Windows-specific code has been removed. Visual Studio 2013\n or later is now required.\n\n - Build with full Cyrus SASL support. Negotiating SASL credentials with an\n EXTERNAL bind mechanism requires interaction. Kerberos provides its\n own interaction function that skips all interaction, thus preventing the\n mechanism from working. ldb was updated to version 2.4.1\n (jsc#SLE-23329);\n\n - Release 2.4.1\n\n + Corrected python behaviour for 'in' for LDAP attributes contained as\n part of ldb.Message; (bso#14845);\n + Fix memory handling in ldb.msg_diff; (bso#14836);\n\n - Release 2.4.0\n\n + pyldb: Fix Message.items() for a message containing elements\n + pyldb: Add test for Message.items()\n + tests: Use ldbsearch '--scope instead of '-s'\n + Change page size of guidindexpackv1.ldb\n + Use a 1MiB lmdb so the test also passes on aarch64 CentOS stream\n + attrib_handler casefold: simplify space dropping\n + fix ldb_comparison_fold off-by-one overrun\n + CVE-2020-27840: pytests: move Dn.validate test to ldb\n + CVE-2020-27840 ldb_dn: avoid head corruption in ldb_dn_explode\n + CVE-2021-20277 ldb/attrib_handlers casefold: stay in bounds\n + CVE-2021-20277 ldb tests: ldb_match tests with extra spaces\n + improve comments for ldb_module_connect_backend()\n + test/ldb_tdb: correct introductory comments\n + ldb.h: remove undefined async_ctx function signatures\n + correct comments in attrib_handers val_to_int64\n + dn tests use cmocka print functions\n + ldb_match: remove redundant check\n + add tests for ldb_wildcard_compare\n + ldb_match: trailing chunk must match end of string\n + pyldb: catch potential overflow error in py_timestring\n + ldb: remove some 'if PY3's in tests\n\n talloc was updated to 2.3.3:\n\n + various bugfixes\n + python: Ensure reference counts are properly incremented\n + Change pytalloc source to LGPL\n + Upgrade waf to 2.0.18 to fix a cross-compilation issue; (bso#13846).\n\n tdb was updated to version 1.4.4:\n\n + various bugfixes\n\n tevent was updated to version 0.11.0:\n\n + Add custom tag to events\n + Add event trace api\n\n sssd was updated to:\n\n - Fix tests test_copy_ccache & test_copy_keytab for later versions of krb5\n - Update the private ldb modules installation following libldb2 changes\n from /usr/lib64/ldb/samba to /usr/lib64/ldb2/modules/ldb/samba\n\n apparmor was updated to:\n\n - Cater for changes to ldb packaging to allow parallel installation with\n libldb (bsc#1192684).\n - add profile for samba-bgqd (bsc#1191532).\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-283=1", "published": "2022-02-01T00:00:00", "modified": "2022-02-01T00:00:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.0}, "severity": "HIGH", "exploitabilityScore": 8.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/72ZRNFZ3DE3TJA7HFCVV476YJN6I4B5M/", "reporter": "Suse", "references": [], "cvelist": ["CVE-2020-27840", "CVE-2021-20277", "CVE-2021-20316", "CVE-2021-36222", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "immutableFields": [], "lastseen": "2022-11-06T12:08:42", "viewCount": 30, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2021:1197", "ALSA-2021:3576", "ALSA-2022:0332", "ALSA-2022:2074"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2020-27840", "ALPINE:CVE-2021-20277", "ALPINE:CVE-2021-20316", "ALPINE:CVE-2021-43566", "ALPINE:CVE-2021-44141", "ALPINE:CVE-2021-44142"]}, {"type": "altlinux", "idList": ["4E38E80E246214630AB0170F8822E34B", "B9925885902E8FADC6A2692C22AF3B24"]}, {"type": "amazon", "idList": ["ALAS-2021-1494", "ALAS-2022-1564", "ALAS2-2021-1628", "ALAS2-2022-1746"]}, {"type": "centos", "idList": ["CESA-2021:1072", "CESA-2022:0328"]}, {"type": "cert", "idList": ["VU:119678"]}, {"type": "cisa", "idList": ["CISA:07D5CC40C9E66F413405DC92522747C5", "CISA:B08E79D5864ADAC428776919C71C8778", "CISA:B53B7116C4E8239B47888D3AD39F7D1F"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:C597E2EA8E919F62FC3E9E5C918FE1B7"]}, {"type": "cnvd", "idList": ["CNVD-2022-18047"]}, {"type": "cve", "idList": ["CVE-2020-27840", "CVE-2021-20277", "CVE-2021-20316", "CVE-2021-36222", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2611-1:F1BEF", "DEBIAN:DSA-4884-1:8ACE0", "DEBIAN:DSA-4884-1:D6B31", "DEBIAN:DSA-4944-1:B2B8F", "DEBIAN:DSA-4944-1:C849C", "DEBIAN:DSA-5071-1:71FFF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-27840", "DEBIANCVE:CVE-2021-20277", "DEBIANCVE:CVE-2021-20316", "DEBIANCVE:CVE-2021-36222", "DEBIANCVE:CVE-2021-43566", "DEBIANCVE:CVE-2021-44141", "DEBIANCVE:CVE-2021-44142", "DEBIANCVE:CVE-2022-0336"]}, {"type": "f5", "idList": ["F5:K08602542", "F5:K45752041", "F5:K48527562", "F5:K84695749"]}, {"type": "fedora", "idList": ["FEDORA:0DD873072EBE", "FEDORA:2C4A530E1962", "FEDORA:49AF8312EC07", "FEDORA:910E830F68E9", "FEDORA:B5FA731A66B6", "FEDORA:BAC3130A4CEB", "FEDORA:C24673131F53", "FEDORA:CD93C309E782", "FEDORA:D097930F7ECB", "FEDORA:E133C304C758"]}, {"type": "freebsd", "idList": ["1F6D97DA-8F72-11EB-B3F1-005056A311D1", "8579074C-839F-11EC-A3B2-005056A311D1", "C9387E4D-2F5F-11EC-8BE6-D4C9EF517024"]}, {"type": "gentoo", "idList": ["GLSA-202105-22"]}, {"type": "githubexploit", "idList": ["3E948D04-4013-561A-9F41-7C692AB14993", "9AAA7F0F-9868-5520-89F3-D09DFC7BE995", "B0F54D1F-71E5-54D9-BED8-BA166E090B14"]}, {"type": "ibm", "idList": ["25A65ADD2259E5466AE95B2C3CF70AF0345E2B0D71A6B9AD7F9F87A979A9FC8E", "34CC9D7721C963B056C83F77396BEE1AE82A312286A43B241F322E84A8E5C203", "5B2955FD3A9AA9B3B82E12F0886C35C044D8113BB880DCFFA11B44637288E1CF", "81888C5B2AB508173E8A42F5BFE94831F0AC299F823257C974E685AD0574CB4F", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "B07F5F95DC160BC577BCF0F6B2CA7525D98BC1ED3F1D3CFFB685540DF0D501B3", "CC17E17E076A44EF02E85659197C661661F549157CAC222BEF819F68925BEA45", "EDCD7C6F942E7E7EFA18D0CD216C96A69DB9DA76E57B9A5EA2BC61796211528A"]}, {"type": "kaspersky", "idList": ["KLA12439", "KLA12440"]}, {"type": "mageia", "idList": ["MGASA-2021-0287", "MGASA-2022-0054"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:353332AFBB6514EFED7F5F38820FFD50"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1628.NASL", "AL2_ALAS-2022-1746.NASL", "ALA_ALAS-2021-1494.NASL", "ALA_ALAS-2022-1564.NASL", "ALMA_LINUX_ALSA-2021-1197.NASL", "ALMA_LINUX_ALSA-2021-3576.NASL", "ALMA_LINUX_ALSA-2022-0332.NASL", "ALMA_LINUX_ALSA-2022-2074.NASL", "CENTOS8_RHSA-2021-1197.NASL", "CENTOS8_RHSA-2021-3576.NASL", "CENTOS8_RHSA-2022-2074.NASL", "CENTOS_RHSA-2021-1072.NASL", "CENTOS_RHSA-2022-0328.NASL", "DEBIAN_DLA-2611.NASL", "DEBIAN_DSA-4884.NASL", "DEBIAN_DSA-4944.NASL", "DEBIAN_DSA-5071.NASL", "EULEROS_SA-2021-1811.NASL", "EULEROS_SA-2021-1846.NASL", "EULEROS_SA-2021-1961.NASL", "EULEROS_SA-2021-1968.NASL", "EULEROS_SA-2021-1984.NASL", "EULEROS_SA-2021-1988.NASL", "EULEROS_SA-2021-2014.NASL", "EULEROS_SA-2021-2023.NASL", "EULEROS_SA-2021-2026.NASL", "EULEROS_SA-2021-2038.NASL", "EULEROS_SA-2021-2055.NASL", "EULEROS_SA-2021-2066.NASL", "EULEROS_SA-2021-2079.NASL", "EULEROS_SA-2021-2102.NASL", "EULEROS_SA-2021-2222.NASL", "EULEROS_SA-2021-2229.NASL", "EULEROS_SA-2021-2397.NASL", "EULEROS_SA-2021-2446.NASL", "EULEROS_SA-2021-2466.NASL", "EULEROS_SA-2021-2591.NASL", "EULEROS_SA-2021-2615.NASL", "EULEROS_SA-2021-2689.NASL", "EULEROS_SA-2021-2714.NASL", "EULEROS_SA-2021-2743.NASL", "EULEROS_SA-2021-2777.NASL", "EULEROS_SA-2021-2883.NASL", "EULEROS_SA-2021-2896.NASL", "EULEROS_SA-2022-1071.NASL", "EULEROS_SA-2022-1438.NASL", "EULEROS_SA-2022-1459.NASL", "EULEROS_SA-2022-1551.NASL", "EULEROS_SA-2022-1586.NASL", "EULEROS_SA-2022-1614.NASL", "EULEROS_SA-2022-1638.NASL", "EULEROS_SA-2022-1652.NASL", "EULEROS_SA-2022-1666.NASL", "EULEROS_SA-2022-1675.NASL", "EULEROS_SA-2022-1763.NASL", "EULEROS_SA-2022-2038.NASL", "EULEROS_SA-2022-2066.NASL", "EULEROS_SA-2022-2537.NASL", "EULEROS_SA-2022-2589.NASL", "FEDORA_2021-1A8E93A285.NASL", "FEDORA_2021-C93A3A5D3F.NASL", "FREEBSD_PKG_1F6D97DA8F7211EBB3F1005056A311D1.NASL", "FREEBSD_PKG_8579074C839F11ECA3B2005056A311D1.NASL", "GENTOO_GLSA-202105-22.NASL", "MYSQL_8_0_27.NASL", "NEWSTART_CGSL_NS-SA-2021-0106_LIBLDB.NASL", "NEWSTART_CGSL_NS-SA-2021-0130_LIBLDB.NASL", "NEWSTART_CGSL_NS-SA-2022-0027_LIBLDB.NASL", "OPENSUSE-2021-1182.NASL", "OPENSUSE-2021-2800.NASL", "OPENSUSE-2021-3187.NASL", "OPENSUSE-2021-469.NASL", "OPENSUSE-2021-636.NASL", "OPENSUSE-2022-0283-1.NASL", "ORACLELINUX_ELSA-2021-1072.NASL", "ORACLELINUX_ELSA-2021-1197.NASL", "ORACLELINUX_ELSA-2021-3576.NASL", "ORACLELINUX_ELSA-2022-0328.NASL", "ORACLELINUX_ELSA-2022-0332.NASL", "ORACLELINUX_ELSA-2022-2074.NASL", "PHOTONOS_PHSA-2021-3_0-0342_KRB5.NASL", "QNAP_QTS_QUTS_HERO_QSA-22-03.NASL", "REDHAT-RHSA-2021-1072.NASL", "REDHAT-RHSA-2021-1197.NASL", "REDHAT-RHSA-2021-1213.NASL", "REDHAT-RHSA-2021-1214.NASL", "REDHAT-RHSA-2021-2331.NASL", "REDHAT-RHSA-2021-2786.NASL", "REDHAT-RHSA-2021-3576.NASL", "REDHAT-RHSA-2022-0328.NASL", "REDHAT-RHSA-2022-0329.NASL", "REDHAT-RHSA-2022-0330.NASL", "REDHAT-RHSA-2022-0331.NASL", "REDHAT-RHSA-2022-0332.NASL", "REDHAT-RHSA-2022-0457.NASL", "REDHAT-RHSA-2022-0458.NASL", "REDHAT-RHSA-2022-0663.NASL", "REDHAT-RHSA-2022-0664.NASL", "REDHAT-RHSA-2022-1756.NASL", "REDHAT-RHSA-2022-2074.NASL", "ROCKY_LINUX_RLSA-2022-2074.NASL", "ROCKY_LINUX_RLSA-2022-332.NASL", "SAMBA_4_13_16.NASL", "SAMBA_4_14_2.NASL", "SAMBA_4_15_5.NASL", "SL_20220131_SAMBA_ON_SL7_X.NASL", "SUSE_SU-2021-0944-1.NASL", "SUSE_SU-2021-0945-1.NASL", "SUSE_SU-2021-1444-1.NASL", "SUSE_SU-2021-1498-1.NASL", "SUSE_SU-2021-2800-1.NASL", "SUSE_SU-2021-3187-1.NASL", "SUSE_SU-2022-0251-1.NASL", "SUSE_SU-2022-0252-1.NASL", "SUSE_SU-2022-0271-1.NASL", "SUSE_SU-2022-0283-1.NASL", "SUSE_SU-2022-0284-1.NASL", "SUSE_SU-2022-0287-1.NASL", "SUSE_SU-2022-0323-1.NASL", "SUSE_SU-2022-2134-1.NASL", "UBUNTU_USN-4888-1.NASL", "UBUNTU_USN-5260-1.NASL", "UBUNTU_USN-5260-2.NASL", "UBUNTU_USN-5260-3.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-1072", "ELSA-2021-1197", "ELSA-2021-3576", "ELSA-2022-0328", "ELSA-2022-0332", "ELSA-2022-2074"]}, {"type": "osv", "idList": ["OSV:CVE-2021-43566", "OSV:DLA-2611-1", "OSV:DSA-4884-1", "OSV:DSA-4944-1", "OSV:DSA-5071-1"]}, {"type": "paloalto", "idList": ["PA-CVE-2021-44142"]}, {"type": "photon", "idList": ["PHSA-2021-0139", "PHSA-2021-0342", "PHSA-2021-0455", "PHSA-2022-3.0-0342"]}, {"type": "redhat", "idList": ["RHSA-2021:1072", "RHSA-2021:1197", "RHSA-2021:1213", "RHSA-2021:1214", "RHSA-2021:2331", "RHSA-2021:2786", "RHSA-2021:3576", "RHSA-2021:3653", "RHSA-2021:3851", "RHSA-2021:3873", "RHSA-2021:3917", "RHSA-2021:3925", "RHSA-2021:3949", "RHSA-2021:4104", "RHSA-2021:4618", "RHSA-2021:4725", "RHSA-2021:4848", "RHSA-2021:4914", "RHSA-2022:0056", "RHSA-2022:0328", "RHSA-2022:0329", "RHSA-2022:0330", "RHSA-2022:0331", "RHSA-2022:0332", "RHSA-2022:0457", "RHSA-2022:0458", "RHSA-2022:0663", "RHSA-2022:0664", "RHSA-2022:1756", "RHSA-2022:2074", "RHSA-2022:5924"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-27840", "RH:CVE-2021-20277", "RH:CVE-2021-20316", "RH:CVE-2021-36222", "RH:CVE-2021-43566", "RH:CVE-2021-44141", "RH:CVE-2021-44142", "RH:CVE-2022-0336"]}, {"type": "rocky", "idList": ["RLBA-2021:4438", "RLSA-2022:2074", "RLSA-2022:332"]}, {"type": "samba", "idList": ["SAMBA:CVE-2020-27840", "SAMBA:CVE-2021-20277", "SAMBA:CVE-2021-43566", "SAMBA:CVE-2021-44141", "SAMBA:CVE-2021-44142", "SAMBA:CVE-2022-0336"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:0469-1", "OPENSUSE-SU-2021:0636-1", "OPENSUSE-SU-2021:1182-1", "OPENSUSE-SU-2021:2800-1", "OPENSUSE-SU-2021:3187-1", "OPENSUSE-SU-2022:0284-1", "OPENSUSE-SU-2022:0287-1", "SUSE-SU-2022:1396-1"]}, {"type": "thn", "idList": ["THN:61909FFAAC80372942BFAE32AACCD487"]}, {"type": "threatpost", "idList": ["THREATPOST:BC0CA0F92FAAD3AB1308DE070F2F66C8"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A6062F1BD1BD9B5493080D375AB7FA95"]}, {"type": "ubuntu", "idList": ["USN-4888-1", "USN-4888-2", "USN-5260-1", "USN-5260-2", "USN-5260-3"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-27840", "UB:CVE-2021-20277", "UB:CVE-2021-20316", "UB:CVE-2021-36222", "UB:CVE-2021-43566", "UB:CVE-2021-44141", "UB:CVE-2021-44142", "UB:CVE-2022-0336"]}, {"type": "veracode", "idList": ["VERACODE:29848", "VERACODE:29849", "VERACODE:31376", "VERACODE:33993", "VERACODE:33994", "VERACODE:33996", "VERACODE:34092", "VERACODE:35092"]}, {"type": "zdi", "idList": ["ZDI-22-244", "ZDI-22-245", "ZDI-22-246"]}]}, "score": {"value": 0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2021:1197", "ALSA-2022:0332"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2020-27840", "ALPINE:CVE-2021-20277"]}, {"type": "amazon", "idList": ["ALAS-2021-1494", "ALAS2-2021-1628"]}, {"type": "centos", "idList": ["CESA-2021:1072", "CESA-2022:0328"]}, {"type": "cert", "idList": ["VU:119678"]}, {"type": "cisa", "idList": ["CISA:07D5CC40C9E66F413405DC92522747C5", "CISA:B08E79D5864ADAC428776919C71C8778", "CISA:B53B7116C4E8239B47888D3AD39F7D1F"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:C597E2EA8E919F62FC3E9E5C918FE1B7"]}, {"type": "cve", "idList": ["CVE-2020-27840", "CVE-2021-20277", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2611-1:F1BEF", "DEBIAN:DSA-4884-1:8ACE0", "DEBIAN:DSA-4884-1:D6B31", "DEBIAN:DSA-4944-1:B2B8F"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-27840", "DEBIANCVE:CVE-2021-20277", "DEBIANCVE:CVE-2021-36222", "DEBIANCVE:CVE-2021-43566", "DEBIANCVE:CVE-2021-44141", "DEBIANCVE:CVE-2021-44142", "DEBIANCVE:CVE-2022-0336"]}, {"type": "f5", "idList": ["F5:K84695749"]}, {"type": "fedora", "idList": ["FEDORA:0DD873072EBE", "FEDORA:2C4A530E1962", "FEDORA:49AF8312EC07", "FEDORA:910E830F68E9", "FEDORA:B5FA731A66B6", "FEDORA:BAC3130A4CEB", "FEDORA:CD93C309E782", "FEDORA:D097930F7ECB", "FEDORA:E133C304C758"]}, {"type": "freebsd", "idList": ["1F6D97DA-8F72-11EB-B3F1-005056A311D1", "8579074C-839F-11EC-A3B2-005056A311D1"]}, {"type": "gentoo", "idList": ["GLSA-202105-22"]}, {"type": "ibm", "idList": ["EDCD7C6F942E7E7EFA18D0CD216C96A69DB9DA76E57B9A5EA2BC61796211528A"]}, {"type": "kaspersky", "idList": ["KLA12439", "KLA12440"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:353332AFBB6514EFED7F5F38820FFD50"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/AMAZON-LINUX-AMI-2-CVE-2021-20277/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP3-CVE-2021-20277/"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1628.NASL", "ALA_ALAS-2021-1494.NASL", "CENTOS8_RHSA-2021-1197.NASL", "CENTOS_RHSA-2021-1072.NASL", "CENTOS_RHSA-2022-0328.NASL", "DEBIAN_DLA-2611.NASL", "DEBIAN_DSA-4884.NASL", "DEBIAN_DSA-5071.NASL", "EULEROS_SA-2021-1811.NASL", "EULEROS_SA-2021-1846.NASL", "EULEROS_SA-2021-1961.NASL", "EULEROS_SA-2021-1968.NASL", "EULEROS_SA-2021-2222.NASL", "EULEROS_SA-2021-2229.NASL", "EULEROS_SA-2022-1071.NASL", "FEDORA_2021-1A8E93A285.NASL", "FEDORA_2021-C93A3A5D3F.NASL", "FREEBSD_PKG_1F6D97DA8F7211EBB3F1005056A311D1.NASL", "FREEBSD_PKG_8579074C839F11ECA3B2005056A311D1.NASL", "OPENSUSE-2021-469.NASL", "OPENSUSE-2021-636.NASL", "OPENSUSE-2022-0283-1.NASL", "ORACLELINUX_ELSA-2021-1072.NASL", "ORACLELINUX_ELSA-2021-1197.NASL", "ORACLELINUX_ELSA-2022-0328.NASL", "ORACLELINUX_ELSA-2022-0332.NASL", "PHOTONOS_PHSA-2021-3_0-0342_KRB5.NASL", "REDHAT-RHSA-2021-1072.NASL", "REDHAT-RHSA-2021-1197.NASL", "REDHAT-RHSA-2021-1213.NASL", "REDHAT-RHSA-2021-1214.NASL", "REDHAT-RHSA-2021-2331.NASL", "REDHAT-RHSA-2022-0328.NASL", "REDHAT-RHSA-2022-0329.NASL", "REDHAT-RHSA-2022-0330.NASL", "REDHAT-RHSA-2022-0331.NASL", "REDHAT-RHSA-2022-0332.NASL", "SAMBA_4_15_5.NASL", "SL_20220131_SAMBA_ON_SL7_X.NASL", "SUSE_SU-2021-0944-1.NASL", "SUSE_SU-2021-0945-1.NASL", "SUSE_SU-2021-1444-1.NASL", "SUSE_SU-2021-1498-1.NASL", "SUSE_SU-2022-0252-1.NASL", "SUSE_SU-2022-0271-1.NASL", "SUSE_SU-2022-0283-1.NASL", "SUSE_SU-2022-0284-1.NASL", "SUSE_SU-2022-0287-1.NASL", "UBUNTU_USN-4888-1.NASL", "UBUNTU_USN-5260-1.NASL", "UBUNTU_USN-5260-2.NASL", "UBUNTU_USN-5260-3.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-1072", "ELSA-2021-1197", "ELSA-2022-0328", "ELSA-2022-0332"]}, {"type": "paloalto", "idList": ["PA-CVE-2021-44142"]}, {"type": "photon", "idList": ["PHSA-2022-3.0-0342"]}, {"type": "redhat", "idList": ["RHSA-2021:2331", "RHSA-2022:0328", "RHSA-2022:0329", "RHSA-2022:0330", "RHSA-2022:0331", "RHSA-2022:0332"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-27840", "RH:CVE-2021-20277", "RH:CVE-2021-36222", "RH:CVE-2021-44141", "RH:CVE-2021-44142", "RH:CVE-2022-0336"]}, {"type": "rocky", "idList": ["RLSA-2022:332"]}, {"type": "samba", "idList": ["SAMBA:CVE-2021-44141", "SAMBA:CVE-2021-44142"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:0469-1", "OPENSUSE-SU-2021:0636-1", "OPENSUSE-SU-2022:0284-1", "OPENSUSE-SU-2022:0287-1"]}, {"type": "thn", "idList": ["THN:61909FFAAC80372942BFAE32AACCD487"]}, {"type": "threatpost", "idList": ["THREATPOST:BC0CA0F92FAAD3AB1308DE070F2F66C8"]}, {"type": "ubuntu", "idList": ["USN-4888-1", "USN-4888-2", "USN-5260-1", "USN-5260-2", "USN-5260-3"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-27840", "UB:CVE-2021-20277", "UB:CVE-2021-20316", "UB:CVE-2021-43566", "UB:CVE-2021-44141", "UB:CVE-2021-44142", "UB:CVE-2022-0336"]}, {"type": "zdi", "idList": ["ZDI-22-244", "ZDI-22-245", "ZDI-22-246"]}]}, "exploitation": null, "vulnersScore": 0.1}, "_state": {"dependencies": 1667736851, "score": 1667738515}, "_internal": {"score_hash": "307146f37244d11a84c7500087c0fa6b"}, "affectedPackage": [{"OS": "openSUSE Leap", "OSVersion": "15.3", "arch": "aarch64", "operator": "lt", "packageVersion": "- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):", "packageFilename": "- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.aarch64.rpm", "packageName": ""}, {"OS": "openSUSE Leap", "OSVersion": "15.3", "arch": "ppc64le", "operator": "lt", "packageVersion": "- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):", "packageFilename": "- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm", "packageName": ""}, {"OS": "openSUSE Leap", "OSVersion": "15.3", "arch": "s390x", "operator": "lt", "packageVersion": "- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):", "packageFilename": "- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.s390x.rpm", "packageName": ""}, {"OS": "openSUSE Leap", "OSVersion": "15.3", "arch": "x86_64", "operator": "lt", "packageVersion": "- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):", "packageFilename": "- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.x86_64.rpm", "packageName": ""}, {"OS": "openSUSE Leap", "OSVersion": "15.3", "arch": "aarch64", "operator": "lt", "packageVersion": "- openSUSE Leap 15.3 (aarch64 x86_64):", "packageFilename": "- openSUSE Leap 15.3 (aarch64 x86_64):.aarch64.rpm", "packageName": ""}, {"OS": "openSUSE Leap", "OSVersion": "15.3", "arch": "x86_64", "operator": "lt", "packageVersion": "- openSUSE Leap 15.3 (aarch64 x86_64):", "packageFilename": "- openSUSE Leap 15.3 (aarch64 x86_64):.x86_64.rpm", "packageName": ""}, {"OS": "openSUSE Leap", "OSVersion": "15.3", "arch": "aarch64_ilp32", "operator": "lt", "packageVersion": "- openSUSE Leap 15.3 (aarch64_ilp32):", "packageFilename": "- openSUSE Leap 15.3 (aarch64_ilp32):.aarch64_ilp32.rpm", "packageName": ""}, {"OS": "openSUSE Leap", "OSVersion": "15.3", "arch": "noarch", "operator": "lt", "packageVersion": "- openSUSE Leap 15.3 (noarch):", "packageFilename": "- openSUSE Leap 15.3 (noarch):.noarch.rpm", "packageName": ""}, {"OS": "openSUSE Leap", "OSVersion": "15.3", "arch": "x86_64", "operator": "lt", "packageVersion": "- openSUSE Leap 15.3 (x86_64):", "packageFilename": "- openSUSE Leap 15.3 (x86_64):.x86_64.rpm", "packageName": ""}]}

{"nessus": [{"lastseen": "2023-02-02T22:11:10", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0283-1 advisory.\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\n - ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. (CVE-2021-36222)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Clients that have write access to the exported part of the file system under a share via SMB1 unix extensions or via NFS can create symlinks that point to arbitrary files or directories on the server filesystem. Clients can then use SMB1 unix extension information queries to determine if the target of the symlink exists or not by examining error codes returned from the smbd server. There is no ability to access these files or directories, only to determine if they exist or not. If SMB1 is turned off and only SMB2 is used, or unix extensions are not enabled then there is no way to discover if a symlink points to a valid target or not via SMB2. For this reason, even if symlinks are created via NFS, if the Samba server does not allow SMB1 with unix extensions there is no way to exploit this bug. Finding out what files or directories exist on a file server can help attackers guess system user names or the exact operating system release and applications running on the server hosting Samba which may help mount further attacks. SMB1 has been disabled on Samba since version 4.11.0 and onwards. Exploitation of this bug has not been seen in the wild. (CVE-2021-44141)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-02T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : samba (openSUSE-SU-2022:0283-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277", "CVE-2021-20316", "CVE-2021-36222", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-11-08T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_apparmor", "p-cpe:/a:novell:opensuse:apparmor-abstractions", "p-cpe:/a:novell:opensuse:apparmor-parser", "p-cpe:/a:novell:opensuse:apparmor-parser-lang", "p-cpe:/a:novell:opensuse:apparmor-profiles", "p-cpe:/a:novell:opensuse:apparmor-utils", "p-cpe:/a:novell:opensuse:apparmor-utils-lang", "p-cpe:/a:novell:opensuse:ctdb", "p-cpe:/a:novell:opensuse:ctdb-pcp-pmda", "p-cpe:/a:novell:opensuse:krb5", "p-cpe:/a:novell:opensuse:krb5-32bit", "p-cpe:/a:novell:opensuse:krb5-client", "p-cpe:/a:novell:opensuse:krb5-devel", "p-cpe:/a:novell:opensuse:krb5-devel-32bit", "p-cpe:/a:novell:opensuse:krb5-mini", "p-cpe:/a:novell:opensuse:krb5-mini-devel", "p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap", "p-cpe:/a:novell:opensuse:krb5-plugin-preauth-otp", "p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit", "p-cpe:/a:novell:opensuse:krb5-plugin-preauth-spake", "p-cpe:/a:novell:opensuse:krb5-server", "p-cpe:/a:novell:opensuse:ldb-tools", "p-cpe:/a:novell:opensuse:libapparmor-devel", "p-cpe:/a:novell:opensuse:libapparmor1", "p-cpe:/a:novell:opensuse:libapparmor1-32bit", "p-cpe:/a:novell:opensuse:libipa_hbac-devel", "p-cpe:/a:novell:opensuse:libipa_hbac0", "p-cpe:/a:novell:opensuse:libldb-devel", "p-cpe:/a:novell:opensuse:libldb2", "p-cpe:/a:novell:opensuse:libldb2-32bit", "p-cpe:/a:novell:opensuse:libnfsidmap-sss", "p-cpe:/a:novell:opensuse:libsamba-policy-devel", "p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit", "p-cpe:/a:novell:opensuse:libsamba-policy0-python3-64bit", "p-cpe:/a:novell:opensuse:libsss_certmap-devel", "p-cpe:/a:novell:opensuse:libsss_certmap0", "p-cpe:/a:novell:opensuse:libsss_idmap-devel", "p-cpe:/a:novell:opensuse:libsss_idmap0", "p-cpe:/a:novell:opensuse:libsss_nss_idmap-devel", "p-cpe:/a:novell:opensuse:libsss_nss_idmap0", "p-cpe:/a:novell:opensuse:libsss_simpleifp-devel", "p-cpe:/a:novell:opensuse:libsss_simpleifp0", "p-cpe:/a:novell:opensuse:libtalloc-devel", "p-cpe:/a:novell:opensuse:libtalloc2", "p-cpe:/a:novell:opensuse:libtalloc2-32bit", "p-cpe:/a:novell:opensuse:libtdb-devel", "p-cpe:/a:novell:opensuse:libtdb1", "p-cpe:/a:novell:opensuse:libtdb1-32bit", "p-cpe:/a:novell:opensuse:libtevent-devel", "p-cpe:/a:novell:opensuse:libtevent0", "p-cpe:/a:novell:opensuse:libtevent0-32bit", "p-cpe:/a:novell:opensuse:pam_apparmor", "p-cpe:/a:novell:opensuse:pam_apparmor-32bit", "p-cpe:/a:novell:opensuse:perl-apparmor", "p-cpe:/a:novell:opensuse:python3-apparmor", "p-cpe:/a:novell:opensuse:python3-ipa_hbac", "p-cpe:/a:novell:opensuse:python3-ldb", "p-cpe:/a:novell:opensuse:python3-ldb-32bit", "p-cpe:/a:novell:opensuse:python3-ldb-devel", "p-cpe:/a:novell:opensuse:python3-sss-murmur", "p-cpe:/a:novell:opensuse:python3-sss_nss_idmap", "p-cpe:/a:novell:opensuse:python3-sssd-config", "p-cpe:/a:novell:opensuse:python3-talloc", "p-cpe:/a:novell:opensuse:python3-talloc-32bit", "p-cpe:/a:novell:opensuse:python3-talloc-devel", "p-cpe:/a:novell:opensuse:python3-tdb", "p-cpe:/a:novell:opensuse:python3-tdb-32bit", "p-cpe:/a:novell:opensuse:python3-tevent", "p-cpe:/a:novell:opensuse:python3-tevent-32bit", "p-cpe:/a:novell:opensuse:ruby-apparmor", "p-cpe:/a:novell:opensuse:samba", "p-cpe:/a:novell:opensuse:samba-ad-dc", "p-cpe:/a:novell:opensuse:samba-ad-dc-libs", "p-cpe:/a:novell:opensuse:samba-ad-dc-libs-32bit", "p-cpe:/a:novell:opensuse:samba-ceph", "p-cpe:/a:novell:opensuse:samba-client", "p-cpe:/a:novell:opensuse:samba-client-32bit", "p-cpe:/a:novell:opensuse:samba-client-64bit", "p-cpe:/a:novell:opensuse:samba-client-libs", "p-cpe:/a:novell:opensuse:samba-client-libs-32bit", "p-cpe:/a:novell:opensuse:samba-devel", "p-cpe:/a:novell:opensuse:samba-devel-32bit", "p-cpe:/a:novell:opensuse:samba-dsdb-modules", "p-cpe:/a:novell:opensuse:samba-gpupdate", "p-cpe:/a:novell:opensuse:samba-ldb-ldap", "p-cpe:/a:novell:opensuse:samba-libs", "p-cpe:/a:novell:opensuse:samba-libs-32bit", "p-cpe:/a:novell:opensuse:samba-libs-64bit", "p-cpe:/a:novell:opensuse:samba-libs-python3", "p-cpe:/a:novell:opensuse:samba-libs-python3-32bit", "p-cpe:/a:novell:opensuse:samba-libs-python3-64bit", "p-cpe:/a:novell:opensuse:samba-python3", "p-cpe:/a:novell:opensuse:samba-test", "p-cpe:/a:novell:opensuse:samba-tool", "p-cpe:/a:novell:opensuse:samba-winbind", "p-cpe:/a:novell:opensuse:samba-winbind-libs", "p-cpe:/a:novell:opensuse:samba-winbind-libs-32bit", "p-cpe:/a:novell:opensuse:sssd", "p-cpe:/a:novell:opensuse:sssd-ad", "p-cpe:/a:novell:opensuse:sssd-common", "p-cpe:/a:novell:opensuse:sssd-dbus", "p-cpe:/a:novell:opensuse:sssd-ipa", "p-cpe:/a:novell:opensuse:sssd-krb5", "p-cpe:/a:novell:opensuse:sssd-krb5-common", "p-cpe:/a:novell:opensuse:sssd-ldap", "p-cpe:/a:novell:opensuse:sssd-proxy", "p-cpe:/a:novell:opensuse:sssd-tools", "p-cpe:/a:novell:opensuse:sssd-wbclient", "p-cpe:/a:novell:opensuse:sssd-wbclient-devel", "p-cpe:/a:novell:opensuse:sssd-winbind-idmap", "p-cpe:/a:novell:opensuse:talloc-man", "p-cpe:/a:novell:opensuse:tdb-tools", "p-cpe:/a:novell:opensuse:tevent-man", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0283-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157325", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0283-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157325);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/08\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\",\n \"CVE-2021-20316\",\n \"CVE-2021-36222\",\n \"CVE-2021-43566\",\n \"CVE-2021-44141\",\n \"CVE-2021-44142\",\n \"CVE-2022-0336\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0487\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n script_xref(name:\"IAVB\", value:\"2021-B-0054-S\");\n\n script_name(english:\"openSUSE 15 Security Update : samba (openSUSE-SU-2022:0283-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0283-1 advisory.\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to\n an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The\n highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\n - ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before\n 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon\n crash. This occurs because a return value is not properly managed in a certain situation. (CVE-2021-36222)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Clients that\n have write access to the exported part of the file system under a share via SMB1 unix extensions or via\n NFS can create symlinks that point to arbitrary files or directories on the server filesystem. Clients can\n then use SMB1 unix extension information queries to determine if the target of the symlink exists or not\n by examining error codes returned from the smbd server. There is no ability to access these files or\n directories, only to determine if they exist or not. If SMB1 is turned off and only SMB2 is used, or unix\n extensions are not enabled then there is no way to discover if a symlink points to a valid target or not\n via SMB2. For this reason, even if symlinks are created via NFS, if the Samba server does not allow SMB1\n with unix extensions there is no way to exploit this bug. Finding out what files or directories exist on a\n file server can help attackers guess system user names or the exact operating system release and\n applications running on the server hosting Samba which may help mount further attacks. SMB1 has been\n disabled on Samba since version 4.11.0 and onwards. Exploitation of this bug has not been seen in the\n wild. (CVE-2021-44141)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution\n (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that\n SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an\n account modification re-adds an SPN that was previously present on that account, such as one added when a\n computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to\n perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an\n attacker who can intercept traffic can impersonate existing services, resulting in a loss of\n confidentiality and integrity. (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1139519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183574\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1188571\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194859\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195048\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/72ZRNFZ3DE3TJA7HFCVV476YJN6I4B5M/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dafccda9\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27840\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20277\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-36222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-43566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0336\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-abstractions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-parser-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-profiles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apparmor-utils-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-otp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-spake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapparmor-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapparmor1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapparmor1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipa_hbac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipa_hbac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnfsidmap-sss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsamba-policy0-python3-64bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_certmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_certmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_nss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_nss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_simpleifp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsss_simpleifp0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtalloc2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtdb1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtevent0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam_apparmor-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ipa_hbac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-sss-murmur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-sss_nss_idmap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-sssd-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-talloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-talloc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-talloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tdb-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tevent-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ad-dc-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-64bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-client-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-gpupdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-ldb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-64bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-libs-python3-64bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:samba-winbind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-ad\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-ipa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-krb5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-wbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-wbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:sssd-winbind-idmap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:talloc-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tdb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tevent-man\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'apache2-mod_apparmor-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-abstractions-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-parser-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-parser-lang-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-profiles-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-utils-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apparmor-utils-lang-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-pcp-pmda-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-32bit-1.19.2-150300.8.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-client-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-devel-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-devel-32bit-1.19.2-150300.8.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-mini-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-mini-devel-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-plugin-kdb-ldap-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-plugin-preauth-otp-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-plugin-preauth-pkinit-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-plugin-preauth-spake-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'krb5-server-1.19.2-150300.8.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ldb-tools-2.4.1-150300.3.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libapparmor-devel-2.13.6-150300.3.11.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libapparmor1-2.13.6-150300.3.11.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libapparmor1-32bit-2.13.6-150300.3.11.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libipa_hbac-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libipa_hbac0-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libldb-devel-2.4.1-150300.3.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libldb2-2.4.1-150300.3.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libldb2-32bit-2.4.1-150300.3.10.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnfsidmap-sss-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsamba-policy-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsamba-policy-python3-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsamba-policy0-python3-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsamba-policy0-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsamba-policy0-python3-64bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'aarch64_ilp32', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_certmap-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_certmap0-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_idmap-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_idmap0-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_nss_idmap-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_nss_idmap0-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_simpleifp-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsss_simpleifp0-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtalloc-devel-2.3.3-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtalloc2-2.3.3-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtalloc2-32bit-2.3.3-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtdb-devel-1.4.4-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtdb1-1.4.4-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtdb1-32bit-1.4.4-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtevent-devel-0.11.0-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtevent0-0.11.0-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtevent0-32bit-0.11.0-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pam_apparmor-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pam_apparmor-32bit-2.13.6-150300.3.11.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-apparmor-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-apparmor-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-ipa_hbac-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-ldb-2.4.1-150300.3.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-ldb-32bit-2.4.1-150300.3.10.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-ldb-devel-2.4.1-150300.3.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sss-murmur-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sss_nss_idmap-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sssd-config-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-talloc-2.3.3-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-talloc-32bit-2.3.3-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-talloc-devel-2.3.3-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tdb-1.4.4-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tdb-32bit-1.4.4-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tevent-0.11.0-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tevent-32bit-0.11.0-150300.3.3.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-apparmor-2.13.6-150300.3.11.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ad-dc-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ad-dc-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ad-dc-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-64bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'aarch64_ilp32', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-dsdb-modules-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-gpupdate-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-ldb-ldap-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-64bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'aarch64_ilp32', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-python3-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-python3-64bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'aarch64_ilp32', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-tool-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-ad-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-common-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-dbus-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-ipa-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-krb5-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-krb5-common-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-ldap-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-proxy-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-tools-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-wbclient-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-wbclient-devel-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sssd-winbind-idmap-1.16.1-150300.23.17.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'talloc-man-2.3.3-150300.3.3.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tdb-tools-1.4.4-150300.3.3.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tevent-man-0.11.0-150300.3.3.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2-mod_apparmor / apparmor-abstractions / apparmor-parser / etc');\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T14:59:30", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0283-1 advisory.\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\n - ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. (CVE-2021-36222)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Clients that have write access to the exported part of the file system under a share via SMB1 unix extensions or via NFS can create symlinks that point to arbitrary files or directories on the server filesystem. Clients can then use SMB1 unix extension information queries to determine if the target of the symlink exists or not by examining error codes returned from the smbd server. There is no ability to access these files or directories, only to determine if they exist or not. If SMB1 is turned off and only SMB2 is used, or unix extensions are not enabled then there is no way to discover if a symlink points to a valid target or not via SMB2. For this reason, even if symlinks are created via NFS, if the Samba server does not allow SMB1 with unix extensions there is no way to exploit this bug. Finding out what files or directories exist on a file server can help attackers guess system user names or the exact operating system release and applications running on the server hosting Samba which may help mount further attacks. SMB1 has been disabled on Samba since version 4.11.0 and onwards. Exploitation of this bug has not been seen in the wild. (CVE-2021-44141)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2022:0283-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277", "CVE-2021-20316", "CVE-2021-36222", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-11-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_apparmor", "p-cpe:/a:novell:suse_linux:apparmor-abstractions", "p-cpe:/a:novell:suse_linux:apparmor-docs", "p-cpe:/a:novell:suse_linux:apparmor-parser", "p-cpe:/a:novell:suse_linux:apparmor-parser-lang", "p-cpe:/a:novell:suse_linux:apparmor-profiles", "p-cpe:/a:novell:suse_linux:apparmor-utils", "p-cpe:/a:novell:suse_linux:apparmor-utils-lang", "p-cpe:/a:novell:suse_linux:ctdb", "p-cpe:/a:novell:suse_linux:krb5", "p-cpe:/a:novell:suse_linux:krb5-32bit", "p-cpe:/a:novell:suse_linux:krb5-client", "p-cpe:/a:novell:suse_linux:krb5-devel", "p-cpe:/a:novell:suse_linux:krb5-plugin-kdb-ldap", "p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-otp", "p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-pkinit", "p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-spake", "p-cpe:/a:novell:suse_linux:krb5-server", "p-cpe:/a:novell:suse_linux:ldb-tools", "p-cpe:/a:novell:suse_linux:libapparmor-devel", "p-cpe:/a:novell:suse_linux:libapparmor1", "p-cpe:/a:novell:suse_linux:libapparmor1-32bit", "p-cpe:/a:novell:suse_linux:libipa_hbac-devel", "p-cpe:/a:novell:suse_linux:libipa_hbac0", "p-cpe:/a:novell:suse_linux:libldb-devel", "p-cpe:/a:novell:suse_linux:libldb2", "p-cpe:/a:novell:suse_linux:libldb2-32bit", "p-cpe:/a:novell:suse_linux:libsamba-policy-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy0-python3", "p-cpe:/a:novell:suse_linux:libsss_certmap-devel", "p-cpe:/a:novell:suse_linux:libsss_certmap0", "p-cpe:/a:novell:suse_linux:libsss_idmap-devel", "p-cpe:/a:novell:suse_linux:libsss_idmap0", "p-cpe:/a:novell:suse_linux:libsss_nss_idmap-devel", "p-cpe:/a:novell:suse_linux:libsss_nss_idmap0", "p-cpe:/a:novell:suse_linux:libsss_simpleifp-devel", "p-cpe:/a:novell:suse_linux:libsss_simpleifp0", "p-cpe:/a:novell:suse_linux:libtalloc-devel", "p-cpe:/a:novell:suse_linux:libtalloc2", "p-cpe:/a:novell:suse_linux:libtalloc2-32bit", "p-cpe:/a:novell:suse_linux:libtdb-devel", "p-cpe:/a:novell:suse_linux:libtdb1", "p-cpe:/a:novell:suse_linux:libtdb1-32bit", "p-cpe:/a:novell:suse_linux:libtevent-devel", "p-cpe:/a:novell:suse_linux:libtevent0", "p-cpe:/a:novell:suse_linux:libtevent0-32bit", "p-cpe:/a:novell:suse_linux:pam_apparmor", "p-cpe:/a:novell:suse_linux:pam_apparmor-32bit", "p-cpe:/a:novell:suse_linux:perl-apparmor", "p-cpe:/a:novell:suse_linux:python3-apparmor", "p-cpe:/a:novell:suse_linux:python3-ldb", "p-cpe:/a:novell:suse_linux:python3-ldb-devel", "p-cpe:/a:novell:suse_linux:python3-sssd-config", "p-cpe:/a:novell:suse_linux:python3-talloc", "p-cpe:/a:novell:suse_linux:python3-talloc-devel", "p-cpe:/a:novell:suse_linux:python3-tdb", "p-cpe:/a:novell:suse_linux:python3-tevent", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-ad-dc", "p-cpe:/a:novell:suse_linux:samba-ad-dc-libs", "p-cpe:/a:novell:suse_linux:samba-ad-dc-libs-32bit", "p-cpe:/a:novell:suse_linux:samba-ceph", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-32bit", "p-cpe:/a:novell:suse_linux:samba-client-libs", "p-cpe:/a:novell:suse_linux:samba-client-libs-32bit", "p-cpe:/a:novell:suse_linux:samba-devel", "p-cpe:/a:novell:suse_linux:samba-devel-32bit", "p-cpe:/a:novell:suse_linux:samba-dsdb-modules", "p-cpe:/a:novell:suse_linux:samba-gpupdate", "p-cpe:/a:novell:suse_linux:samba-ldb-ldap", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-32bit", "p-cpe:/a:novell:suse_linux:samba-libs-python3", "p-cpe:/a:novell:suse_linux:samba-python3", "p-cpe:/a:novell:suse_linux:samba-tool", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-libs", "p-cpe:/a:novell:suse_linux:samba-winbind-libs-32bit", "p-cpe:/a:novell:suse_linux:sssd", "p-cpe:/a:novell:suse_linux:sssd-ad", "p-cpe:/a:novell:suse_linux:sssd-common", "p-cpe:/a:novell:suse_linux:sssd-dbus", "p-cpe:/a:novell:suse_linux:sssd-ipa", "p-cpe:/a:novell:suse_linux:sssd-krb5", "p-cpe:/a:novell:suse_linux:sssd-krb5-common", "p-cpe:/a:novell:suse_linux:sssd-ldap", "p-cpe:/a:novell:suse_linux:sssd-proxy", "p-cpe:/a:novell:suse_linux:sssd-tools", "p-cpe:/a:novell:suse_linux:sssd-winbind-idmap", "p-cpe:/a:novell:suse_linux:talloc-man", "p-cpe:/a:novell:suse_linux:tdb-tools", "p-cpe:/a:novell:suse_linux:tevent-man", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0283-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157307", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0283-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157307);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/08\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\",\n \"CVE-2021-20316\",\n \"CVE-2021-36222\",\n \"CVE-2021-43566\",\n \"CVE-2021-44141\",\n \"CVE-2021-44142\",\n \"CVE-2022-0336\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0283-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0487\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n script_xref(name:\"IAVB\", value:\"2021-B-0054-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2022:0283-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0283-1 advisory.