Vulnerabilities > CVE-2015-7560 - Improper Access Control vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Embedding Scripts within Scripts An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute scripts. The attacker leverages this capability to execute scripts to execute his/her own script by embedding it within other scripts that the target software is likely to execute. The attacker must have the ability to inject script into script that is likely to be executed. If this is done, then the attacker can potentially launch a variety of probes and attacks against the web server's local environment, in many cases the so-called DMZ, back end resources the web server can communicate with, and other hosts. With the proliferation of intermediaries, such as Web App Firewalls, network devices, and even printers having JVMs and Web servers, there are many locales where an attacker can inject malicious scripts. Since this attack pattern defines scripts within scripts, there are likely privileges to execute said attack on the host. Of course, these attacks are not solely limited to the server side, client side scripts like Ajax and client side JavaScript can contain malicious scripts as well. In general all that is required is for there to be sufficient privileges to execute a script, but not protected against writing.
- Signature Spoofing by Key Theft An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Nessus
NASL family Scientific Linux Local Security Checks NASL id SL_20160315_SAMBA4_ON_SL6_X.NASL description A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) After installing this update, the smb service will be restarted automatically. last seen 2020-03-18 modified 2016-03-16 plugin id 89958 published 2016-03-16 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89958 title Scientific Linux Security Update : samba4 on SL6.x i386/x86_64 (20160315) code # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(89958); script_version("2.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/25"); script_cve_id("CVE-2015-7560"); script_name(english:"Scientific Linux Security Update : samba4 on SL6.x i386/x86_64 (20160315)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) After installing this update, the smb service will be restarted automatically." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1603&L=scientific-linux-errata&F=&S=&P=5183 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?73edaeb5" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-dc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-dc-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-pidl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-swat"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-test"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-winbind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-winbind-clients"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:samba4-winbind-krb5-locator"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/13"); script_set_attribute(attribute:"patch_publication_date", value:"2016/03/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/16"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL6", reference:"samba4-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-client-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-common-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-dc-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-dc-libs-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-debuginfo-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-devel-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-libs-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-pidl-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-python-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-swat-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-test-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-winbind-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-winbind-clients-4.0.0-68.el6_7.rc4")) flag++; if (rpm_check(release:"SL6", reference:"samba4-winbind-krb5-locator-4.0.0-68.el6_7.rc4")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "samba4 / samba4-client / samba4-common / samba4-dc / samba4-dc-libs / etc"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-399.NASL description This update for the samba server fixes the following issues : Security issue fixed : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; (bso#11648); (bsc#968222). Other bugs fixed : - Enable clustering (CTDB) support; (bsc#966271). - s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703); (bsc#964023). - vfs_fruit: Fix renaming directories with open files; (bso#11065). - Fix MacOS finder error 36 when copying folder to Samba; (bso#11347). - s3:smbd/oplock: Obey kernel oplock setting when releasing oplocks; (bso#11400). - Fix copying files with vfs_fruit when using vfs_streams_xattr without stream prefix and type suffix; (bso#11466). - s3:libsmb: Correctly initialize the list head when keeping a list of primary followed by DFS connections; (bso#11624). - Reduce the memory footprint of empty string options; (bso#11625). - lib/async_req: Do not install async_connect_send_test; (bso#11639). - docs: Fix typos in man vfs_gpfs; (bso#11641). - smbd: make last seen 2020-06-05 modified 2016-03-25 plugin id 90173 published 2016-03-25 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90173 title openSUSE Security Update : samba (openSUSE-2016-399) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2016-399. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(90173); script_version("2.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2015-7560"); script_name(english:"openSUSE Security Update : samba (openSUSE-2016-399)"); script_summary(english:"Check for the openSUSE-2016-399 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for the samba server fixes the following issues : Security issue fixed : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; (bso#11648); (bsc#968222). Other bugs fixed : - Enable clustering (CTDB) support; (bsc#966271). - s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703); (bsc#964023). - vfs_fruit: Fix renaming directories with open files; (bso#11065). - Fix MacOS finder error 36 when copying folder to Samba; (bso#11347). - s3:smbd/oplock: Obey kernel oplock setting when releasing oplocks; (bso#11400). - Fix copying files with vfs_fruit when using vfs_streams_xattr without stream prefix and type suffix; (bso#11466). - s3:libsmb: Correctly initialize the list head when keeping a list of primary followed by DFS connections; (bso#11624). - Reduce the memory footprint of empty string options; (bso#11625). - lib/async_req: Do not install async_connect_send_test; (bso#11639). - docs: Fix typos in man vfs_gpfs; (bso#11641). - smbd: make 'hide dot files' option work with 'store dos attributes = yes'; (bso#11645). - smbcacls: Fix uninitialized variable; (bso#11682). - s3:smbd: Ignore initial allocation size for directory creation; (bso#11684). - Add quotes around path of update-apparmor-samba-profile; (bsc#962177). - Prevent access denied if the share path is '/'; (bso#11647); (bsc#960249). - Ensure samlogon fallback requests are rerouted after kerberos failure; (bsc#953972). - samba: winbind crash -> netlogon_creds_client_authenticator; (bsc#953972) This update was imported from the