Vulnerabilities > CVE-2018-1057 - Incorrect Authorization vulnerability in multiple products

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
debian
canonical
samba
CWE-863
nessus

Summary

On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).

Vulnerable Configurations

Part Description Count
OS
Debian
1
OS
Canonical
3
Application
Samba
156

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1754.NASL
    descriptionVarious vulnerabilities were discovered in Samba, SMB/CIFS file, print, and login server/client for Unix CVE-2017-9461 smbd in Samba had a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks. CVE-2018-1050 Samba was vulnerable to a denial of service attack when the RPC spoolss service was configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could have caused the print spooler service to crash. CVE-2018-1057 On a Samba 4 AD DC the LDAP server of Samba incorrectly validated permissions to modify passwords over LDAP allowing authenticated users to change any other users
    last seen2020-06-01
    modified2020-06-02
    plugin id123959
    published2019-04-10
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123959
    titleDebian DLA-1754-1 : samba security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-1754-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(123959);
      script_version("1.4");
      script_cvs_date("Date: 2020/01/23");
    
      script_cve_id("CVE-2017-9461", "CVE-2018-1050", "CVE-2018-1057", "CVE-2019-3880");
    
      script_name(english:"Debian DLA-1754-1 : samba security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Various vulnerabilities were discovered in Samba, SMB/CIFS file,
    print, and login server/client for Unix
    
    CVE-2017-9461
    
    smbd in Samba had a denial of service vulnerability (fd_open_atomic
    infinite loop with high CPU usage and memory consumption) due to
    wrongly handling dangling symlinks.
    
    CVE-2018-1050
    
    Samba was vulnerable to a denial of service attack when the RPC
    spoolss service was configured to be run as an external daemon.
    Missing input sanitization checks on some of the input parameters to
    spoolss RPC calls could have caused the print spooler service to
    crash.
    
    CVE-2018-1057
    
    On a Samba 4 AD DC the LDAP server of Samba incorrectly validated
    permissions to modify passwords over LDAP allowing authenticated users
    to change any other users' passwords, including administrative users
    and privileged service accounts (eg Domain Controllers).
    
    Thanks to the Ubuntu security team for having backported the
    rather invasive changeset to Samba in Ubuntu 14.04 (which we
    could use to patch Samba in Debian jessie LTS).
    
    CVE-2019-3880
    
    A flaw was found in the way Samba implemented an RPC endpoint
    emulating the Windows registry service API. An unprivileged attacker
    could have used this flaw to create a new registry hive file anywhere
    they had unix permissions which could have lead to creation of a new
    file in the Samba share.
    
    For Debian 8 'Jessie', these problems have been fixed in version
    2:4.2.14+dfsg-0+deb8u12.
    
    We recommend that you upgrade your samba packages.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/jessie/samba"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-1057");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libnss-winbind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpam-smbpass");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpam-winbind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libparse-pidl-perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsmbclient");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsmbclient-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsmbsharemodes-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsmbsharemodes0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwbclient-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwbclient0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python-samba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:registry-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba-common-bin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba-dsdb-modules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba-testsuite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba-vfs-modules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:smbclient");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:winbind");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/06");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/04/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/10");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"8.0", prefix:"libnss-winbind", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"libpam-smbpass", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"libpam-winbind", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"libparse-pidl-perl", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"libsmbclient", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"libsmbclient-dev", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"libsmbsharemodes-dev", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"libsmbsharemodes0", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"libwbclient-dev", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"libwbclient0", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"python-samba", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"registry-tools", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"samba", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"samba-common", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"samba-common-bin", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"samba-dbg", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"samba-dev", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"samba-doc", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"samba-dsdb-modules", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"samba-libs", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"samba-testsuite", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"samba-vfs-modules", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"smbclient", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    if (deb_check(release:"8.0", prefix:"winbind", reference:"2:4.2.14+dfsg-0+deb8u12")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4135.NASL
    descriptionSeveral vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2018-1050 It was discovered that Samba is prone to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. https://www.samba.org/samba/security/CVE-2018-1050.html - CVE-2018-1057 Bjoern Baumbach from Sernet discovered that on Samba 4 AD DC the LDAP server incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users passwords, including administrative users. https://www.samba.org/samba/security/CVE-2018-1057.html https://wiki.samba.org/index.php/CVE-2018-1057
    last seen2020-06-01
    modified2020-06-02
    plugin id108304
    published2018-03-14
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108304
    titleDebian DSA-4135-1 : samba - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-4135. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(108304);
      script_version("1.6");
      script_cvs_date("Date: 2018/11/13 12:30:46");
    