\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to\n an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The\n highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\n - ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before\n 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon\n crash. This occurs because a return value is not properly managed in a certain situation. (CVE-2021-36222)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Clients that\n have write access to the exported part of the file system under a share via SMB1 unix extensions or via\n NFS can create symlinks that point to arbitrary files or directories on the server filesystem. Clients can\n then use SMB1 unix extension information queries to determine if the target of the symlink exists or not\n by examining error codes returned from the smbd server. There is no ability to access these files or\n directories, only to determine if they exist or not. If SMB1 is turned off and only SMB2 is used, or unix\n extensions are not enabled then there is no way to discover if a symlink points to a valid target or not\n via SMB2. For this reason, even if symlinks are created via NFS, if the Samba server does not allow SMB1\n with unix extensions there is no way to exploit this bug. Finding out what files or directories exist on a\n file server can help attackers guess system user names or the exact operating system release and\n applications running on the server hosting Samba which may help mount further attacks. SMB1 has been\n disabled on Samba since version 4.11.0 and onwards. Exploitation of this bug has not been seen in the\n wild. (CVE-2021-44141)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution\n (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that\n SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an\n account modification re-adds an SPN that was previously present on that account, such as one added when a\n computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to\n perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an\n attacker who can intercept traffic can impersonate existing services, resulting in a loss of\n confidentiality and integrity. (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1139519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183574\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1188571\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194859\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195048\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010164.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?105ef610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27840\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20277\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-36222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-43566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0336\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-abstractions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-parser-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-profiles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-utils-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-plugin-kdb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-otp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-plugin-preauth-spake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libipa_hbac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libipa_hbac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_certmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_certmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_nss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_nss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_simpleifp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_simpleifp0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtalloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtalloc2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtalloc2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtdb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtdb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtdb1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtevent0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pam_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pam_apparmor-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-sssd-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-talloc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-talloc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-tdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-tevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ad-dc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ad-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ad-dc-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ceph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-gpupdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ldb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ad\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ipa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-krb5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-winbind-idmap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:talloc-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tdb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tevent-man\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'ctdb-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-ha-release-15.3'},\n {'reference':'apparmor-abstractions-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-abstractions-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-docs-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-docs-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-parser-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-parser-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-parser-lang-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-parser-lang-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-profiles-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-profiles-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-utils-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-utils-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-utils-lang-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apparmor-utils-lang-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-32bit-1.19.2-150300.8.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-32bit-1.19.2-150300.8.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-client-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-client-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-devel-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-devel-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-otp-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-otp-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-pkinit-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-pkinit-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-spake-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'krb5-plugin-preauth-spake-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'ldb-tools-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'ldb-tools-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor-devel-2.13.6-150300.3.11.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor-devel-2.13.6-150300.3.11.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor1-2.13.6-150300.3.11.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor1-2.13.6-150300.3.11.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor1-32bit-2.13.6-150300.3.11.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libapparmor1-32bit-2.13.6-150300.3.11.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libipa_hbac-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libipa_hbac-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libipa_hbac0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libipa_hbac0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb-devel-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb-devel-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb2-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb2-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb2-32bit-2.4.1-150300.3.10.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libldb2-32bit-2.4.1-150300.3.10.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy-python3-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy-python3-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy0-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsamba-policy0-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_certmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_certmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_certmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_certmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_idmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_idmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_idmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_idmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_nss_idmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_nss_idmap0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_simpleifp-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_simpleifp-devel-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_simpleifp0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libsss_simpleifp0-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc-devel-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc-devel-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc2-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc2-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc2-32bit-2.3.3-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtalloc2-32bit-2.3.3-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb-devel-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb-devel-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb1-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb1-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb1-32bit-1.4.4-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtdb1-32bit-1.4.4-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent-devel-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent-devel-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent0-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent0-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent0-32bit-0.11.0-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'libtevent0-32bit-0.11.0-150300.3.3.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'pam_apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'pam_apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'pam_apparmor-32bit-2.13.6-150300.3.11.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'pam_apparmor-32bit-2.13.6-150300.3.11.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'perl-apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'perl-apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-ldb-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-ldb-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-ldb-devel-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-ldb-devel-2.4.1-150300.3.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-sssd-config-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-sssd-config-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-talloc-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-talloc-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-talloc-devel-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-talloc-devel-2.3.3-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-tdb-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-tdb-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-tevent-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'python3-tevent-0.11.0-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ad-dc-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ad-dc-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ad-dc-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ad-dc-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ceph-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-client-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-devel-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-devel-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-dsdb-modules-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-dsdb-modules-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-gpupdate-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-gpupdate-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ldb-ldap-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ldb-ldap-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-libs-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-python3-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-tool-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-tool-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-libs-32bit-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-winbind-libs-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ad-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ad-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-common-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-common-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-dbus-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-dbus-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ipa-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ipa-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-krb5-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-krb5-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-krb5-common-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-krb5-common-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ldap-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-ldap-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-proxy-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-proxy-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-tools-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-tools-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-winbind-idmap-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'sssd-winbind-idmap-1.16.1-150300.23.17.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'talloc-man-2.3.3-150300.3.3.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'talloc-man-2.3.3-150300.3.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'tdb-tools-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'tdb-tools-1.4.4-150300.3.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'tevent-man-0.11.0-150300.3.3.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'tevent-man-0.11.0-150300.3.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'samba-ad-dc-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-python2-release-15.3'},\n {'reference':'samba-ad-dc-4.15.4+git.324.8332acf1a63-150300.3.25.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-python2-release-15.3'},\n {'reference':'apache2-mod_apparmor-2.13.6-150300.3.11.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'krb5-plugin-kdb-ldap-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'krb5-server-1.19.2-150300.8.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2-mod_apparmor / apparmor-abstractions / apparmor-docs / etc');\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-02T22:11:10", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 8579074c-839f-11ec-a3b2-005056a311d1 advisory.\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide ...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-02T00:00:00", "type": "nessus", "title": "FreeBSD : samba -- Multiple Vulnerabilities (8579074c-839f-11ec-a3b2-005056a311d1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2022-11-08T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:samba413", "p-cpe:/a:freebsd:freebsd:samba414", "p-cpe:/a:freebsd:freebsd:samba415", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_8579074C839F11ECA3B2005056A311D1.NASL", "href": "https://www.tenable.com/plugins/nessus/157319", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157319);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/08\");\n\n script_cve_id(\n \"CVE-2021-43566\",\n \"CVE-2021-44141\",\n \"CVE-2021-44142\",\n \"CVE-2022-0336\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n\n script_name(english:\"FreeBSD : samba -- Multiple Vulnerabilities (8579074c-839f-11ec-a3b2-005056a311d1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 8579074c-839f-11ec-a3b2-005056a311d1 advisory.\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide ...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-43566.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-44141.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-44142.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2022-0336.html\");\n # https://vuxml.freebsd.org/freebsd/8579074c-839f-11ec-a3b2-005056a311d1.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fb46416f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba413\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba414\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba415\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"III\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'samba413<4.13.17',\n 'samba414<4.14.12',\n 'samba415<4.15.5'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:39:05", "description": "The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0323-1 advisory.\n\n - An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc. (CVE-2020-29361)\n\n - All versions of Samba prior to 4.15.0 are vulnerable to a malicious client using an SMB1 or NFS symlink race to allow filesystem metadata to be accessed in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-20316)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba Team reports: (CVE-2021-44141, CVE-2022-0336)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-04T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2022:0323-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25721", "CVE-2020-29361", "CVE-2021-20316", "CVE-2021-43566", "CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_apparmor", "p-cpe:/a:novell:suse_linux:apparmor-docs", "p-cpe:/a:novell:suse_linux:apparmor-parser", "p-cpe:/a:novell:suse_linux:apparmor-profiles", "p-cpe:/a:novell:suse_linux:apparmor-utils", "p-cpe:/a:novell:suse_linux:ca-certificates", "p-cpe:/a:novell:suse_linux:ctdb", "p-cpe:/a:novell:suse_linux:libapparmor-devel", "p-cpe:/a:novell:suse_linux:libapparmor1", "p-cpe:/a:novell:suse_linux:libapparmor1-32bit", "p-cpe:/a:novell:suse_linux:libgnutls30", "p-cpe:/a:novell:suse_linux:libgnutls30-32bit", "p-cpe:/a:novell:suse_linux:libhogweed4", "p-cpe:/a:novell:suse_linux:libhogweed4-32bit", "p-cpe:/a:novell:suse_linux:libipa_hbac-devel", "p-cpe:/a:novell:suse_linux:libipa_hbac0", "p-cpe:/a:novell:suse_linux:libnettle6", "p-cpe:/a:novell:suse_linux:libnettle6-32bit", "p-cpe:/a:novell:suse_linux:libp11-kit0", "p-cpe:/a:novell:suse_linux:libp11-kit0-32bit", "p-cpe:/a:novell:suse_linux:libsamba-policy-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel", "p-cpe:/a:novell:suse_linux:libsamba-policy0-python3", "p-cpe:/a:novell:suse_linux:libsamba-policy0-python3-32bit", "p-cpe:/a:novell:suse_linux:libsss_certmap0", "p-cpe:/a:novell:suse_linux:libsss_idmap-devel", "p-cpe:/a:novell:suse_linux:libsss_idmap0", "p-cpe:/a:novell:suse_linux:libsss_nss_idmap-devel", "p-cpe:/a:novell:suse_linux:libsss_nss_idmap0", "p-cpe:/a:novell:suse_linux:libsss_simpleifp0", "p-cpe:/a:novell:suse_linux:p11-kit", "p-cpe:/a:novell:suse_linux:p11-kit-32bit", "p-cpe:/a:novell:suse_linux:p11-kit-devel", "p-cpe:/a:novell:suse_linux:p11-kit-nss-trust", "p-cpe:/a:novell:suse_linux:p11-kit-tools", "p-cpe:/a:novell:suse_linux:pam_apparmor", "p-cpe:/a:novell:suse_linux:pam_apparmor-32bit", "p-cpe:/a:novell:suse_linux:perl-apparmor", "p-cpe:/a:novell:suse_linux:python-sssd-config", "p-cpe:/a:novell:suse_linux:samba", "p-cpe:/a:novell:suse_linux:samba-client", "p-cpe:/a:novell:suse_linux:samba-client-32bit", "p-cpe:/a:novell:suse_linux:samba-client-libs", "p-cpe:/a:novell:suse_linux:samba-client-libs-32bit", "p-cpe:/a:novell:suse_linux:samba-devel", "p-cpe:/a:novell:suse_linux:samba-devel-32bit", "p-cpe:/a:novell:suse_linux:samba-doc", "p-cpe:/a:novell:suse_linux:samba-ldb-ldap", "p-cpe:/a:novell:suse_linux:samba-libs", "p-cpe:/a:novell:suse_linux:samba-libs-32bit", "p-cpe:/a:novell:suse_linux:samba-libs-python3", "p-cpe:/a:novell:suse_linux:samba-libs-python3-32bit", "p-cpe:/a:novell:suse_linux:samba-python3", "p-cpe:/a:novell:suse_linux:samba-tool", "p-cpe:/a:novell:suse_linux:samba-winbind", "p-cpe:/a:novell:suse_linux:samba-winbind-libs", "p-cpe:/a:novell:suse_linux:samba-winbind-libs-32bit", "p-cpe:/a:novell:suse_linux:sssd", "p-cpe:/a:novell:suse_linux:sssd-ad", "p-cpe:/a:novell:suse_linux:sssd-common", "p-cpe:/a:novell:suse_linux:sssd-dbus", "p-cpe:/a:novell:suse_linux:sssd-ipa", "p-cpe:/a:novell:suse_linux:sssd-krb5", "p-cpe:/a:novell:suse_linux:sssd-krb5-common", "p-cpe:/a:novell:suse_linux:sssd-ldap", "p-cpe:/a:novell:suse_linux:sssd-proxy", "p-cpe:/a:novell:suse_linux:sssd-tools", "p-cpe:/a:novell:suse_linux:yast2-samba-client", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-0323-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157373", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0323-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157373);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2020-25721\",\n \"CVE-2020-29361\",\n \"CVE-2021-20316\",\n \"CVE-2021-43566\",\n \"CVE-2021-44141\",\n \"CVE-2021-44142\",\n \"CVE-2022-0336\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0323-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2022:0323-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0323-1 advisory.