SUSE:SLE-12-SP1:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=953382" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=953972" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=960249" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=962177" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=964023" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=966271" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=968222" ); script_set_attribute( attribute:"solution", value:"Update the affected samba packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-tests"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-atsvc-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-atsvc0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-atsvc0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-atsvc0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-atsvc0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-binding0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-samr0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgensec-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgensec0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgensec0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgensec0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgensec0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-krb5pac0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-nbt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-nbt0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-standard-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-standard0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-standard0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libnetapi-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libnetapi0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libnetapi0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libregistry-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libregistry0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libregistry0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libregistry0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libregistry0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-credentials-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-credentials0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-hostconfig0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-passdb-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-passdb0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-policy-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-policy0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-util-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-util0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-util0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamdb-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamdb0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamdb0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient-raw-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient-raw0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient-raw0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient-raw0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient-raw0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbconf-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbconf0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbconf0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbldap-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbldap0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbldap0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtevent-util-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtevent-util0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtevent-util0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwbclient-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwbclient0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwbclient0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-client-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-client-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-client-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-core-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-libs-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-libs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-libs-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-pidl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-python-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-test"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-test-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-test-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-winbind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-winbind-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1"); script_set_attribute(attribute:"patch_publication_date", value:"2016/03/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE42.1", reference:"ctdb-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"ctdb-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"ctdb-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"ctdb-tests-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"ctdb-tests-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc-atsvc-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc-atsvc0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc-atsvc0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc-binding0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc-binding0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc-samr-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc-samr0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc-samr0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libdcerpc0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libgensec-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libgensec0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libgensec0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr-krb5pac-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr-krb5pac0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr-krb5pac0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr-nbt-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr-nbt0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr-nbt0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr-standard-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr-standard0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr-standard0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libndr0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libnetapi-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libnetapi0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libnetapi0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libregistry-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libregistry0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libregistry0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-credentials-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-credentials0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-credentials0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-hostconfig-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-hostconfig0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