      script_cve_id("CVE-2018-1050", "CVE-2018-1057");
      script_xref(name:"DSA", value:"4135");
    
      script_name(english:"Debian DSA-4135-1 : samba - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several vulnerabilities have been discovered in Samba, a SMB/CIFS
    file, print, and login server for Unix. The Common Vulnerabilities and
    Exposures project identifies the following issues :
    
      - CVE-2018-1050
        It was discovered that Samba is prone to a denial of
        service attack when the RPC spoolss service is
        configured to be run as an external daemon.
    
        https://www.samba.org/samba/security/CVE-2018-1050.html
    
      - CVE-2018-1057
        Bjoern Baumbach from Sernet discovered that on Samba 4
        AD DC the LDAP server incorrectly validates permissions
        to modify passwords over LDAP allowing authenticated
        users to change any other users passwords, including
        administrative users.
    
        https://www.samba.org/samba/security/CVE-2018-1057.html
    
        https://wiki.samba.org/index.php/CVE-2018-1057"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2018-1050"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.samba.org/samba/security/CVE-2018-1050.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2018-1057"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.samba.org/samba/security/CVE-2018-1057.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://wiki.samba.org/index.php/CVE-2018-1057"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/source-package/samba"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/stretch/samba"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2018/dsa-4135"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the samba packages.
    
    For the oldstable distribution (jessie), CVE-2018-1050 will be
    addressed in a later update. Unfortunately the changes required to fix
    CVE-2018-1057 for Debian oldstable are too invasive to be backported.
    Users using Samba as an AD-compatible domain controller are encouraged
    to apply the workaround described in the Samba wiki and upgrade to
    Debian stretch.
    
    For the stable distribution (stretch), these problems have been fixed
    in version 2:4.5.12+dfsg-2+deb9u2."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:samba");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2018/03/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"9.0", prefix:"ctdb", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"libnss-winbind", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"libpam-winbind", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"libparse-pidl-perl", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"libsmbclient", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"libsmbclient-dev", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"libwbclient-dev", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"libwbclient0", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"python-samba", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"registry-tools", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"samba", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"samba-common", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"samba-common-bin", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"samba-dev", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"samba-dsdb-modules", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"samba-libs", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"samba-testsuite", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"samba-vfs-modules", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"smbclient", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    if (deb_check(release:"9.0", prefix:"winbind", reference:"2:4.5.12+dfsg-2+deb9u2")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-649.NASL
    descriptionSamba was updated to 4.6.14, fixing bugs and security issues : Version update to 4.6.14 (bsc#1093664) : + vfs_ceph: add fake async pwrite/pread send/recv hooks; (bso#13425). + Fix memory leak in vfs_ceph; (bso#13424). + winbind: avoid using fstrcpy(dcname,...) in _dual_init_connection; (bso#13294). + s3:smb2_server: correctly maintain request counters for compound requests; (bso#13215). + s3: smbd: Unix extensions attempts to change wrong field in fchown call; (bso#13375). + s3:smbd: map nterror on smb2_flush errorpath; (bso#13338). + vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async; (bso#13297). + s3: smbd: Fix possible directory fd leak if the underlying OS doesn
    last seen2020-06-05
    modified2018-06-18
    plugin id110593
    published2018-06-18
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110593
    titleopenSUSE Security Update : samba (openSUSE-2018-649)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2018-649.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(110593);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2018-1057");
    
      script_name(english:"openSUSE Security Update : samba (openSUSE-2018-649)");
      script_summary(english:"Check for the openSUSE-2018-649 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Samba was updated to 4.6.14, fixing bugs and security issues :
    
    Version update to 4.6.14 (bsc#1093664) :
    
      + vfs_ceph: add fake async pwrite/pread send/recv hooks;
        (bso#13425).
    