\n\n - An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered\n in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are\n missing before calling realloc or calloc. (CVE-2020-29361)\n\n - All versions of Samba prior to 4.15.0 are vulnerable to a malicious client using an SMB1 or NFS symlink\n race to allow filesystem metadata to be accessed in an area of the server file system not exported under\n the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for\n this attack to succeed. (CVE-2021-20316)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba Team reports: (CVE-2021-44141, CVE-2022-0336)\n\n - samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution\n (CVE-2021-44142)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1089938\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1139519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1158916\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180064\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1182058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193533\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194859\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195048\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010181.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f1fe4996\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-43566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0336\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-profiles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apparmor-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ca-certificates\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libapparmor1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgnutls30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgnutls30-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libhogweed4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libhogweed4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libipa_hbac-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libipa_hbac0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnettle6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnettle6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libp11-kit0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libp11-kit0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy-python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsamba-policy0-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_certmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_nss_idmap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_nss_idmap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsss_simpleifp0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:p11-kit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:p11-kit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:p11-kit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:p11-kit-nss-trust\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:p11-kit-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pam_apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pam_apparmor-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-apparmor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-sssd-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-client-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-ldb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-libs-python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:samba-winbind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ad\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ipa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-krb5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:sssd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:yast2-samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4/5\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'apache2-mod_apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apparmor-docs-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apparmor-parser-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apparmor-profiles-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apparmor-utils-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'ca-certificates-1_201403302107-15.3.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libapparmor1-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libapparmor1-32bit-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libgnutls30-3.4.17-8.4.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libgnutls30-32bit-3.4.17-8.4.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libhogweed4-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libhogweed4-32bit-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libipa_hbac0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libnettle6-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libnettle6-32bit-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libp11-kit0-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libp11-kit0-32bit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsamba-policy0-python3-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsamba-policy0-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsss_certmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsss_idmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsss_nss_idmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'libsss_simpleifp0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'p11-kit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'p11-kit-32bit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'p11-kit-nss-trust-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'p11-kit-tools-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'pam_apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'pam_apparmor-32bit-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'perl-apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'python-sssd-config-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-client-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-client-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-client-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-client-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-doc-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-ldb-ldap-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-libs-python3-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-libs-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-tool-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-winbind-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-winbind-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'samba-winbind-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-ad-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-common-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-dbus-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-ipa-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-krb5-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-krb5-common-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-ldap-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-proxy-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'sssd-tools-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'yast2-samba-client-3.1.23-3.3.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'ctdb-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-ha-release-12.5'},\n {'reference':'ctdb-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-ha-release-12.5'},\n {'reference':'ctdb-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-ha-release-12.5'},\n {'reference':'libapparmor-devel-2.8.2-56.6.3', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libapparmor-devel-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libipa_hbac-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libipa_hbac-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsamba-policy-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsamba-policy-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsamba-policy-python3-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsamba-policy-python3-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'p11-kit-devel-0.23.2-8.3.2', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'p11-kit-devel-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'samba-devel-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'samba-devel-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'apache2-mod_apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apparmor-docs-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apparmor-parser-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apparmor-profiles-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apparmor-utils-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'ca-certificates-1_201403302107-15.3.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libapparmor1-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libapparmor1-32bit-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libgnutls30-3.4.17-8.4.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libgnutls30-32bit-3.4.17-8.4.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libhogweed4-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libhogweed4-32bit-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libipa_hbac0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libnettle6-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libnettle6-32bit-3.1-21.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libp11-kit0-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libp11-kit0-32bit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsamba-policy0-python3-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsamba-policy0-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsss_certmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsss_idmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsss_nss_idmap-devel-1.16.1-7.28.9', 'sp':'5', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsss_nss_idmap0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'libsss_simpleifp0-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'p11-kit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'p11-kit-32bit-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'p11-kit-nss-trust-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'p11-kit-tools-0.23.2-8.3.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'pam_apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'pam_apparmor-32bit-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'perl-apparmor-2.8.2-56.6.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'python-sssd-config-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-client-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-client-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-client-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-client-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-devel-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-doc-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-ldb-ldap-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-libs-python3-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-libs-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-python3-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-tool-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-winbind-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-winbind-libs-32bit-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'samba-winbind-libs-4.15.4+git.324.8332acf1a63-3.54.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-ad-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-common-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-dbus-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-ipa-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-krb5-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-krb5-common-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-ldap-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-proxy-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'sssd-tools-1.16.1-7.28.9', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'yast2-samba-client-3.1.23-3.3.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2-mod_apparmor / apparmor-docs / apparmor-parser / etc');\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:43:45", "description": "The version of QNAP QTS or QuTS hero on the remote host is affected by multiple vulnerabilities in the Samba component, as follows:\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\n - Samba AD users able to write to an account can impersonate existing services, intercept traffic, and cause a denial of service (DoS). (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-05T00:00:00", "type": "nessus", "title": "QNAP QTS / QuTS hero Multiple Vulnerabilities in Samba (QSA-22-03)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["cpe:/a:qnap:qts", "cpe:/o:qnap:qts", "cpe:/o:qnap:quts_hero"], "id": "QNAP_QTS_QUTS_HERO_QSA-22-03.NASL", "href": "https://www.tenable.com/plugins/nessus/159504", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159504);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-44141\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n\n script_name(english:\"QNAP QTS / QuTS hero Multiple Vulnerabilities in Samba (QSA-22-03)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of QNAP QTS or QuTS hero on the remote host is affected by multiple vulnerabilities in the Samba component,\nas follows:\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\n - Samba AD users able to write to an account can impersonate existing services, intercept traffic, and cause\n a denial of service (DoS). (CVE-2022-0336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.qnap.com/en/security-advisory/qsa-22-03\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the workaround and upgrade to the relevant fixed version referenced in the QSA-22-03 advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:qnap:qts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:qnap:qts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:qnap:quts_hero\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"qnap_qts_quts_hero_web_detect.nbin\", \"qnap_qts_installed.nbin\");\n script_require_ports(\"installed_sw/QNAP QTS\", \"installed_sw/QNAP QuTS hero\");\n\n exit(0);\n}\n\ninclude('vcf_extras_qnap.inc');\n\nvar app_info = vcf::qnap::get_app_info();\n\nvar constraints = [\n{'product':'QTS', 'min_version':'4.3', 'max_version':'4.3.3', 'Number':'1945', 'Build':'20220303', 'fixed_display':'QTS 4.3.3.1945 build 20220303'},\n{'product':'QTS', 'min_version':'4.3.4', 'max_version':'4.3.4', 'Number':'1976', 'Build':'20220303', 'fixed_display':'QTS 4.3.4.1976 build 20220303'},\n{'product':'QTS', 'min_version':'4.3.6', 'max_version':'4.3.6', 'Number':'1965', 'Build':'20220302', 'fixed_display':'QTS 4.3.6.1965 build 20220302 '},\n{'product':'QTS', 'min_version':'4.5.4', 'max_version':'4.5.4', 'Number':'1931', 'Build':'20220128', 'fixed_display':'QTS 4.5.4.1931 build 20220128'},\n{'product':'QTS', 'min_version':'5.0', 'max_version':'5.0.0', 'Number':'1932', 'Build':'20220129', 'fixed_display':'QTS 5.0.0.1932 build 20220129'},\n{'product':'QuTS hero', 'min_version':'0.0', 'max_version':'4.5.4', 'Number':'1951', 'Build':'20220218', 'fixed_display':'QuTS hero h4.5.4.1951 build 20220218'},\n{'product':'QuTS hero', 'min_version':'5.0', 'max_version':'5.0.0', 'Number':'1949', 'Build':'20220215', 'fixed_display':'QuTS hero h5.0.0.1949 build 20220215'}\n];\n\nvcf::qnap::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:40:00", "description": "The version of Samba running on the remote host is 4.0.x prior to 4.13.17, 4.14.x prior to 4.14.12, or 4.15.x prior to 4.15.5. It is, therefore, affected by multiple vulnerabilities:\n\n - Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution. (CVE-2021-44142)\n\n - Information leak via symlinks of existence of\tfiles or directories outside of the exported share. (CVE-2021-44141)\n\n - Samba AD users with permission to write to an account can impersonate arbitrary services. (CVE-2022-0336)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-03T00:00:00", "type": "nessus", "title": "Samba 4.0.x < 4.13.17 / 4.14.x < 4.14.12 / 4.15.x < 4.15.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44141", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_4_15_5.NASL", "href": "https://www.tenable.com/plugins/nessus/157360", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157360);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-44141\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"Samba 4.0.x < 4.13.17 / 4.14.x < 4.14.12 / 4.15.x < 4.15.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is potentially affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Samba running on the remote host is 4.0.x prior to 4.13.17, 4.14.x prior to 4.14.12, or 4.15.x prior\nto 4.15.5. It is, therefore, affected by multiple vulnerabilities:\n\n - Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution. (CVE-2021-44142)\n\n - Information leak via symlinks of existence of\tfiles or directories outside of the exported share. (CVE-2021-44141)\n\n - Samba AD users with permission to write to an account can impersonate arbitrary services. (CVE-2022-0336)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/security.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-44141.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-44142.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2022-0336.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Samba version 4.13.17, 4.14.12, or 4.15.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/03\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar app_info = vcf::samba::get_app_info();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [\n {'min_version':'4.0.0', 'fixed_version':'4.13.17'},\n {'min_version':'4.14.0', 'fixed_version':'4.14.12'},\n {'min_version':'4.15.0', 'fixed_version':'4.15.5'}\n];\n\nvcf::check_version_and_report(app_info: app_info, constraints: constraints, severity: SECURITY_HOLE);\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T14:53:59", "description": "The remote Ubuntu 20.04 LTS / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5260-1 advisory.\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide ...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-01T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS / 21.10 : Samba vulnerabilities (USN-5260-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:21.10", "p-cpe:/a:canonical:ubuntu_linux:ctdb", "p-cpe:/a:canonical:ubuntu_linux:libnss-winbind", "p-cpe:/a:canonical:ubuntu_linux:libpam-winbind", "p-cpe:/a:canonical:ubuntu_linux:libsmbclient", "p-cpe:/a:canonical:ubuntu_linux:libsmbclient-dev", "p-cpe:/a:canonical:ubuntu_linux:libwbclient-dev", "p-cpe:/a:canonical:ubuntu_linux:libwbclient0", "p-cpe:/a:canonical:ubuntu_linux:python3-samba", "p-cpe:/a:canonical:ubuntu_linux:registry-tools", "p-cpe:/a:canonical:ubuntu_linux:samba", "p-cpe:/a:canonical:ubuntu_linux:samba-common", "p-cpe:/a:canonical:ubuntu_linux:samba-common-bin", "p-cpe:/a:canonical:ubuntu_linux:samba-dev", "p-cpe:/a:canonical:ubuntu_linux:samba-dsdb-modules", "p-cpe:/a:canonical:ubuntu_linux:samba-libs", "p-cpe:/a:canonical:ubuntu_linux:samba-testsuite", "p-cpe:/a:canonical:ubuntu_linux:samba-vfs-modules", "p-cpe:/a:canonical:ubuntu_linux:smbclient", "p-cpe:/a:canonical:ubuntu_linux:winbind"], "id": "UBUNTU_USN-5260-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157286", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5260-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157286);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"USN\", value:\"5260-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n\n script_name(english:\"Ubuntu 20.04 LTS / 21.10 : Samba vulnerabilities (USN-5260-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS / 21.10 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5260-1 advisory.\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide ...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5260-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpam-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsmbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwbclient0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:registry-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-common-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-dsdb-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:samba-vfs-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:smbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:winbind\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04|21\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 21.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'ctdb', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'libnss-winbind', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'libpam-winbind', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'libsmbclient', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'libsmbclient-dev', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'libwbclient-dev', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'libwbclient0', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'python3-samba', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'registry-tools', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'samba', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'samba-common', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'samba-common-bin', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'samba-dev', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'samba-dsdb-modules', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'samba-libs', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'samba-testsuite', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'samba-vfs-modules', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'smbclient', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '20.04', 'pkgname': 'winbind', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.04.1'},\n {'osver': '21.10', 'pkgname': 'ctdb', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libnss-winbind', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libpam-winbind', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libsmbclient', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libsmbclient-dev', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libwbclient-dev', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libwbclient0', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'python3-samba', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'registry-tools', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'samba', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'samba-common', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'samba-common-bin', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'samba-dev', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'samba-dsdb-modules', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'samba-libs', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'samba-testsuite', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'samba-vfs-modules', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'smbclient', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'winbind', 'pkgver': '2:4.13.17~dfsg-0ubuntu0.21.10.