-hostconfig0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-passdb-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-passdb0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-passdb0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-policy-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-policy0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-policy0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-util-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-util0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamba-util0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamdb-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamdb0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsamdb0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbclient-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbclient-raw-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbclient-raw0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbclient-raw0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbclient0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbclient0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbconf-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbconf0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbconf0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbldap-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbldap0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsmbldap0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libtevent-util-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libtevent-util0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libtevent-util0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libwbclient-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libwbclient0-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libwbclient0-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-client-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-client-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-core-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-debugsource-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-libs-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-libs-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-pidl-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-python-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-python-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-test-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-test-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-test-devel-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-winbind-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"samba-winbind-debuginfo-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libdcerpc-atsvc0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libdcerpc-atsvc0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libdcerpc-binding0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libdcerpc-binding0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libdcerpc-samr0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libdcerpc-samr0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libdcerpc0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libdcerpc0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libgensec0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libgensec0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libndr-krb5pac0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libndr-krb5pac0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libndr-nbt0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libndr-nbt0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libndr-standard0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libndr-standard0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libndr0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libndr0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libnetapi0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libnetapi0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libregistry0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libregistry0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamba-credentials0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamba-credentials0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamba-hostconfig0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamba-hostconfig0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamba-passdb0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamba-passdb0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamba-policy0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamba-policy0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamba-util0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamba-util0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamdb0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsamdb0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsmbclient-raw0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsmbclient-raw0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsmbclient0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsmbclient0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsmbconf0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsmbconf0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsmbldap0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsmbldap0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libtevent-util0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libtevent-util0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libwbclient0-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libwbclient0-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"samba-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"samba-client-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"samba-client-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"samba-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"samba-libs-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"samba-libs-debuginfo-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"samba-winbind-32bit-4.2.4-12.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"samba-winbind-debuginfo-32bit-4.2.4-12.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ctdb / ctdb-debuginfo / ctdb-devel / ctdb-tests / etc"); }NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-0449.NASL description From Red Hat Security Advisory 2016:0449 : Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Jeremy Allison (Google) and the Samba team as the original reporters. All samba4 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 89952 published 2016-03-16 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89952 title Oracle Linux 6 : samba4 (ELSA-2016-0449) NASL family Scientific Linux Local Security Checks NASL id SL_20160315_SAMBA_ON_SL6_X.NASL description A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) After installing this update, the smb service will be restarted automatically. last seen 2020-03-18 modified 2016-03-16 plugin id 89959 published 2016-03-16 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89959 title Scientific Linux Security Update : samba on SL6.x, SL7.x i386/x86_64 (20160315) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0447.NASL description Updated samba packages that