      + Fix memory leak in vfs_ceph; (bso#13424).
    
      + winbind: avoid using fstrcpy(dcname,...) in
        _dual_init_connection; (bso#13294).
    
      + s3:smb2_server: correctly maintain request counters for
        compound requests; (bso#13215).
    
      + s3: smbd: Unix extensions attempts to change wrong field
        in fchown call; (bso#13375).
    
      + s3:smbd: map nterror on smb2_flush errorpath;
        (bso#13338).
    
      + vfs_glusterfs: Fix the wrong pointer being sent in
        glfs_fsync_async; (bso#13297).
    
      + s3: smbd: Fix possible directory fd leak if the
        underlying OS doesn't support fdopendir(); (bso#13270).
    
      + s3: ldap: Ensure the ADS_STRUCT pointer doesn't get
        freed on error, we don't own it here; (bso#13244).
    
      + s3:libsmb: allow -U'\\administrator' to work;
        (bso#13206).
    
      + CVE-2018-1057: s4:dsdb: fix unprivileged password
        changes; (bso#13272); (bsc#1081024).
    
      + s3:smbd: Do not crash if we fail to init the session
        table; (bso#13315).
    
      + libsmb: Use smb2 tcon if conn_protocol >= SMB2_02;
        (bso#13310).
    
      + smbXcli: Add 'force_channel_sequence'; (bso#13215).
    
      + smbd: Fix channel sequence number checks for
        long-running requests; (bso#13215).
    
      + s3:smb2_server: allow logoff, close, unlock, cancel and
        echo on expired sessions; (bso#13197).
    
      + s3:smbd: return the correct error for cancelled SMB2
        notifies on expired sessions; (bso#13197).
    
      + samba: Only use async signal-safe functions in signal
        handler; (bso#13240).
    
      + subnet: Avoid a segfault when renaming subnet objects;
        (bso#13031).
    
      - Fix vfs_ceph with 'aio read size' or 'aio write size' >
        0; (bsc#1093664).
    
      + vfs_ceph: add fake async pwrite/pread send/recv hooks;
        (bso#13425).
    
      + Fix memory leak in vfs_ceph; (bso#13424).
    