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libnss-winbind / libpam-winbind / libsmbclient / etc');\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:42:38", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-18T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : samba (EulerOS-SA-2022-1459)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1459.NASL", "href": "https://www.tenable.com/plugins/nessus/159779", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159779);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"EulerOS 2.0 SP9 : samba (EulerOS-SA-2022-1459)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1459\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bea9cdc1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsmbclient-4.11.6-6.h19.eulerosv2r9\",\n \"libwbclient-4.11.6-6.h19.eulerosv2r9\",\n \"samba-4.11.6-6.h19.eulerosv2r9\",\n \"samba-client-4.11.6-6.h19.eulerosv2r9\",\n \"samba-common-4.11.6-6.h19.eulerosv2r9\",\n \"samba-common-tools-4.11.6-6.h19.eulerosv2r9\",\n \"samba-libs-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-clients-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-modules-4.11.6-6.h19.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:50:24", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - Potential security vulnerabilities have been identified in HPE SimpliVity Omnistack for Hyper-V. The vulnerabilities could be remotely exploited to allow code execution, information leak and impersonate arbitrary services. (CVE-2022-0336)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-15T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : samba (EulerOS-SA-2022-2038)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2022-2038.NASL", "href": "https://www.tenable.com/plugins/nessus/163189", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163189);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : samba (EulerOS-SA-2022-2038)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - Potential security vulnerabilities have been identified in HPE SimpliVity Omnistack for Hyper-V. The\n vulnerabilities could be remotely exploited to allow code execution, information leak and impersonate\n arbitrary services. (CVE-2022-0336)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2038\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?40fca7c7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"samba-4.11.12-3.h11.eulerosv2r10\",\n \"samba-client-4.11.12-3.h11.eulerosv2r10\",\n \"samba-common-4.11.12-3.h11.eulerosv2r10\",\n \"samba-common-tools-4.11.12-3.h11.eulerosv2r10\",\n \"samba-libs-4.11.12-3.h11.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:48:37", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - Potential security vulnerabilities have been identified in HPE SimpliVity Omnistack for Hyper-V. The vulnerabilities could be remotely exploited to allow code execution, information leak and impersonate arbitrary services. (CVE-2022-0336)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-15T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : samba (EulerOS-SA-2022-2066)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2022-2066.NASL", "href": "https://www.tenable.com/plugins/nessus/163214", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163214);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : samba (EulerOS-SA-2022-2066)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - Potential security vulnerabilities have been identified in HPE SimpliVity Omnistack for Hyper-V. The\n vulnerabilities could be remotely exploited to allow code execution, information leak and impersonate\n arbitrary services. (CVE-2022-0336)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2066\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f0af883a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"samba-4.11.12-3.h11.eulerosv2r10\",\n \"samba-client-4.11.12-3.h11.eulerosv2r10\",\n \"samba-common-4.11.12-3.h11.eulerosv2r10\",\n \"samba-common-tools-4.11.12-3.h11.eulerosv2r10\",\n \"samba-libs-4.11.12-3.h11.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:56:16", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. (CVE-2022-0336)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2022-2589)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ctdb", "p-cpe:/a:huawei:euleros:ctdb-tests", "p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:python2-samba", "p-cpe:/a:huawei:euleros:python2-samba-test", "p-cpe:/a:huawei:euleros:python3-samba", "p-cpe:/a:huawei:euleros:python3-samba-test", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-dc-libs", "p-cpe:/a:huawei:euleros:samba-krb5-printing", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-pidl", "p-cpe:/a:huawei:euleros:samba-test", "p-cpe:/a:huawei:euleros:samba-test-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-krb5-locator", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2022-2589.NASL", "href": "https://www.tenable.com/plugins/nessus/165938", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165938);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2022-2589)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\n - The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that\n SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an\n account modification re-adds an SPN that was previously present on that account, such as one added when a\n computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to\n perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an\n attacker who can intercept traffic can impersonate existing services, resulting in a loss of\n confidentiality and integrity. (CVE-2022-0336)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2589\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5bc5bc7e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ctdb-4.9.1-2.h37.eulerosv2r8\",\n \"ctdb-tests-4.9.1-2.h37.eulerosv2r8\",\n \"libsmbclient-4.9.1-2.h37.eulerosv2r8\",\n \"libwbclient-4.9.1-2.h37.eulerosv2r8\",\n \"python2-samba-4.9.1-2.h37.eulerosv2r8\",\n \"python2-samba-test-4.9.1-2.h37.eulerosv2r8\",\n \"python3-samba-4.9.1-2.h37.eulerosv2r8\",\n \"python3-samba-test-4.9.1-2.h37.eulerosv2r8\",\n \"samba-4.9.1-2.h37.eulerosv2r8\",\n \"samba-client-4.9.1-2.h37.eulerosv2r8\",\n \"samba-client-libs-4.9.1-2.h37.eulerosv2r8\",\n \"samba-common-4.9.1-2.h37.eulerosv2r8\",\n \"samba-common-libs-4.9.1-2.h37.eulerosv2r8\",\n \"samba-common-tools-4.9.1-2.h37.eulerosv2r8\",\n \"samba-dc-libs-4.9.1-2.h37.eulerosv2r8\",\n \"samba-krb5-printing-4.9.1-2.h37.eulerosv2r8\",\n \"samba-libs-4.9.1-2.h37.eulerosv2r8\",\n \"samba-pidl-4.9.1-2.h37.eulerosv2r8\",\n \"samba-test-4.9.1-2.h37.eulerosv2r8\",\n \"samba-test-libs-4.9.1-2.h37.eulerosv2r8\",\n \"samba-winbind-4.9.1-2.h37.eulerosv2r8\",\n \"samba-winbind-clients-4.9.1-2.h37.eulerosv2r8\",\n \"samba-winbind-krb5-locator-4.9.1-2.h37.eulerosv2r8\",\n \"samba-winbind-modules-4.9.1-2.h37.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:43:16", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-18T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : samba (EulerOS-SA-2022-1438)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1438.NASL", "href": "https://www.tenable.com/plugins/nessus/159812", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159812);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"EulerOS 2.0 SP9 : samba (EulerOS-SA-2022-1438)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1438\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?435ab4be\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsmbclient-4.11.6-6.h19.eulerosv2r9\",\n \"libwbclient-4.11.6-6.h19.eulerosv2r9\",\n \"samba-4.11.6-6.h19.eulerosv2r9\",\n \"samba-client-4.11.6-6.h19.eulerosv2r9\",\n \"samba-common-4.11.6-6.h19.eulerosv2r9\",\n \"samba-common-tools-4.11.6-6.h19.eulerosv2r9\",\n \"samba-libs-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-clients-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-modules-4.11.6-6.h19.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:45:32", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-06T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : samba (EulerOS-SA-2022-1652)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1652.NASL", "href": "https://www.tenable.com/plugins/nessus/160676", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160676);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"EulerOS 2.0 SP10 : samba (EulerOS-SA-2022-1652)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1652\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?15e92e2d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsmbclient-4.11.12-3.h11.eulerosv2r10\",\n \"libwbclient-4.11.12-3.h11.eulerosv2r10\",\n \"samba-4.11.12-3.h11.eulerosv2r10\",\n \"samba-client-4.11.12-3.h11.eulerosv2r10\",\n \"samba-common-4.11.12-3.h11.eulerosv2r10\",\n \"samba-common-tools-4.11.12-3.h11.eulerosv2r10\",\n \"samba-libs-4.11.12-3.h11.eulerosv2r10\",\n \"samba-winbind-4.11.12-3.h11.eulerosv2r10\",\n \"samba-winbind-clients-4.11.12-3.h11.eulerosv2r10\",\n \"samba-winbind-modules-4.11.12-3.h11.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:43:44", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : samba (EulerOS-SA-2022-1586)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ctdb", "p-cpe:/a:huawei:euleros:ctdb-tests", "p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:python2-samba", "p-cpe:/a:huawei:euleros:python2-samba-test", "p-cpe:/a:huawei:euleros:python3-samba", "p-cpe:/a:huawei:euleros:python3-samba-test", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-dc-libs", "p-cpe:/a:huawei:euleros:samba-krb5-printing", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-pidl", "p-cpe:/a:huawei:euleros:samba-test", "p-cpe:/a:huawei:euleros:samba-test-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-krb5-locator", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1586.NASL", "href": "https://www.tenable.com/plugins/nessus/160148", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160148);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"EulerOS 2.0 SP8 : samba (EulerOS-SA-2022-1586)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1586\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?81340c73\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ctdb-4.9.1-2.h36.eulerosv2r8\",\n \"ctdb-tests-4.9.1-2.h36.eulerosv2r8\",\n \"libsmbclient-4.9.1-2.h36.eulerosv2r8\",\n \"libwbclient-4.9.1-2.h36.eulerosv2r8\",\n \"python2-samba-4.9.1-2.h36.eulerosv2r8\",\n \"python2-samba-test-4.9.1-2.h36.eulerosv2r8\",\n \"python3-samba-4.9.1-2.h36.eulerosv2r8\",\n \"python3-samba-test-4.9.1-2.h36.eulerosv2r8\",\n \"samba-4.9.1-2.h36.eulerosv2r8\",\n \"samba-client-4.9.1-2.h36.eulerosv2r8\",\n \"samba-client-libs-4.9.1-2.h36.eulerosv2r8\",\n \"samba-common-4.9.1-2.h36.eulerosv2r8\",\n \"samba-common-libs-4.9.1-2.h36.eulerosv2r8\",\n \"samba-common-tools-4.9.1-2.h36.eulerosv2r8\",\n \"samba-dc-libs-4.9.1-2.h36.eulerosv2r8\",\n \"samba-krb5-printing-4.9.1-2.h36.eulerosv2r8\",\n \"samba-libs-4.9.1-2.h36.eulerosv2r8\",\n \"samba-pidl-4.9.1-2.h36.eulerosv2r8\",\n \"samba-test-4.9.1-2.h36.eulerosv2r8\",\n \"samba-test-libs-4.9.1-2.h36.eulerosv2r8\",\n \"samba-winbind-4.9.1-2.h36.eulerosv2r8\",\n \"samba-winbind-clients-4.9.1-2.h36.eulerosv2r8\",\n \"samba-winbind-krb5-locator-4.9.1-2.h36.eulerosv2r8\",\n \"samba-winbind-modules-4.9.1-2.h36.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:44:03", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-05T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : samba (EulerOS-SA-2022-1614)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2022-1614.NASL", "href": "https://www.tenable.com/plugins/nessus/160592", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160592);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : samba (EulerOS-SA-2022-1614)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1614\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?94fefb84\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsmbclient-4.11.6-6.h19.eulerosv2r9\",\n \"libwbclient-4.11.6-6.h19.eulerosv2r9\",\n \"samba-4.11.6-6.h19.eulerosv2r9\",\n \"samba-client-4.11.6-6.h19.eulerosv2r9\",\n \"samba-common-4.11.6-6.h19.eulerosv2r9\",\n \"samba-common-tools-4.11.6-6.h19.eulerosv2r9\",\n \"samba-libs-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-clients-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-modules-4.11.6-6.h19.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:44:26", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-06T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : samba (EulerOS-SA-2022-1638)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2022-1638.NASL", "href": "https://www.tenable.com/plugins/nessus/160638", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160638);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : samba (EulerOS-SA-2022-1638)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1638\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c177ecc2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsmbclient-4.11.6-6.h19.eulerosv2r9\",\n \"libwbclient-4.11.6-6.h19.eulerosv2r9\",\n \"samba-4.11.6-6.h19.eulerosv2r9\",\n \"samba-client-4.11.6-6.h19.eulerosv2r9\",\n \"samba-common-4.11.6-6.h19.eulerosv2r9\",\n \"samba-common-tools-4.11.6-6.h19.eulerosv2r9\",\n \"samba-libs-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-clients-4.11.6-6.h19.eulerosv2r9\",\n \"samba-winbind-modules-4.11.6-6.h19.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-03T18:46:05", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-06T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : samba (EulerOS-SA-2022-1666)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43566", "CVE-2021-44142", "CVE-2022-0336"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1666.NASL", "href": "https://www.tenable.com/plugins/nessus/160653", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160653);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\"CVE-2021-43566\", \"CVE-2021-44142\", \"CVE-2022-0336\");\n script_xref(name:\"IAVA\", value:\"2022-A-0020-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"EulerOS 2.0 SP10 : samba (EulerOS-SA-2022-1666)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to\n allow a directory to be created in an area of the server file system not exported under the share\n definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack\n to succeed. (CVE-2021-43566)\n\n - The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide '...enhanced compatibility\n with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.' Samba versions prior to\n 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via\n specially crafted extended file attributes. A remote attacker with write access to extended file\n attributes can execute arbitrary code with the privileges of smbd, typically root. (CVE-2021-44142)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1666\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2c685ff0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44142\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsmbclient-4.11.12-3.h11.eulerosv2r10\",\n \"libwbclient-4.11.12-3.h11.eulerosv2r10\",\n \"samba-4.11.12-3.h11.eulerosv2r10\",\n \"samba-client-4.11.12-3.h11.eulerosv2r10\",\n \"samba-common-4.11.12-3.h11.eulerosv2r10\",\n \"samba-common-tools-4.11.12-3.h11.eulerosv2r10\",\n \"samba-libs-4.11.12-3.h11.eulerosv2r10\",\n \"samba-winbind-4.11.12-3.h11.eulerosv2r10\",\n \"samba-winbind-clients-4.11.12-3.h11.eulerosv2r10\",\n \"samba-winbind-modules-4.11.12-3.h11.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-01-10T19:22:28", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:2074 advisory.\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-12T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : samba (ALSA-2022:2074)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-11-01T00:00:00", "cpe": ["p-cpe:/a:alma:linux:ctdb", "p-cpe:/a:alma:linux:libsmbclient", "p-cpe:/a:alma:linux:libwbclient", "p-cpe:/a:alma:linux:python3-samba", "p-cpe:/a:alma:linux:python3-samba-test", "p-cpe:/a:alma:linux:samba", "p-cpe:/a:alma:linux:samba-client", "p-cpe:/a:alma:linux:samba-client-libs", "p-cpe:/a:alma:linux:samba-common", "p-cpe:/a:alma:linux:samba-common-libs", "p-cpe:/a:alma:linux:samba-common-tools", "p-cpe:/a:alma:linux:samba-krb5-printing", "p-cpe:/a:alma:linux:samba-libs", "p-cpe:/a:alma:linux:samba-pidl", "p-cpe:/a:alma:linux:samba-test", "p-cpe:/a:alma:linux:samba-test-libs", "p-cpe:/a:alma:linux:samba-vfs-iouring", "p-cpe:/a:alma:linux:samba-winbind", "p-cpe:/a:alma:linux:samba-winbind-clients", "p-cpe:/a:alma:linux:samba-winbind-krb5-locator", "p-cpe:/a:alma:linux:samba-winbind-modules", "p-cpe:/a:alma:linux:samba-winexe", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2022-2074.NASL", "href": "https://www.tenable.com/plugins/nessus/161095", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:2074.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161095);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/01\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"ALSA\", value:\"2022:2074\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"AlmaLinux 8 : samba (ALSA-2022:2074)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:2074 advisory.\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-2074.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:samba-winexe\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libsmbclient / libwbclient / python3-samba / python3-samba-test / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-10T19:23:31", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-18T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : samba (ELSA-2022-2074)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-11-01T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:ctdb", "p-cpe:/a:oracle:linux:libsmbclient", "p-cpe:/a:oracle:linux:libsmbclient-devel", "p-cpe:/a:oracle:linux:libwbclient", "p-cpe:/a:oracle:linux:libwbclient-devel", "p-cpe:/a:oracle:linux:python3-samba", "p-cpe:/a:oracle:linux:python3-samba-test", "p-cpe:/a:oracle:linux:samba", "p-cpe:/a:oracle:linux:samba-client", "p-cpe:/a:oracle:linux:samba-client-libs", "p-cpe:/a:oracle:linux:samba-common", "p-cpe:/a:oracle:linux:samba-common-libs", "p-cpe:/a:oracle:linux:samba-common-tools", "p-cpe:/a:oracle:linux:samba-devel", "p-cpe:/a:oracle:linux:samba-krb5-printing", "p-cpe:/a:oracle:linux:samba-libs", "p-cpe:/a:oracle:linux:samba-pidl", "p-cpe:/a:oracle:linux:samba-test", "p-cpe:/a:oracle:linux:samba-test-libs", "p-cpe:/a:oracle:linux:samba-vfs-iouring", "p-cpe:/a:oracle:linux:samba-winbind", "p-cpe:/a:oracle:linux:samba-winbind-clients", "p-cpe:/a:oracle:linux:samba-winbind-krb5-locator", "p-cpe:/a:oracle:linux:samba-winbind-modules", "p-cpe:/a:oracle:linux:samba-winexe"], "id": "ORACLELINUX_ELSA-2022-2074.NASL", "href": "https://www.tenable.com/plugins/nessus/161285", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-2074.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161285);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/01\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"Oracle Linux 8 : samba (ELSA-2022-2074)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share\n (CVE-2021-20316)\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-2074.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-winexe\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libsmbclient / libsmbclient-devel / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-10T19:21:34", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-10T00:00:00", "type": "nessus", "title": "CentOS 8 : samba (CESA-2022:2074)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-11-01T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:ctdb", "p-cpe:/a:centos:centos:libsmbclient", "p-cpe:/a:centos:centos:libsmbclient-devel", "p-cpe:/a:centos:centos:libwbclient", "p-cpe:/a:centos:centos:libwbclient-devel", "p-cpe:/a:centos:centos:python3-samba", "p-cpe:/a:centos:centos:python3-samba-test", "p-cpe:/a:centos:centos:samba", "p-cpe:/a:centos:centos:samba-client", "p-cpe:/a:centos:centos:samba-client-libs", "p-cpe:/a:centos:centos:samba-common", "p-cpe:/a:centos:centos:samba-common-libs", "p-cpe:/a:centos:centos:samba-common-tools", "p-cpe:/a:centos:centos:samba-devel", "p-cpe:/a:centos:centos:samba-krb5-printing", "p-cpe:/a:centos:centos:samba-libs", "p-cpe:/a:centos:centos:samba-pidl", "p-cpe:/a:centos:centos:samba-test", "p-cpe:/a:centos:centos:samba-test-libs", "p-cpe:/a:centos:centos:samba-vfs-iouring", "p-cpe:/a:centos:centos:samba-winbind", "p-cpe:/a:centos:centos:samba-winbind-clients", "p-cpe:/a:centos:centos:samba-winbind-krb5-locator", "p-cpe:/a:centos:centos:samba-winbind-modules", "p-cpe:/a:centos:centos:samba-winexe"], "id": "CENTOS8_RHSA-2022-2074.NASL", "href": "https://www.tenable.com/plugins/nessus/160964", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:2074. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160964);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/01\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"RHSA\", value:\"2022:2074\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"CentOS 8 : samba (CESA-2022:2074)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2022:2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share\n (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:2074\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:samba-winexe\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libsmbclient / libsmbclient-devel / libwbclient / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-24T00:28:14", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-11T00:00:00", "type": "nessus", "title": "RHEL 8 : samba (RHSA-2022:2074)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:ctdb", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:libwbclient", "p-cpe:/a:redhat:enterprise_linux:libwbclient-devel", "p-cpe:/a:redhat:enterprise_linux:python3-samba", "p-cpe:/a:redhat:enterprise_linux:python3-samba-test", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-client-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-common-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common-tools", "p-cpe:/a:redhat:enterprise_linux:samba-devel", "p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing", "p-cpe:/a:redhat:enterprise_linux:samba-libs", "p-cpe:/a:redhat:enterprise_linux:samba-pidl", "p-cpe:/a:redhat:enterprise_linux:samba-test", "p-cpe:/a:redhat:enterprise_linux:samba-test-libs", "p-cpe:/a:redhat:enterprise_linux:samba-vfs-iouring", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules", "p-cpe:/a:redhat:enterprise_linux:samba-winexe"], "id": "REDHAT-RHSA-2022-2074.NASL", "href": "https://www.tenable.com/plugins/nessus/161020", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:2074. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161020);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"RHSA\", value:\"2022:2074\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"RHEL 8 : samba (RHSA-2022:2074)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:2074 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share\n (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-44141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:2074\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2009673\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2046120\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(59, 200, 362);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winexe\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ctdb-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ctdb-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libsmbclient / libsmbclient-devel / libwbclient / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-10T19:23:32", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:2074 advisory.\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-18T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : samba (RLSA-2022:2074)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2022-11-01T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:ctdb", "p-cpe:/a:rocky:linux:ctdb-debuginfo", "p-cpe:/a:rocky:linux:libsmbclient", "p-cpe:/a:rocky:linux:libsmbclient-debuginfo", "p-cpe:/a:rocky:linux:libsmbclient-devel", "p-cpe:/a:rocky:linux:libwbclient", "p-cpe:/a:rocky:linux:libwbclient-debuginfo", "p-cpe:/a:rocky:linux:libwbclient-devel", "p-cpe:/a:rocky:linux:python3-samba", "p-cpe:/a:rocky:linux:python3-samba-debuginfo", "p-cpe:/a:rocky:linux:python3-samba-devel", "p-cpe:/a:rocky:linux:python3-samba-test", "p-cpe:/a:rocky:linux:samba", "p-cpe:/a:rocky:linux:samba-client", "p-cpe:/a:rocky:linux:samba-client-debuginfo", "p-cpe:/a:rocky:linux:samba-client-libs", "p-cpe:/a:rocky:linux:samba-client-libs-debuginfo", "p-cpe:/a:rocky:linux:samba-common", "p-cpe:/a:rocky:linux:samba-common-libs", "p-cpe:/a:rocky:linux:samba-common-libs-debuginfo", "p-cpe:/a:rocky:linux:samba-common-tools", "p-cpe:/a:rocky:linux:samba-common-tools-debuginfo", "p-cpe:/a:rocky:linux:samba-debuginfo", "p-cpe:/a:rocky:linux:samba-debugsource", "p-cpe:/a:rocky:linux:samba-devel", "p-cpe:/a:rocky:linux:samba-krb5-printing", "p-cpe:/a:rocky:linux:samba-krb5-printing-debuginfo", "p-cpe:/a:rocky:linux:samba-libs", "p-cpe:/a:rocky:linux:samba-libs-debuginfo", "p-cpe:/a:rocky:linux:samba-pidl", "p-cpe:/a:rocky:linux:samba-test", "p-cpe:/a:rocky:linux:samba-test-debuginfo", "p-cpe:/a:rocky:linux:samba-test-libs", "p-cpe:/a:rocky:linux:samba-test-libs-debuginfo", "p-cpe:/a:rocky:linux:samba-vfs-iouring", "p-cpe:/a:rocky:linux:samba-vfs-iouring-debuginfo", "p-cpe:/a:rocky:linux:samba-winbind", "p-cpe:/a:rocky:linux:samba-winbind-clients", "p-cpe:/a:rocky:linux:samba-winbind-clients-debuginfo", "p-cpe:/a:rocky:linux:samba-winbind-debuginfo", "p-cpe:/a:rocky:linux:samba-winbind-krb5-locator", "p-cpe:/a:rocky:linux:samba-winbind-krb5-locator-debuginfo", "p-cpe:/a:rocky:linux:samba-winbind-modules", "p-cpe:/a:rocky:linux:samba-winbind-modules-debuginfo", "p-cpe:/a:rocky:linux:samba-winexe", "p-cpe:/a:rocky:linux:samba-winexe-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-2074.NASL", "href": "https://www.tenable.com/plugins/nessus/161339", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:2074.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161339);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/01\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"RLSA\", value:\"2022:2074\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"Rocky Linux 8 : samba (RLSA-2022:2074)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2022:2074 advisory.\n\n - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to\n determine if a file or directory exists in an area of the server file system not exported under the share\n definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:2074\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1979959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1995849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1999294\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2009673\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2013596\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2019461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2028029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2035528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2038148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2038796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2043154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2044404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2046120\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2049602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2057503\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2064325\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ctdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libsmbclient-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libwbclient-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-client-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-common-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-common-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-krb5-printing-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-test-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-vfs-iouring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-vfs-iouring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-clients-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-krb5-locator-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winbind-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winexe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:samba-winexe-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ctdb-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsmbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwbclient-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-client-libs-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-libs-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-common-tools-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debugsource-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debugsource-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-debugsource-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-devel-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-krb5-printing-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-libs-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-pidl-4.15.5-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-test-libs-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-vfs-iouring-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-clients-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-krb5-locator-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-debuginfo-4.15.5-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-debuginfo-4.15.5-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winbind-modules-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-winexe-debuginfo-4.15.5-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / ctdb-debuginfo / libsmbclient / libsmbclient-debuginfo / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-02-03T17:24:18", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1756 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-10T00:00:00", "type": "nessus", "title": "RHEL 8 : samba (RHSA-2022:1756)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20316", "CVE-2021-44141"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ctdb", "p-cpe:/a:redhat:enterprise_linux:libsmbclient", "p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel", "p-cpe:/a:redhat:enterprise_linux:libwbclient", "p-cpe:/a:redhat:enterprise_linux:libwbclient-devel", "p-cpe:/a:redhat:enterprise_linux:python3-samba", "p-cpe:/a:redhat:enterprise_linux:samba", "p-cpe:/a:redhat:enterprise_linux:samba-client", "p-cpe:/a:redhat:enterprise_linux:samba-client-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common", "p-cpe:/a:redhat:enterprise_linux:samba-common-libs", "p-cpe:/a:redhat:enterprise_linux:samba-common-tools", "p-cpe:/a:redhat:enterprise_linux:samba-devel", "p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing", "p-cpe:/a:redhat:enterprise_linux:samba-libs", "p-cpe:/a:redhat:enterprise_linux:samba-pidl", "p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs", "p-cpe:/a:redhat:enterprise_linux:samba-winbind", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator", "p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules"], "id": "REDHAT-RHSA-2022-1756.NASL", "href": "https://www.tenable.com/plugins/nessus/160966", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:1756. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160966);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\"CVE-2021-20316\", \"CVE-2021-44141\");\n script_xref(name:\"RHSA\", value:\"2022:1756\");\n script_xref(name:\"IAVA\", value:\"2022-A-0054-S\");\n\n script_name(english:\"RHEL 8 : samba (RHSA-2022:1756)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:1756 advisory.\n\n - samba: Symlink race error can allow metadata read and modify outside of the exported share\n (CVE-2021-20316)\n\n - samba: Information leak via symlinks of existance of files or directories outside of the exported share\n (CVE-2021-44141)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-44141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:1756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2009673\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2046120\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20316\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(59, 200, 362);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwbclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-vfs-glusterfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:samba-winbind-modules\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/rhgs-server-nfs/3/debug',\n 'content/dist/layered/rhel8/x86_64/rhgs-server-nfs/3/os',\n 'content/dist/layered/rhel8/x86_64/rhgs-server-nfs/3/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhgs-server-samba/3/debug',\n 'content/dist/layered/rhel8/x86_64/rhgs-server-samba/3/os',\n 'content/dist/layered/rhel8/x86_64/rhgs-server-samba/3/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhgs-server/3/debug',\n 'content/dist/layered/rhel8/x86_64/rhgs-server/3/os',\n 'content/dist/layered/rhel8/x86_64/rhgs-server/3/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ctdb-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'libsmbclient-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'libsmbclient-devel-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'libwbclient-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'libwbclient-devel-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'python3-samba-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-client-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-client-libs-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-common-4.15.5-100.el8rhgs', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-common-libs-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-common-tools-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-devel-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-krb5-printing-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-libs-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-pidl-4.15.5-100.el8rhgs', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-vfs-glusterfs-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-winbind-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-winbind-clients-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-winbind-krb5-locator-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'},\n {'reference':'samba-winbind-modules-4.15.5-100.el8rhgs', 'cpu':'x86_64', 'release':'8', 'el_string':'el8rhgs', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'glusterfs-'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ctdb / libsmbclient / libsmbclient-devel / libwbclient / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:52:24", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\n - An extensible library that implements an LDAP like API to access remote LDAPservers, or use local tdb databases.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-16T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : samba (EulerOS-SA-2021-2229)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-07-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-python", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2229.NASL", "href": "https://www.tenable.com/plugins/nessus/151789", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151789);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/21\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : samba (EulerOS-SA-2021-2229)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple,\n consecutive leading spaces in an LDAP attribute can\n lead to an out-of-bounds memory write, leading to a\n crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system\n availability.(CVE-2021-20277)\n\n - An extensible library that implements an LDAP like API\n to access remote LDAPservers, or use local tdb\n databases.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2229\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bc8e049e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.7.1-9.h26.eulerosv2r7\",\n \"libwbclient-4.7.1-9.h26.eulerosv2r7\",\n \"samba-4.7.1-9.h26.eulerosv2r7\",\n \"samba-client-4.7.1-9.h26.eulerosv2r7\",\n \"samba-client-libs-4.7.1-9.h26.eulerosv2r7\",\n \"samba-common-4.7.1-9.h26.eulerosv2r7\",\n \"samba-common-libs-4.7.1-9.h26.eulerosv2r7\",\n \"samba-common-tools-4.7.1-9.h26.eulerosv2r7\",\n \"samba-libs-4.7.1-9.h26.eulerosv2r7\",\n \"samba-python-4.7.1-9.h26.eulerosv2r7\",\n \"samba-winbind-4.7.1-9.h26.eulerosv2r7\",\n \"samba-winbind-clients-4.7.1-9.h26.eulerosv2r7\",\n \"samba-winbind-modules-4.7.1-9.h26.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:52:23", "description": "According to the versions of the libldb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\n - An extensible library that implements an LDAP like API to access remote LDAPservers, or use local tdb databases.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-16T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : libldb (EulerOS-SA-2021-2222)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-07-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libldb", "p-cpe:/a:huawei:euleros:pyldb", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2222.NASL", "href": "https://www.tenable.com/plugins/nessus/151779", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151779);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/21\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : libldb (EulerOS-SA-2021-2222)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libldb packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple,\n consecutive leading spaces in an LDAP attribute can\n lead to an out-of-bounds memory write, leading to a\n crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system\n availability.(CVE-2021-20277)\n\n - An extensible library that implements an LDAP like API\n to access remote LDAPservers, or use local tdb\n databases.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2222\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?960a4eb1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libldb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:pyldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libldb-1.2.2-1.h3.eulerosv2r7\",\n \"pyldb-1.2.2-1.h3.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libldb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:50:05", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An extensible library that implements an LDAP like API to access remote LDAPservers, or use local tdb databases.(CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : samba (EulerOS-SA-2021-2055)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2055.NASL", "href": "https://www.tenable.com/plugins/nessus/151247", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151247);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : samba (EulerOS-SA-2021-2055)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - An extensible library that implements an LDAP like API\n to access remote LDAPservers, or use local tdb\n databases.(CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple,\n consecutive leading spaces in an LDAP attribute can\n lead to an out-of-bounds memory write, leading to a\n crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system\n availability.(CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2055\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c4ae5493\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.11.6-6.h14.eulerosv2r9\",\n \"libwbclient-4.11.6-6.h14.eulerosv2r9\",\n \"samba-4.11.6-6.h14.eulerosv2r9\",\n \"samba-client-4.11.6-6.h14.eulerosv2r9\",\n \"samba-common-4.11.6-6.h14.eulerosv2r9\",\n \"samba-common-tools-4.11.6-6.h14.eulerosv2r9\",\n \"samba-libs-4.11.6-6.h14.eulerosv2r9\",\n \"samba-winbind-4.11.6-6.h14.eulerosv2r9\",\n \"samba-winbind-clients-4.11.6-6.h14.eulerosv2r9\",\n \"samba-winbind-modules-4.11.6-6.h14.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:50:05", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in samba. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write. The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : samba (EulerOS-SA-2021-1961)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-06-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2021-1961.NASL", "href": "https://www.tenable.com/plugins/nessus/150250", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150250);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/08\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : samba (EulerOS-SA-2021-1961)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A flaw was found in samba. Multiple, consecutive\n leading spaces in an LDAP attribute can lead to an\n out-of-bounds memory write. The highest threat from\n this vulnerability is to system\n availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string\n around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to\n instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this\n vulnerability is to system\n availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1961\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84291be3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.11.6-6.h14.eulerosv2r9\",\n \"libwbclient-4.11.6-6.h14.eulerosv2r9\",\n \"samba-client-4.11.6-6.h14.eulerosv2r9\",\n \"samba-common-4.11.6-6.h14.eulerosv2r9\",\n \"samba-common-tools-4.11.6-6.h14.eulerosv2r9\",\n \"samba-libs-4.11.6-6.h14.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:50:51", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An extensible library that implements an LDAP like API to access remote LDAPservers, or use local tdb databases.(CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : samba (EulerOS-SA-2021-2066)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2066.NASL", "href": "https://www.tenable.com/plugins/nessus/151261", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151261);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : samba (EulerOS-SA-2021-2066)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - An extensible library that implements an LDAP like API\n to access remote LDAPservers, or use local tdb\n databases.(CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple,\n consecutive leading spaces in an LDAP attribute can\n lead to an out-of-bounds memory write, leading to a\n crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system\n availability.(CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2066\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1649951d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.11.6-6.h14.eulerosv2r9\",\n \"libwbclient-4.11.6-6.h14.eulerosv2r9\",\n \"samba-4.11.6-6.h14.eulerosv2r9\",\n \"samba-client-4.11.6-6.h14.eulerosv2r9\",\n \"samba-common-4.11.6-6.h14.eulerosv2r9\",\n \"samba-common-tools-4.11.6-6.h14.eulerosv2r9\",\n \"samba-libs-4.11.6-6.h14.eulerosv2r9\",\n \"samba-winbind-4.11.6-6.h14.eulerosv2r9\",\n \"samba-winbind-clients-4.11.6-6.h14.eulerosv2r9\",\n \"samba-winbind-modules-4.11.6-6.h14.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:49:05", "description": "The version of Samba running on the remote host is 4.12.x prior to 4.12.14, 4.13.x prior to 4.13.7, or 4.14.x prior to 4.14.2. It is, therefore, potentially affected by multiple vulnerabilities: \n\n - A denial of service (DoS) vulnerability exists in the Samba AD DC LDAP server. An unauthenticated, remote attacker can exploit this issue, via easily crafted DNs as part of a bind request. This can cause the samba server to crash and stop responding. (CVE-2020-27840)\n\n - A denial of service (DoS) vulnerability exists in the Samba AD DC LDAP server. An unauthenticated, remote attacker can exploit this issue, via easily crafted LDAP attributes that contain multiple, consecutive, leading spaces. This can cause the samba server process handling the request to crash and stop responding.\n (CVE-2021-20277)\n\n - User-controlled LDAP filter strings against the AD DC LDAP server may crash the LDAP server. (CVE-2021-20277)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-05-19T00:00:00", "type": "nessus", "title": "Samba 4.12.x < 4.12.14 / 4.13.x < 4.13.7 / 4.14.x < 4.14.2 Multiple DoS", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/a:samba:samba"], "id": "SAMBA_4_14_2.NASL", "href": "https://www.tenable.com/plugins/nessus/149699", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149699);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20277\");\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n\n script_name(english:\"Samba 4.12.x < 4.12.14 / 4.13.x < 4.13.7 / 4.14.x < 4.14.2 Multiple DoS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Samba server is potentially affected by multiple denial of service vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Samba running on the remote host is 4.12.x prior to 4.12.14, 4.13.x prior to 4.13.7, or 4.14.x prior to\n4.14.2. It is, therefore, potentially affected by multiple vulnerabilities: \n\n - A denial of service (DoS) vulnerability exists in the Samba AD DC LDAP server. An unauthenticated, remote\n attacker can exploit this issue, via easily crafted DNs as part of a bind request. This can cause the \n samba server to crash and stop responding. (CVE-2020-27840)\n\n - A denial of service (DoS) vulnerability exists in the Samba AD DC LDAP server. An unauthenticated, remote\n attacker can exploit this issue, via easily crafted LDAP attributes that contain multiple, consecutive, \n leading spaces. This can cause the samba server process handling the request to crash and stop responding.