fix one security issue and one bug are now available for Red Hat Gluster Storage 3.1 for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Jeremy Allison (Google) and the Samba team as the original reporters. This update also fixes the following bug : * Under a high load, the vfs_glusterfs AIO code would hit a use-after-free error and cause a crash. This update fixes the affected code, and crashes no longer occur. (BZ #1315736) All samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 89983 published 2016-03-17 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89983 title RHEL 6 / 7 : Storage Server (RHSA-2016:0447) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-0905-1.NASL description This update for samba fixes the following issues : Security issue fixed : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; (bso#11648); (bsc#968222). Bugs fixed : - Fix leaking memory in libsmbclient: Add missing talloc stackframe; (bso#11177); (bsc#967017). - Ensure samlogon fallback requests are rerouted after kerberos failure; (bsc#953382). - Ensure attempt to ssh into locked account triggers last seen 2020-06-01 modified 2020-06-02 plugin id 90262 published 2016-04-01 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90262 title SUSE SLES11 Security Update : samba (SUSE-SU-2016:0905-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2016-1006.NASL description According to the version of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-05-01 plugin id 99769 published 2017-05-01 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99769 title EulerOS 2.0 SP1 : samba (EulerOS-SA-2016-1006) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-0816-1.NASL description This update for the samba server fixes the following issues : Security issue fixed : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; (bso#11648); (bsc#968222). Other bugs fixed : - Enable clustering (CTDB) support; (bsc#966271). - s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703); (bsc#964023). - vfs_fruit: Fix renaming directories with open files; (bso#11065). - Fix MacOS finder error 36 when copying folder to Samba; (bso#11347). - s3:smbd/oplock: Obey kernel oplock setting when releasing oplocks; (bso#11400). - Fix copying files with vfs_fruit when using vfs_streams_xattr without stream prefix and type suffix; (bso#11466). - s3:libsmb: Correctly initialize the list head when keeping a list of primary followed by DFS connections; (bso#11624). - Reduce the memory footprint of empty string options; (bso#11625). - lib/async_req: Do not install async_connect_send_test; (bso#11639). - docs: Fix typos in man vfs_gpfs; (bso#11641). - smbd: make last seen 2020-06-01 modified 2020-06-02 plugin id 90064 published 2016-03-21 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90064 title SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:0816-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-462.NASL description samba was updated to version 4.2.4 to fix 14 security issues. These security issues were fixed : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862). - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031). - CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032). - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033). - CVE-2016-2113: TLS certificate validation were missing (bsc#973034). - CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036). - CVE-2016-2118: last seen 2020-06-05 modified 2016-04-18 plugin id 90558 published 2016-04-18 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90558 title openSUSE Security Update : samba (openSUSE-2016-462) (Badlock) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-490.NASL description This update fixes these security vulnerabilities : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862). - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031). - CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032). - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033). - CVE-2016-2113: TLS certificate validation were missing (bsc#973034). - CVE-2016-2114: last seen 2020-06-05 modified 2016-04-21 plugin id 90609 published 2016-04-21 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90609 title openSUSE Security Update : samba (openSUSE-2016-490) (Badlock) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0448.NASL description Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Jeremy Allison (Google) and the Samba team as the original reporters. All samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 89954 published 2016-03-16 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89954 title RHEL 6 / 7 : samba (RHSA-2016:0448) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-0449.NASL description Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Jeremy Allison (Google) and the Samba team as the original reporters. All samba4 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 89944 published 2016-03-16 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89944 title CentOS 6 : samba4 (CESA-2016:0449) NASL family Fedora Local Security Checks NASL id FEDORA_2016-4B55F00D00.NASL description Update to Samba 4.4.0rc4, fixes CVE-2015-7560 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-03-28 plugin id 90212 published 2016-03-28 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90212 title Fedora 24 : samba-4.4.0-0.7.rc4.fc24 (2016-4b55f00d00) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0449.NASL description Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Jeremy Allison (Google) and the Samba team as the original reporters. All samba4 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 89955 published 2016-03-16 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89955 title RHEL 6 : samba4 (RHSA-2016:0449) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-0448.NASL description From Red Hat Security Advisory 2016:0448 : Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Jeremy Allison (Google) and the Samba team as the original reporters. All samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 89951 published 2016-03-16 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89951 title Oracle Linux 6 / 7 : samba (ELSA-2016-0448) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3514.NASL description Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2015-7560 Jeremy Allison of Google, Inc. and the Samba Team discovered that Samba incorrectly handles getting and setting ACLs on a symlink path. An authenticated malicious client can use SMB1 UNIX extensions to create a symlink to a file or directory, and then use non-UNIX SMB1 calls to overwrite the contents of the ACL on the file or directory linked to. - CVE-2016-0771 Garming Sam and Douglas Bagnall of Catalyst IT discovered that Samba is vulnerable to an out-of-bounds read issue during DNS TXT record handling, if Samba is deployed as an AD DC and chosen to run the internal DNS server. A remote attacker can exploit this flaw to cause a denial of service (Samba crash), or potentially, to allow leakage of memory from the server in the form of a DNS TXT reply. Additionally this update includes a fix for a regression introduced due to the upstream fix for CVE-2015-5252 in DSA-3433-1 in setups where the share path is last seen 2020-06-01 modified 2020-06-02 plugin id 89876 published 2016-03-14 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89876 