    This update was imported from the SUSE:SLE-12-SP3:Update update
    project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1081024"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1093664"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected samba packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-tests");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-tests-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-binding0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-samr-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-samr0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-krb5pac-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-krb5pac0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-nbt-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-nbt0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-nbt0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-standard-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-standard0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-standard0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libndr0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libnetapi-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libnetapi0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libnetapi0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libnetapi0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-credentials-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-credentials0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-errors-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-errors0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-errors0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-errors0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-hostconfig0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-passdb-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-passdb0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-passdb0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-passdb0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-policy-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-policy0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-policy0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-util-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-util0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-util0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamdb-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamdb0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamdb0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsamdb0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbconf-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbconf0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbconf0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbldap-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbldap0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbldap0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtevent-util-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtevent-util0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtevent-util0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwbclient-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwbclient0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwbclient0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwbclient0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-ceph");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-ceph-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-client");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-client-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-client-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-client-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-core-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-libs-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-libs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-libs-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-pidl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-python");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-python-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-test");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-test-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-winbind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-winbind-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:samba-winbind-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2018/06/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/06/18");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.3", reference:"ctdb-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ctdb-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ctdb-tests-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ctdb-tests-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libdcerpc-binding0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libdcerpc-binding0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libdcerpc-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libdcerpc-samr-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libdcerpc-samr0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libdcerpc-samr0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libdcerpc0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libdcerpc0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr-krb5pac-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr-krb5pac0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr-krb5pac0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr-nbt-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr-nbt0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr-nbt0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr-standard-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr-standard0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr-standard0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libndr0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libnetapi-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libnetapi0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libnetapi0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-credentials-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-credentials0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-credentials0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-errors-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-errors0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-errors0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-hostconfig-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-hostconfig0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-hostconfig0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-passdb-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-passdb0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-passdb0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-policy-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-policy0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-policy0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-util-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-util0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamba-util0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamdb-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamdb0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsamdb0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsmbclient-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsmbclient0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsmbclient0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsmbconf-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsmbconf0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsmbconf0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsmbldap-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsmbldap0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libsmbldap0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libtevent-util-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libtevent-util0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libtevent-util0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libwbclient-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libwbclient0-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libwbclient0-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-client-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-client-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-core-devel-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-debugsource-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-libs-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-libs-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-pidl-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-python-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-python-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-test-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-test-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-winbind-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"samba-winbind-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libdcerpc-binding0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libdcerpc-binding0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libdcerpc-samr0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libdcerpc-samr0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libdcerpc0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libdcerpc0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libndr-krb5pac0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libndr-krb5pac0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libndr-nbt0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libndr-nbt0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libndr-standard0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libndr-standard0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libndr0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libndr0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libnetapi0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libnetapi0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-credentials0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-credentials0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-errors0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-errors0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-hostconfig0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-hostconfig0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-passdb0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-passdb0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-policy0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-policy0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-util0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamba-util0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamdb0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsamdb0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsmbclient0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsmbclient0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsmbconf0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsmbconf0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsmbldap0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libsmbldap0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libtevent-util0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libtevent-util0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libwbclient0-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libwbclient0-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"samba-ceph-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"samba-ceph-debuginfo-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"samba-client-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"samba-client-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"samba-libs-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"samba-libs-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"samba-winbind-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"samba-winbind-debuginfo-32bit-4.6.14+git.150.1540e575faf-15.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ctdb / ctdb-debuginfo / ctdb-tests / ctdb-tests-debuginfo / etc");
    }
    
  • NASL familyMisc.
    NASL idSAMBA_4_7_6.NASL
    descriptionThe version of Samba running on the remote host is 4.5.x prior to 4.5.16, or 4.6.x prior to 4.6.14, or 4.7.x prior to 4.7.6. It is, therefore, affected by a remote DoS and a remote password manipulation vulnerability. Note: Refer to the advisories for possible workarounds. Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id108378
    published2018-03-15
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108378
    titleSamba 4.5.x < 4.5.16 / 4.6.x < 4.6.14 / 4.7.x < 4.7.6 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(108378);
      script_version("1.4");
      script_cvs_date("Date: 2019/11/08");
    
      script_cve_id("CVE-2018-1050", "CVE-2018-1057");
      script_bugtraq_id(103382, 103387);
    
      script_name(english:"Samba 4.5.x < 4.5.16 / 4.6.x < 4.6.14 / 4.7.x < 4.7.6 Multiple Vulnerabilities");
      script_summary(english:"Checks the version of Samba.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Samba server is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of Samba running on the remote host is 4.5.x prior to
    4.5.16, or 4.6.x prior to 4.6.14, or 4.7.x prior to 4.7.6. It is,
    therefore, affected by a remote DoS and a remote password manipulation
    vulnerability.
    
    Note: Refer to the advisories for possible workarounds.
    
    Note that Nessus has not tested for this issue but has instead relied
    only on the application's self-reported version number.");
      script_set_attribute(attribute:"see_also", value:"https://www.samba.org/samba/security/CVE-2018-1050.html");
      script_set_attribute(attribute:"see_also", value:"https://www.samba.org/samba/security/CVE-2018-1057.html");
      script_set_attribute(attribute:"see_also", value:"https://www.samba.org/samba/history/samba-4.5.16.html");
      script_set_attribute(attribute:"see_also", value:"https://www.samba.org/samba/history/samba-4.6.14.html");
      script_set_attribute(attribute:"see_also", value:"https://www.samba.org/samba/history/samba-4.7.6.html");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Samba version 4.5.16 / 4.6.14 / 4.7.6 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-1057");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/13");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/03/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/15");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:samba:samba");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Misc.");
    