\n (CVE-2021-20277)\n\n - User-controlled LDAP filter strings against the AD DC LDAP server may crash the LDAP server. (CVE-2021-20277)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2020-27840.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/security/CVE-2021-20277.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.samba.org/samba/history/security.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Samba version 4.12.14 / 4.13.7 / 4.14.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/19\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:samba:samba\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_nativelanman.nasl\");\n script_require_keys(\"SMB/NativeLanManager\", \"SMB/samba\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar app, constraints;\n\napp = vcf::samba::get_app_info();\nvcf::check_granularity(app_info:app, sig_segments:3);\n\nconstraints = [\n {'min_version':'4.12.0', 'fixed_version':'4.12.14'},\n {'min_version':'4.13.0', 'fixed_version':'4.13.7'},\n {'min_version':'4.14.0', 'fixed_version':'4.14.2'}\n];\n\nvcf::check_version_and_report(app_info:app, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:50:26", "description": "According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : samba (EulerOS-SA-2021-1988)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-06-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ctdb", "p-cpe:/a:huawei:euleros:ctdb-tests", "p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:python2-samba", "p-cpe:/a:huawei:euleros:python2-samba-test", "p-cpe:/a:huawei:euleros:python3-samba", "p-cpe:/a:huawei:euleros:python3-samba-test", "p-cpe:/a:huawei:euleros:samba", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-dc-libs", "p-cpe:/a:huawei:euleros:samba-krb5-printing", "p-cpe:/a:huawei:euleros:samba-libs", "p-cpe:/a:huawei:euleros:samba-pidl", "p-cpe:/a:huawei:euleros:samba-test", "p-cpe:/a:huawei:euleros:samba-test-libs", "p-cpe:/a:huawei:euleros:samba-winbind", "p-cpe:/a:huawei:euleros:samba-winbind-clients", "p-cpe:/a:huawei:euleros:samba-winbind-krb5-locator", "p-cpe:/a:huawei:euleros:samba-winbind-modules", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1988.NASL", "href": "https://www.tenable.com/plugins/nessus/151029", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151029);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/30\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : samba (EulerOS-SA-2021-1988)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple,\n consecutive leading spaces in an LDAP attribute can\n lead to an out-of-bounds memory write, leading to a\n crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system\n availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string\n around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to\n instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this\n vulnerability is to system\n availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1988\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?20c654ce\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ctdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ctdb-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-dc-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-krb5-printing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-pidl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-test-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-krb5-locator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-winbind-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ctdb-4.9.1-2.h31.eulerosv2r8\",\n \"ctdb-tests-4.9.1-2.h31.eulerosv2r8\",\n \"libsmbclient-4.9.1-2.h31.eulerosv2r8\",\n \"libwbclient-4.9.1-2.h31.eulerosv2r8\",\n \"python2-samba-4.9.1-2.h31.eulerosv2r8\",\n \"python2-samba-test-4.9.1-2.h31.eulerosv2r8\",\n \"python3-samba-4.9.1-2.h31.eulerosv2r8\",\n \"python3-samba-test-4.9.1-2.h31.eulerosv2r8\",\n \"samba-4.9.1-2.h31.eulerosv2r8\",\n \"samba-client-4.9.1-2.h31.eulerosv2r8\",\n \"samba-client-libs-4.9.1-2.h31.eulerosv2r8\",\n \"samba-common-4.9.1-2.h31.eulerosv2r8\",\n \"samba-common-libs-4.9.1-2.h31.eulerosv2r8\",\n \"samba-common-tools-4.9.1-2.h31.eulerosv2r8\",\n \"samba-dc-libs-4.9.1-2.h31.eulerosv2r8\",\n \"samba-krb5-printing-4.9.1-2.h31.eulerosv2r8\",\n \"samba-libs-4.9.1-2.h31.eulerosv2r8\",\n \"samba-pidl-4.9.1-2.h31.eulerosv2r8\",\n \"samba-test-4.9.1-2.h31.eulerosv2r8\",\n \"samba-test-libs-4.9.1-2.h31.eulerosv2r8\",\n \"samba-winbind-4.9.1-2.h31.eulerosv2r8\",\n \"samba-winbind-clients-4.9.1-2.h31.eulerosv2r8\",\n \"samba-winbind-krb5-locator-4.9.1-2.h31.eulerosv2r8\",\n \"samba-winbind-modules-4.9.1-2.h31.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:52:03", "description": "According to the versions of the libldb package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-02T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : libldb (EulerOS-SA-2021-2102)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libldb", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2021-2102.NASL", "href": "https://www.tenable.com/plugins/nessus/151341", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151341);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : libldb (EulerOS-SA-2021-2102)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libldb package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple,\n consecutive leading spaces in an LDAP attribute can\n lead to an out-of-bounds memory write, leading to a\n crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system\n availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string\n around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to\n instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this\n vulnerability is to system\n availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2102\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5bbad47b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libldb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libldb-1.2.2-1.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libldb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:50:09", "description": "According to the versions of the libldb package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27840)\n\n - A flaw was found in samba. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write. The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-30T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : libldb (EulerOS-SA-2021-2023)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-07-02T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libldb", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2021-2023.NASL", "href": "https://www.tenable.com/plugins/nessus/151165", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151165);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/02\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : libldb (EulerOS-SA-2021-2023)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libldb package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in samba. Spaces used in a string\n around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to\n instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this\n vulnerability is to system\n availability.(CVE-2020-27840)\n\n - A flaw was found in samba. Multiple, consecutive\n leading spaces in an LDAP attribute can lead to an\n out-of-bounds memory write. The highest threat from\n this vulnerability is to system\n availability.(CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2023\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?de4ce2b2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libldb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libldb-1.4.2-1.h6.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libldb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:51:13", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in samba. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write. The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-01T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : samba (EulerOS-SA-2021-2026)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2021-2026.NASL", "href": "https://www.tenable.com/plugins/nessus/151257", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151257);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : samba (EulerOS-SA-2021-2026)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A flaw was found in samba. Multiple, consecutive\n leading spaces in an LDAP attribute can lead to an\n out-of-bounds memory write. The highest threat from\n this vulnerability is to system\n availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string\n around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to\n instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this\n vulnerability is to system\n availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2026\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d200e326\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.7.1-9.h26.eulerosv2r7\",\n \"libwbclient-4.7.1-9.h26.eulerosv2r7\",\n \"samba-client-libs-4.7.1-9.h26.eulerosv2r7\",\n \"samba-common-4.7.1-9.h26.eulerosv2r7\",\n \"samba-common-libs-4.7.1-9.h26.eulerosv2r7\",\n \"samba-common-tools-4.7.1-9.h26.eulerosv2r7\",\n \"samba-libs-4.7.1-9.h26.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:49:43", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27840)\n\n - A flaw was found in samba. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write. The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-30T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : samba (EulerOS-SA-2021-2014)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-07-02T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2021-2014.NASL", "href": "https://www.tenable.com/plugins/nessus/151183", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151183);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/02\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : samba (EulerOS-SA-2021-2014)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in samba. Spaces used in a string\n around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to\n instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this\n vulnerability is to system\n availability.(CVE-2020-27840)\n\n - A flaw was found in samba. Multiple, consecutive\n leading spaces in an LDAP attribute can lead to an\n out-of-bounds memory write. The highest threat from\n this vulnerability is to system\n availability.(CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2014\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?deb9ae46\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.9.1-2.h31.eulerosv2r8\",\n \"libwbclient-4.9.1-2.h31.eulerosv2r8\",\n \"samba-client-libs-4.9.1-2.h31.eulerosv2r8\",\n \"samba-common-4.9.1-2.h31.eulerosv2r8\",\n \"samba-common-libs-4.9.1-2.h31.eulerosv2r8\",\n \"samba-common-tools-4.9.1-2.h31.eulerosv2r8\",\n \"samba-libs-4.9.1-2.h31.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:49:44", "description": "According to the versions of the libldb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : libldb (EulerOS-SA-2021-1984)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-06-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ldb-tools", "p-cpe:/a:huawei:euleros:libldb", "p-cpe:/a:huawei:euleros:libldb-devel", "p-cpe:/a:huawei:euleros:python2-ldb", "p-cpe:/a:huawei:euleros:python3-ldb", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1984.NASL", "href": "https://www.tenable.com/plugins/nessus/151026", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151026);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/30\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : libldb (EulerOS-SA-2021-1984)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libldb packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple,\n consecutive leading spaces in an LDAP attribute can\n lead to an out-of-bounds memory write, leading to a\n crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system\n availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string\n around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to\n instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this\n vulnerability is to system\n availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1984\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3f5e0cc9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libldb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ldb-tools-1.4.2-1.h6.eulerosv2r8\",\n \"libldb-1.4.2-1.h6.eulerosv2r8\",\n \"libldb-devel-1.4.2-1.h6.eulerosv2r8\",\n \"python2-ldb-1.4.2-1.h6.eulerosv2r8\",\n \"python3-ldb-1.4.2-1.h6.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libldb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:46:41", "description": "The remote Fedora 32 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-c93a3a5d3f advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-04-19T00:00:00", "type": "nessus", "title": "Fedora 32 : 2:samba / libldb (2021-c93a3a5d3f)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2022-01-21T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "p-cpe:/a:fedoraproject:fedora:libldb", "p-cpe:/a:fedoraproject:fedora:samba"], "id": "FEDORA_2021-C93A3A5D3F.NASL", "href": "https://www.tenable.com/plugins/nessus/148794", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-c93a3a5d3f\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148794);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/21\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20277\");\n script_xref(name:\"FEDORA\", value:\"2021-c93a3a5d3f\");\n\n script_name(english:\"Fedora 32 : 2:samba / libldb (2021-c93a3a5d3f)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 32 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nFEDORA-2021-c93a3a5d3f advisory. Note that Nessus has not tested for this issue but has instead relied only on the\napplication's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-c93a3a5d3f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected 2:samba and / or libldb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:samba\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 32', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\npkgs = [\n {'reference':'libldb-2.1.5-1.fc32', 'release':'FC32', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.12.14-0.fc32', 'release':'FC32', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, '2:samba / libldb');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:44:59", "description": "This update for ldb fixes the following issues :\n\nCVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs (bsc#1183572).\n\nCVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold (bsc#1183574).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-26T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : ldb (SUSE-SU-2021:0945-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ldb-debugsource", "p-cpe:/a:novell:suse_linux:ldb-tools", "p-cpe:/a:novell:suse_linux:ldb-tools-debuginfo", "p-cpe:/a:novell:suse_linux:libldb-devel", "p-cpe:/a:novell:suse_linux:libldb2", "p-cpe:/a:novell:suse_linux:libldb2-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libldb2-debuginfo", "p-cpe:/a:novell:suse_linux:python3-ldb", "p-cpe:/a:novell:suse_linux:python3-ldb-debuginfo", "p-cpe:/a:novell:suse_linux:python3-ldb-devel", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-0945-1.NASL", "href": "https://www.tenable.com/plugins/nessus/148138", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:0945-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148138);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20277\");\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : ldb (SUSE-SU-2021:0945-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ldb fixes the following issues :\n\nCVE-2020-27840: Fixed an unauthenticated remote heap corruption via\nbad DNs (bsc#1183572).\n\nCVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold\n(bsc#1183574).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183574\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27840/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2021-20277/\"\n );\n # https://www.suse.com/support/update/announcement/2021/suse-su-20210945-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55cb303b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2021-945=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/26\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"ldb-debugsource-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"ldb-tools-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"ldb-tools-debuginfo-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb-devel-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb2-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb2-debuginfo-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"python3-ldb-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"python3-ldb-debuginfo-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"python3-ldb-devel-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"ldb-debugsource-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"ldb-tools-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"ldb-tools-debuginfo-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb-devel-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb2-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb2-debuginfo-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"python3-ldb-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"python3-ldb-debuginfo-2.0.12-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"python3-ldb-devel-2.0.12-3.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:36:30", "description": "According to the versions of the libldb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-06T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.6 : libldb (EulerOS-SA-2021-2896)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2022-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libldb", "cpe:/o:huawei:euleros:uvp:3.0.2.6"], "id": "EULEROS_SA-2021-2896.NASL", "href": "https://www.tenable.com/plugins/nessus/156497", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156497);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/06\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20277\");\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.6 : libldb (EulerOS-SA-2021-2896)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libldb package installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to\n an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The\n highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2896\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b1f21d08\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libldb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.6\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libldb-1.2.2-1.h3.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libldb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:47:47", "description": "The remote Fedora 33 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-1a8e93a285 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-04-19T00:00:00", "type": "nessus", "title": "Fedora 33 : 2:samba / libldb (2021-1a8e93a285)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2022-01-21T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:33", "p-cpe:/a:fedoraproject:fedora:libldb", "p-cpe:/a:fedoraproject:fedora:samba"], "id": "FEDORA_2021-1A8E93A285.NASL", "href": "https://www.tenable.com/plugins/nessus/148801", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-1a8e93a285\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148801);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/21\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20277\");\n script_xref(name:\"FEDORA\", value:\"2021-1a8e93a285\");\n\n script_name(english:\"Fedora 33 : 2:samba / libldb (2021-1a8e93a285)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 33 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nFEDORA-2021-1a8e93a285 advisory. Note that Nessus has not tested for this issue but has instead relied only on the\napplication's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-1a8e93a285\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected 2:samba and / or libldb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:samba\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^33([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 33', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\npkgs = [\n {'reference':'libldb-2.2.1-1.fc33', 'release':'FC33', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'samba-4.13.7-0.fc33', 'release':'FC33', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, '2:samba / libldb');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:44:37", "description": "The Samba Team reports :\n\n- CVE-2020-27840: An anonymous attacker can crash the Samba AD DC LDAP server by sending easily crafted DNs as part of a bind request. More serious heap corruption is likely also possible.\n\n- CVE-2021-20277: User-controlled LDAP filter strings against the AD DC LDAP server may crash the LDAP server.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-29T00:00:00", "type": "nessus", "title": "FreeBSD : samba -- Multiple Vulnerabilities (1f6d97da-8f72-11eb-b3f1-005056a311d1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:samba411", "p-cpe:/a:freebsd:freebsd:samba412", "p-cpe:/a:freebsd:freebsd:samba413", "p-cpe:/a:freebsd:freebsd:samba414", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_1F6D97DA8F7211EBB3F1005056A311D1.NASL", "href": "https://www.tenable.com/plugins/nessus/148207", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148207);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20277\");\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n\n script_name(english:\"FreeBSD : samba -- Multiple Vulnerabilities (1f6d97da-8f72-11eb-b3f1-005056a311d1)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The Samba Team reports :\n\n- CVE-2020-27840: An anonymous attacker can crash the Samba AD DC LDAP\nserver by sending easily crafted DNs as part of a bind request. More\nserious heap corruption is likely also possible.\n\n- CVE-2021-20277: User-controlled LDAP filter strings against the AD\nDC LDAP server may crash the LDAP server.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2020-27840.