title Debian DSA-3514-1 : samba - security update NASL family Fedora Local Security Checks NASL id FEDORA_2016-CAD77A4576.NASL description Update to Samba 4.2.9, fixes CVE-2015-7560 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-03-14 plugin id 89889 published 2016-03-14 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/89889 title Fedora 22 : samba-4.2.9-0.fc22 (2016-cad77a4576) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-0814-1.NASL description This update for samba fixes the following issues : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target. (bso#11648 bsc#968222) Also the following bugs were fixed : - Add quotes around path of update-apparmor-samba-profile; (bsc#962177). - Prevent access denied if the share path is last seen 2020-06-01 modified 2020-06-02 plugin id 90063 published 2016-03-21 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90063 title SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:0814-1) NASL family Misc. NASL id SAMBA_4_3_6.NASL description According to its banner, the version of Samba running on the remote host is 3.2.x prior to 4.1.23, 4.2.x prior to 4.2.9, 4.3.x prior to 4.3.6, or 4.4.0 prior to 4.4.0rc4. It is, therefore, affected by the following vulnerabilities : - A security bypass vulnerability exists in the SMB1 implementation that is triggered when a symlink created to a file or directory using SMB1 UNIX extensions is accessed using non-UNIX SMB1 calls. An authenticated, remote attacker can exploit this to overwrite file and directory ACLs. (CVE-2015-7560) - An out-of-bounds read error exists in the internal DNS server due to improper handling of TXT records when an AD DC is configured. An authenticated, remote attacker can exploit this, via a crafted DNS TXT record, to cause a crash or disclose memory contents. (CVE-2016-0771) Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 90098 published 2016-03-23 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90098 title Samba 3.2.x < 4.1.23 / 4.2.x < 4.2.9 / 4.3.x < 4.3.6 / 4.4.0 < 4.4.0rc4 Multiple Vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2922-1.NASL description Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks. (CVE-2015-7560) Garming Sam and Douglas Bagnall discovered that the Samba internal DNS server incorrectly handled certain DNS TXT records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly obtain uninitialized memory contents. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-0771) It was discovered that the Samba Web Administration Tool (SWAT) was vulnerable to clickjacking and cross-site request forgery attacks. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-0213, CVE-2013-0214). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 89777 published 2016-03-09 reporter Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89777 title Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : samba vulnerabilities (USN-2922-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-0837-1.NASL description This update for samba fixes the following issues : Security issue fixed : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; (bso#11648); (bsc#968222). Bug fixed : - Fix leaking memory in libsmbclient: Add missing talloc stackframe; (bso#11177); (bsc#967017). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 90093 published 2016-03-22 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90093 title SUSE SLED11 / SLES11 Security Update : samba (SUSE-SU-2016:0837-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-0448.NASL description Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Jeremy Allison (Google) and the Samba team as the original reporters. All samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 89943 published 2016-03-16 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89943 title CentOS 6 / 7 : samba (CESA-2016:0448) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2016-068-02.NASL description New samba packages are available for Slackware 14.1 and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 89759 published 2016-03-09 reporter This script is Copyright (C) 2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/89759 title Slackware 14.1 / current : samba (SSA:2016-068-02) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-359.NASL description This update for samba fixes the following issues : Version update to 4.1.23. + Getting and setting Windows ACLs on symlinks can change permissions on link target; CVE-2015-7560; (bso#11648); (boo#968222). + Fix Out-of-bounds read in internal DNS server; CVE-2016-0771; (bso#11128); (bso#11686); (boo#968223). Also fixed : - Ensure samlogon fallback requests are rerouted after kerberos failure; (bnc#953382); (bnc#953972). last seen 2020-06-05 modified 2016-03-21 plugin id 90054 published 2016-03-21 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90054 title openSUSE Security Update : samba (openSUSE-2016-359) NASL family Fedora Local Security Checks NASL id FEDORA_2016-ED1587F6BA.NASL description Update to Samba 4.3.6, fixes CVE-2015-7560 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-03-14 plugin id 89894 published 2016-03-14 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/89894 title Fedora 23 : samba-4.3.6-0.fc23 (2016-ed1587f6ba) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2016-674.NASL description A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. last seen 2020-06-01 modified 2020-06-02 plugin id 90267 published 2016-04-01 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90267 title Amazon Linux AMI : samba (ALAS-2016-674)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178730.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178730.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178764.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178764.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180000.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180000.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00063.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00063.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00064.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00064.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00065.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00065.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00081.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00081.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00090.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00090.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00092.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00092.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
- http://www.debian.org/security/2016/dsa-3514
- http://www.debian.org/security/2016/dsa-3514
- http://www.securityfocus.com/bid/84267
- http://www.securityfocus.com/bid/84267
- http://www.securitytracker.com/id/1035220
- http://www.securitytracker.com/id/1035220
- http://www.ubuntu.com/usn/USN-2922-1
- http://www.ubuntu.com/usn/USN-2922-1
- https://bugzilla.samba.org/show_bug.cgi?id=11648
- https://bugzilla.samba.org/show_bug.cgi?id=11648
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05121842
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05121842
- https://www.samba.org/samba/security/CVE-2015-7560.html
- https://www.samba.org/samba/security/CVE-2015-7560.html