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("smb_nativelanman.nasl");
      script_require_keys("SMB/NativeLanManager", "SMB/samba", "Settings/ParanoidReport");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    port = get_kb_item("SMB/transport");
    if (!port) port = 445;
    
    lanman = get_kb_item_or_exit("SMB/NativeLanManager");
    
    if ("Samba " >!< lanman) audit(AUDIT_NOT_LISTEN, "Samba", port);
    
    version = lanman - 'Samba ';
    
    if (version =~ "^4(\.[5-9])?$")
      audit(AUDIT_VER_NOT_GRANULAR, "Samba", port, version);
    
    fix = NULL;
    
    regexes = make_array(-2, "a(\d+)", -1, "rc(\d+)");
    
    # Affected :
    # Note versions prior to 4.6 are EoL
    # https://wiki.samba.org/index.php/Samba_Release_Planning
    #
    # We are including a 4.5.x check because they did release 4.5.16
    # 4.5.x < 4.5.16
    # 4.6.x < 4.6.14
    # 4.7.x < 4.7.6
    if (version =~ "^4\.5\.")
      fix = '4.5.16';
    else if (version =~ "^4\.6\.")
      fix = '4.6.14';
    else if (version =~ "^4\.7\.")
      fix = '4.7.6';
    
    if ( !isnull(fix) &&
         (ver_compare(ver:version, fix:fix, regexes:regexes) < 0) &&
         (ver_compare(ver:version, fix:'4.0.0', regexes:regexes) >= 0) )
    {
      report = '\n  Installed version : ' + version +
               '\n  Fixed version     : ' + fix +
               '\n';
      security_report_v4(port:port, severity:SECURITY_WARNING, extra:report);
    }
    else audit(AUDIT_LISTEN_NOT_VULN, "Samba", port, version);
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_FB26F78A26A911E8A1C200505689D4AE.NASL
    descriptionThe samba project reports : Missing NULL pointer checks may crash the external print server process. On a Samba 4 AD DC any authenticated user can change other user
    last seen2020-06-01
    modified2020-06-02
    plugin id108316
    published2018-03-14
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108316
    titleFreeBSD : samba -- multiple vulnerabilities (fb26f78a-26a9-11e8-a1c2-00505689d4ae)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2018 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(108316);
      script_version("1.5");
      script_cvs_date("Date: 2018/11/10 11:49:47");
    
      script_cve_id("CVE-2018-1050", "CVE-2018-1057");
    
      script_name(english:"FreeBSD : samba -- multiple vulnerabilities (fb26f78a-26a9-11e8-a1c2-00505689d4ae)");
      script_summary(english:"Checks for updated packages in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote FreeBSD host is missing one or more security-related
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The samba project reports :
    
    Missing NULL pointer checks may crash the external print server
    process.
    
    On a Samba 4 AD DC any authenticated user can change other user's
    passwords over LDAP, including the passwords of administrative users
    and service accounts."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.samba.org/samba/security/CVE-2018-1050.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.samba.org/samba/security/CVE-2018-1057.html"
      );
      # https://vuxml.freebsd.org/freebsd/fb26f78a-26a9-11e8-a1c2-00505689d4ae.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a566c41f"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:samba44");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:samba45");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:samba46");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:samba47");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/01/03");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/03/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"samba44<4.4.17")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"samba45<4.5.16")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"samba46<4.6.14")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"samba47<4.7.6")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3595-1.NASL
    descriptionBjorn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users. (CVE-2018-1057) It was discovered that Samba incorrectly validated inputs to the RPC spoolss service. An authenticated attacker could use this issue to cause the service to crash, resulting in a denial of service. (CVE-2018-1050). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id108335
    published2018-03-14
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108335
    titleUbuntu 14.04 LTS / 16.04 LTS / 17.10 : samba vulnerabilities (USN-3595-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-3595-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(108335);
      script_version("1.6");
      script_cvs_date("Date: 2019/09/18 12:31:48");
    
      script_cve_id("CVE-2018-1050", "CVE-2018-1057");
      script_xref(name:"USN", value:"3595-1");
    
      script_name(english:"Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : samba vulnerabilities (USN-3595-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Bjorn Baumbach discovered that Samba incorrectly validated
    permissions when changing account passwords via LDAP. An authenticated
    attacker could use this issue to change the password of other users,
    including administrators, and perform actions as those users.
    (CVE-2018-1057)
    