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.samba.org/samba/security/CVE-2021-20277.html\"\n );\n # https://vuxml.freebsd.org/freebsd/1f6d97da-8f72-11eb-b3f1-005056a311d1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa5e2dfd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba411\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba412\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba413\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:samba414\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/29\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"samba411<=4.11.15\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba412<4.12.14\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba413<4.13.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"samba414<4.14.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:45:49", "description": "This update for ldb fixes the following issues :\n\n - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs (bsc#1183572).\n\n - CVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold (bsc#1183574).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ldb (openSUSE-2021-469)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ldb-debugsource", "p-cpe:/a:novell:opensuse:ldb-tools", "p-cpe:/a:novell:opensuse:ldb-tools-debuginfo", "p-cpe:/a:novell:opensuse:libldb-devel", "p-cpe:/a:novell:opensuse:libldb2", "p-cpe:/a:novell:opensuse:libldb2-32bit", "p-cpe:/a:novell:opensuse:libldb2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libldb2-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb", "p-cpe:/a:novell:opensuse:python3-ldb-32bit", "p-cpe:/a:novell:opensuse:python3-ldb-32bit-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb-debuginfo", "p-cpe:/a:novell:opensuse:python3-ldb-devel", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-469.NASL", "href": "https://www.tenable.com/plugins/nessus/148141", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-469.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148141);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20277\");\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n\n script_name(english:\"openSUSE Security Update : ldb (openSUSE-2021-469)\");\n script_summary(english:\"Check for the openSUSE-2021-469 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ldb fixes the following issues :\n\n - CVE-2020-27840: Fixed an unauthenticated remote heap\n corruption via bad DNs (bsc#1183572).\n\n - CVE-2021-20277: Fixed an out of bounds read in\n ldb_handler_fold (bsc#1183574).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1183572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1183574\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ldb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ldb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldb2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/26\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-debugsource-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-tools-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"ldb-tools-debuginfo-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb-devel-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb2-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libldb2-debuginfo-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-debuginfo-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"python3-ldb-devel-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libldb2-32bit-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libldb2-32bit-debuginfo-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"python3-ldb-32bit-2.0.12-lp152.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"python3-ldb-32bit-debuginfo-2.0.12-lp152.2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldb-debugsource / ldb-tools / ldb-tools-debuginfo / libldb-devel / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-19T14:36:45", "description": "The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4888-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-24T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : ldb vulnerabilities (USN-4888-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "p-cpe:/a:canonical:ubuntu_linux:ldb-tools", "p-cpe:/a:canonical:ubuntu_linux:libldb-dev", "p-cpe:/a:canonical:ubuntu_linux:libldb1", "p-cpe:/a:canonical:ubuntu_linux:libldb2", "p-cpe:/a:canonical:ubuntu_linux:python-ldb", "p-cpe:/a:canonical:ubuntu_linux:python-ldb-dev", "p-cpe:/a:canonical:ubuntu_linux:python3-ldb", "p-cpe:/a:canonical:ubuntu_linux:python3-ldb-dev"], "id": "UBUNTU_USN-4888-1.NASL", "href": "https://www.tenable.com/plugins/nessus/148089", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4888-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148089);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20277\");\n script_xref(name:\"USN\", value:\"4888-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : ldb vulnerabilities (USN-4888-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-4888-1 advisory. Note that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4888-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libldb-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libldb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libldb2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-ldb-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-ldb-dev\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|20\\.04|20\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04 / 20.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '16.04', 'pkgname': 'ldb-tools', 'pkgver': '2:1.1.24-1ubuntu3.2'},\n {'osver': '16.04', 'pkgname': 'libldb-dev', 'pkgver': '2:1.1.24-1ubuntu3.2'},\n {'osver': '16.04', 'pkgname': 'libldb1', 'pkgver': '2:1.1.24-1ubuntu3.2'},\n {'osver': '16.04', 'pkgname': 'python-ldb', 'pkgver': '2:1.1.24-1ubuntu3.2'},\n {'osver': '16.04', 'pkgname': 'python-ldb-dev', 'pkgver': '2:1.1.24-1ubuntu3.2'},\n {'osver': '16.04', 'pkgname': 'python3-ldb', 'pkgver': '2:1.1.24-1ubuntu3.2'},\n {'osver': '16.04', 'pkgname': 'python3-ldb-dev', 'pkgver': '2:1.1.24-1ubuntu3.2'},\n {'osver': '18.04', 'pkgname': 'ldb-tools', 'pkgver': '2:1.2.3-1ubuntu0.2'},\n {'osver': '18.04', 'pkgname': 'libldb-dev', 'pkgver': '2:1.2.3-1ubuntu0.2'},\n {'osver': '18.04', 'pkgname': 'libldb1', 'pkgver': '2:1.2.3-1ubuntu0.2'},\n {'osver': '18.04', 'pkgname': 'python-ldb', 'pkgver': '2:1.2.3-1ubuntu0.2'},\n {'osver': '18.04', 'pkgname': 'python-ldb-dev', 'pkgver': '2:1.2.3-1ubuntu0.2'},\n {'osver': '20.04', 'pkgname': 'ldb-tools', 'pkgver': '2:2.0.10-0ubuntu0.20.04.3'},\n {'osver': '20.04', 'pkgname': 'libldb-dev', 'pkgver': '2:2.0.10-0ubuntu0.20.04.3'},\n {'osver': '20.04', 'pkgname': 'libldb2', 'pkgver': '2:2.0.10-0ubuntu0.20.04.3'},\n {'osver': '20.04', 'pkgname': 'python3-ldb', 'pkgver': '2:2.0.10-0ubuntu0.20.04.3'},\n {'osver': '20.04', 'pkgname': 'python3-ldb-dev', 'pkgver': '2:2.0.10-0ubuntu0.20.04.3'},\n {'osver': '20.10', 'pkgname': 'ldb-tools', 'pkgver': '2:2.1.4-2ubuntu0.1'},\n {'osver': '20.10', 'pkgname': 'libldb-dev', 'pkgver': '2:2.1.4-2ubuntu0.1'},\n {'osver': '20.10', 'pkgname': 'libldb2', 'pkgver': '2:2.1.4-2ubuntu0.1'},\n {'osver': '20.10', 'pkgname': 'python3-ldb', 'pkgver': '2:2.1.4-2ubuntu0.1'},\n {'osver': '20.10', 'pkgname': 'python3-ldb-dev', 'pkgver': '2:2.1.4-2ubuntu0.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ldb-tools / libldb-dev / libldb1 / libldb2 / python-ldb / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:50:26", "description": "According to the versions of the libldb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in samba. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write. The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-01T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : libldb (EulerOS-SA-2021-2038)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libldb", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2021-2038.NASL", "href": "https://www.tenable.com/plugins/nessus/151233", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151233);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : libldb (EulerOS-SA-2021-2038)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libldb package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A flaw was found in samba. Multiple, consecutive\n leading spaces in an LDAP attribute can lead to an\n out-of-bounds memory write. The highest threat from\n this vulnerability is to system\n availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string\n around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to\n instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this\n vulnerability is to system\n availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2038\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c6f147cf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libldb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libldb-1.2.2-1.h3.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libldb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:44:36", "description": "This update for ldb fixes the following issues :\n\nCVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs (bsc#1183572).\n\nCVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold (bsc#1183574).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-26T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : ldb (SUSE-SU-2021:0944-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ldb-debugsource", "p-cpe:/a:novell:suse_linux:ldb-tools", "p-cpe:/a:novell:suse_linux:ldb-tools-debuginfo", "p-cpe:/a:novell:suse_linux:libldb-devel", "p-cpe:/a:novell:suse_linux:libldb1", "p-cpe:/a:novell:suse_linux:libldb1-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libldb1-debuginfo", "p-cpe:/a:novell:suse_linux:python-ldb", "p-cpe:/a:novell:suse_linux:python-ldb-debuginfo", "p-cpe:/a:novell:suse_linux:python-ldb-devel", "p-cpe:/a:novell:suse_linux:python3-ldb", "p-cpe:/a:novell:suse_linux:python3-ldb-debuginfo", "p-cpe:/a:novell:suse_linux:python3-ldb-devel", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-0944-1.NASL", "href": "https://www.tenable.com/plugins/nessus/148175", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:0944-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148175);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20277\");\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : ldb (SUSE-SU-2021:0944-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ldb fixes the following issues :\n\nCVE-2020-27840: Fixed an unauthenticated remote heap corruption via\nbad DNs (bsc#1183572).\n\nCVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold\n(bsc#1183574).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183574\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27840/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2021-20277/\"\n );\n # https://www.suse.com/support/update/announcement/2021/suse-su-20210944-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?481ed88d\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Manager Server 4.0 :\n\nzypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-944=1\n\nSUSE Manager Retail Branch Server 4.0 :\n\nzypper in -t patch\nSUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-944=1\n\nSUSE Manager Proxy 4.0 :\n\nzypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-944=1\n\nSUSE Linux Enterprise Server for SAP 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2021-944=1\n\nSUSE Linux Enterprise Server 15-SP1-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-944=1\n\nSUSE Linux Enterprise Server 15-SP1-BCL :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2021-944=1\n\nSUSE Linux Enterprise Module for Python2 15-SP3 :\n\nzypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2021-944=1\n\nSUSE Linux Enterprise Module for Python2 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Python2-15-SP2-2021-944=1\n\nSUSE Linux Enterprise High Performance Computing 15-SP1-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-944=1\n\nSUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-944=1\n\nSUSE Enterprise Storage 6 :\n\nzypper in -t patch SUSE-Storage-6-2021-944=1\n\nSUSE CaaS Platform 4.0 :\n\nTo install this update, use the SUSE CaaS Platform 'skuba' tool. I\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ldb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libldb1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-ldb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-ldb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/26\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1|2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1/2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libldb1-32bit-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libldb1-32bit-debuginfo-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ldb-debugsource-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ldb-tools-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ldb-tools-debuginfo-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libldb-devel-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libldb1-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libldb1-debuginfo-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"python-ldb-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"python-ldb-debuginfo-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"python-ldb-devel-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"python3-ldb-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"python3-ldb-debuginfo-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"python3-ldb-devel-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"ldb-debugsource-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libldb1-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libldb1-debuginfo-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"python-ldb-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"python-ldb-debuginfo-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"ldb-debugsource-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb1-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libldb1-debuginfo-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"ldb-debugsource-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libldb1-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libldb1-debuginfo-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"python-ldb-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"python-ldb-debuginfo-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"ldb-debugsource-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb1-1.4.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libldb1-debuginfo-1.4.6-3.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:45:21", "description": "Two issues have been found in ldb, an LDAP-like embedded database, for example used with samba.\n\nBoth issues are related to out of bounds access, either an out of bound read or a heap corrupton, both most likely leading to an application crash.\n\nFor Debian 9 stretch, these problems have been fixed in version 2:1.1.27-1+deb9u2.\n\nWe recommend that you upgrade your ldb packages.\n\nFor the detailed security status of ldb please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ldb\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-04-01T00:00:00", "type": "nessus", "title": "Debian DLA-2611-1 : ldb security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-04-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ldb-tools", "p-cpe:/a:debian:debian_linux:libldb-dev", "p-cpe:/a:debian:debian_linux:libldb1", "p-cpe:/a:debian:debian_linux:python-ldb", "p-cpe:/a:debian:debian_linux:python-ldb-dev", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2611.NASL", "href": "https://www.tenable.com/plugins/nessus/148272", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2611-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148272);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/05\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20277\");\n\n script_name(english:\"Debian DLA-2611-1 : ldb security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Two issues have been found in ldb, an LDAP-like embedded database, for\nexample used with samba.\n\nBoth issues are related to out of bounds access, either an out of\nbound read or a heap corrupton, both most likely leading to an\napplication crash.\n\nFor Debian 9 stretch, these problems have been fixed in version\n2:1.1.27-1+deb9u2.\n\nWe recommend that you upgrade your ldb packages.\n\nFor the detailed security status of ldb please refer to its security\ntracker page at: https://security-tracker.debian.org/tracker/ldb\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/03/msg00036.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/ldb\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/ldb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ldb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libldb-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libldb1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-ldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-ldb-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"ldb-tools\", reference:\"2:1.1.27-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libldb-dev\", reference:\"2:1.1.27-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libldb1\", reference:\"2:1.1.27-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-ldb\", reference:\"2:1.1.27-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-ldb-dev\", reference:\"2:1.1.27-1+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:56:00", "description": "According to the versions of the libldb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : libldb (EulerOS-SA-2021-2397)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-09-16T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libldb", "p-cpe:/a:huawei:euleros:pyldb", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2397.NASL", "href": "https://www.tenable.com/plugins/nessus/153315", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153315);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/16\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : libldb (EulerOS-SA-2021-2397)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libldb packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple,\n consecutive leading spaces in an LDAP attribute can\n lead to an out-of-bounds memory write, leading to a\n crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system\n availability.(CVE-2021-20277)\n\n - A flaw was found in samba. Spaces used in a string\n around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to\n instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this\n vulnerability is to system\n availability.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2397\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?83a24e56\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libldb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20277\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libldb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:pyldb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libldb-1.1.29-1.h2\",\n \"pyldb-1.1.29-1.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libldb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:51:12", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system availability.(CVE-2021-20277)\n\n - An extensible library that implements an LDAP like API to access remote LDAPservers, or use local tdb databases.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : samba (EulerOS-SA-2021-1968)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20277"], "modified": "2021-06-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba-client", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2021-1968.NASL", "href": "https://www.tenable.com/plugins/nessus/150254", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150254);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/08\");\n\n script_cve_id(\n \"CVE-2020-27840\",\n \"CVE-2021-20277\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : samba (EulerOS-SA-2021-1968)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A flaw was found in Samba's libldb. Multiple,\n consecutive leading spaces in an LDAP attribute can\n lead to an out-of-bounds memory write, leading to a\n crash of the LDAP server process handling the request.\n The highest threat from this vulnerability is to system\n availability.(CVE-2021-20277)\n\n - An extensible library that implements an LDAP like API\n to access remote LDAPservers, or use local tdb\n databases.(CVE-2020-27840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1968\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84de3892\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected samba packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsmbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libwbclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-common-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:samba-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libsmbclient-4.11.6-6.h14.eulerosv2r9\",\n \"libwbclient-4.11.6-6.h14.eulerosv2r9\",\n \"samba-client-4.11.6-6.h14.eulerosv2r9\",\n \"samba-common-4.11.6-6.h14.eulerosv2r9\",\n \"samba-common-tools-4.11.6-6.h14.eulerosv2r9\",\n \"samba-libs-4.11.6-6.h14.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"samba\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-25T14:38:14", "description": "According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.\n (CVE-2021-20254)\n\n - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. (CVE-2021-20277)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-06T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.6 : samba (EulerOS-SA-2021-2883)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27840", "CVE-2021-20254", "CVE-2021-20277"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsmbclient", "p-cpe:/a:huawei:euleros:libwbclient", "p-cpe:/a:huawei:euleros:samba-client-libs", "p-cpe:/a:huawei:euleros:samba-common", "p-cpe:/a:huawei:euleros:samba-common-libs", "p-cpe:/a:huawei:euleros:samba-common-tools", "p-cpe:/a:huawei:euleros:samba-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.6"], "id": "EULEROS_SA-2021-2883.NASL", "href": "https://www.tenable.com/plugins/nessus/156532", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156532);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2020-27840\", \"CVE-2021-20254\", \"CVE-2021-20277\");\n script_xref(name:\"IAVA\", value:\"2021-A-0140-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0208-S\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.6 : samba (EulerOS-SA-2021-2883)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be\n ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory,\n resulting in a crash. The highest threat from this vulnerability is to system availability.\n (CVE-2020-27840)\n\n - A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix\n group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end\n of the array in the case where a negative cache entry had been added to the mapping cache. This could\n cause the calling code to return those values into the process to