    It was discovered that Samba incorrectly validated inputs to the RPC
    spoolss service. An authenticated attacker could use this issue to
    cause the service to crash, resulting in a denial of service.
    (CVE-2018-1050).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/3595-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected samba and / or samba-dsdb-modules packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:samba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:samba-dsdb-modules");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:17.10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/13");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/03/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/14");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(14\.04|16\.04|17\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 14.04 / 16.04 / 17.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"14.04", pkgname:"samba", pkgver:"2:4.3.11+dfsg-0ubuntu0.14.04.14")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"samba-dsdb-modules", pkgver:"2:4.3.11+dfsg-0ubuntu0.14.04.14")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"samba", pkgver:"2:4.3.11+dfsg-0ubuntu0.16.04.13")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"samba-dsdb-modules", pkgver:"2:4.3.11+dfsg-0ubuntu0.16.04.13")) flag++;
    if (ubuntu_check(osver:"17.10", pkgname:"samba", pkgver:"2:4.6.7+dfsg-1ubuntu3.2")) flag++;
    if (ubuntu_check(osver:"17.10", pkgname:"samba-dsdb-modules", pkgver:"2:4.6.7+dfsg-1ubuntu3.2")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "samba / samba-dsdb-modules");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-C5C651AC44.NASL
    descriptionSecurity fix for CVE-2018-1050 CVE-2018-1057 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-03-15
    plugin id108349
    published2018-03-15
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108349
    titleFedora 27 : 2:samba / libldb (2018-c5c651ac44)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2018-c5c651ac44.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(108349);
      script_version("1.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2018-1050", "CVE-2018-1057");
      script_xref(name:"FEDORA", value:"2018-c5c651ac44");
    
      script_name(english:"Fedora 27 : 2:samba / libldb (2018-c5c651ac44)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security fix for CVE-2018-1050 CVE-2018-1057
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-c5c651ac44"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected 2:samba and / or libldb packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:2:samba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libldb");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:27");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/13");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/03/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/15");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^27([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 27", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC27", reference:"samba-4.7.6-0.fc27", epoch:"2")) flag++;
    if (rpm_check(release:"FC27", reference:"libldb-1.3.2-1.fc27")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "2:samba / libldb");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201805-07.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201805-07 (Samba: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code, cause a Denial of Service condition, conduct a man-in-the-middle attack, or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id109974
    published2018-05-23
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109974
    titleGLSA-201805-07 : Samba: Multiple vulnerabilities (SambaCry)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201805-07.
    #
    # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(109974);
      script_version("1.4");
      script_cvs_date("Date: 2019/04/08 10:48:58");
    
      script_cve_id("CVE-2016-2119", "CVE-2017-14746", "CVE-2017-15275", "CVE-2017-7494", "CVE-2018-1050", "CVE-2018-1057");
      script_xref(name:"GLSA", value:"201805-07");
    
      script_name(english:"GLSA-201805-07 : Samba: Multiple vulnerabilities (SambaCry)");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201805-07
    (Samba: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in Samba. Please review
          the CVE identifiers referenced below for details.
      
    Impact :
    
        A remote attacker could possibly execute arbitrary code, cause a Denial
          of Service condition, conduct a man-in-the-middle attack, or obtain
          sensitive information.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201805-07"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Samba users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=net-fs/samba-4.5.16'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Samba is_known_pipename() Arbitrary Module Load');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:samba");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/07/07");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/05/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/23");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"net-fs/samba", unaffected:make_list("ge 4.5.16"), vulnerable:make_list("lt 4.5.16"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Samba");
    }
    
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2018-072-02.NASL
    descriptionNew samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security a issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id108303
    published2018-03-14
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108303
    titleSlackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2018-072-02)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Slackware Security Advisory 2018-072-02. The text 
    # itself is copyright (C) Slackware Linux, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(108303);
      script_version("1.3");
      script_cvs_date("Date: 2018/09/04 13:20:08");
    
      script_cve_id("CVE-2018-1057");
      script_xref(name:"SSA", value:"2018-072-02");
    
      script_name(english:"Slackware 14.0 / 14.1 / 14.2 / current : samba (SSA:2018-072-02)");
      script_summary(english:"Checks for updated package in /var/log/packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Slackware host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "New samba packages are available for Slackware 14.0, 14.1, 14.2, and
    -current to fix security a issue."
      );
      # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.449448
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?f60c679e"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected samba package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:samba");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2018/03/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Slackware Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("slackware.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
    if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
    
    
    flag = 0;
    if (slackware_check(osver:"14.0", pkgname:"samba", pkgver:"4.4.16", pkgarch:"i486", pkgnum:"3_slack14.0")) flag++;
    if (slackware_check(osver:"14.0", arch:"x86_64", pkgname:"samba", pkgver:"4.4.16", pkgarch:"x86_64", pkgnum:"3_slack14.0")) flag++;
    
    if (slackware_check(osver:"14.1", pkgname:"samba", pkgver:"4.4.16", pkgarch:"i486", pkgnum:"3_slack14.1")) flag++;
    if (slackware_check(osver:"14.1", arch:"x86_64", pkgname:"samba", pkgver:"4.4.16", pkgarch:"x86_64", pkgnum:"3_slack14.1")) flag++;
    
    if (slackware_check(osver:"14.2", pkgname:"samba", pkgver:"4.4.16", pkgarch:"i586", pkgnum:"3_slack14.2")) flag++;
    if (slackware_check(osver:"14.2", arch:"x86_64", pkgname:"samba", pkgver:"4.4.16", pkgarch:"x86_64", pkgnum:"3_slack14.2")) flag++;
    
    if (slackware_check(osver:"current", pkgname:"samba", pkgver:"4.7.6", pkgarch:"i586", pkgnum:"1")) flag++;
    if (slackware_check(osver:"current", arch:"x86_64", pkgname:"samba", pkgver:"4.7.6", pkgarch:"x86_64", pkgnum:"1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-1687-1.NASL
    descriptionSamba was updated to 4.6.14, fixing bugs and security issues: Version update to 4.6.14 (bsc#1093664) : + vfs_ceph: add fake async pwrite/pread send/recv hooks; (bso#13425). + Fix memory leak in vfs_ceph; (bso#13424). + winbind: avoid using fstrcpy(dcname,...) in _dual_init_connection; (bso#13294). + s3:smb2_server: correctly maintain request counters for compound requests; (bso#13215). + s3: smbd: Unix extensions attempts to change wrong field in fchown call; (bso#13375). + s3:smbd: map nterror on smb2_flush errorpath; (bso#13338). + vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async; (bso#13297). + s3: smbd: Fix possible directory fd leak if the underlying OS doesn
    last seen2020-06-01
    modified2020-06-02
    plugin id110531
    published2018-06-14
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110531
    titleSUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2018:1687-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2018:1687-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(110531);
      script_version("1.4");
      script_cvs_date("Date: 2019/09/10 13:51:48");
    
      script_cve_id("CVE-2018-1057");
    
      script_name(english:"SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2018:1687-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Samba was updated to 4.6.14, fixing bugs and security issues: Version
    update to 4.6.14 (bsc#1093664) :
    
      + vfs_ceph: add fake async pwrite/pread send/recv hooks;
        (bso#13425).
    
      + Fix memory leak in vfs_ceph; (bso#13424).
    
      + winbind: avoid using fstrcpy(dcname,...) in
        _dual_init_connection; (bso#13294).
    
      + s3:smb2_server: correctly maintain request counters for
        compound requests; (bso#13215).
    
      + s3: smbd: Unix extensions attempts to change wrong field
        in fchown call; (bso#13375).
    
      + s3:smbd: map nterror on smb2_flush errorpath;
        (bso#13338).
    
      + vfs_glusterfs: Fix the wrong pointer being sent in
        glfs_fsync_async; (bso#13297).
    
      + s3: smbd: Fix possible directory fd leak if the
        underlying OS doesn't support fdopendir(); (bso#13270).
    
      + s3: ldap: Ensure the ADS_STRUCT pointer doesn't get
        freed on error, we don't own it here; (bso#13244).
    
      + s3:libsmb: allow -U'\\administrator' to work;
        (bso#13206).
    
      + CVE-2018-1057: s4:dsdb: fix unprivileged password
        changes; (bso#13272); (bsc#1081024).
    
      + s3:smbd: Do not crash if we fail to init the session
        table; (bso#13315).
    
      + libsmb: Use smb2 tcon if conn_protocol >= SMB2_02;
        (bso#13310).
    
      + smbXcli: Add 'force_channel_sequence'; (bso#13215).
    
      + smbd: Fix channel sequence number checks for
        long-running requests; (bso#13215).
    
      + s3:smb2_server: allow logoff, close, unlock, cancel and
        echo on expired sessions; (bso#13197).
    
      + s3:smbd: return the correct error for cancelled SMB2
        notifies on expired sessions; (bso#13197).
    
      + samba: Only use async signal-safe functions in signal
        handler; (bso#13240).
    
      + subnet: Avoid a segfault when renaming subnet objects;
        (bso#13031).
    
      - Fix vfs_ceph with 'aio read size' or 'aio write size' >
        0; (bsc#1093664).
    
      + vfs_ceph: add fake async pwrite/pread send/recv hooks;
        (bso#13425).
    
      + Fix memory leak in vfs_ceph; (bso#13424).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1081024"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1093664"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-1057/"
      );
      # https://www.suse.com/support/update/announcement/2018/suse-su-20181687-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?5fce8919"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t
    patch SUSE-SLE-SDK-12-SP3-2018-1132=1
    
    SUSE Linux Enterprise Server 12-SP3:zypper in -t patch
    SUSE-SLE-SERVER-12-SP3-2018-1132=1
    
    SUSE Linux Enterprise High Availability 12-SP3:zypper in -t patch
    SUSE-SLE-HA-12-SP3-2018-1132=1
    
    SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP3-2018-1132=1
    
    SUSE Enterprise Storage 5:zypper in -t patch
    SUSE-Storage-5-2018-1132=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdcerpc-binding0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdcerpc-binding0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdcerpc0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdcerpc0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-krb5pac0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-krb5pac0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-nbt0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-nbt0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-standard0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr-standard0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libndr0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libnetapi0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libnetapi0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-credentials0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-credentials0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-errors0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-errors0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-hostconfig0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-passdb0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-passdb0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-util0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamba-util0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamdb0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsamdb0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbclient0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbclient0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbconf0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbconf0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbldap0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmbldap0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libtevent-util0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libtevent-util0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwbclient0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwbclient0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-client");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-client-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-libs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-winbind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:samba-winbind-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/13");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/06/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/06/14");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP3", os_ver + " SP" + sp);
    if (os_ver == "SLED12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP3", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libdcerpc-binding0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libdcerpc-binding0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libdcerpc0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libdcerpc0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-krb5pac0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-krb5pac0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-nbt0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-nbt0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-standard0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-standard0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libnetapi0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libnetapi0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-credentials0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-credentials0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-errors0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-errors0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-hostconfig0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-hostconfig0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-passdb0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-passdb0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-util0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-util0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamdb0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamdb0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbclient0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbclient0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbconf0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbconf0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbldap0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbldap0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libtevent-util0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libtevent-util0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libwbclient0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libwbclient0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-client-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-client-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-debugsource-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-libs-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-libs-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-winbind-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-winbind-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libdcerpc-binding0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libdcerpc-binding0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libdcerpc0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libdcerpc0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-krb5pac0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-krb5pac0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-nbt0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-nbt0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-standard0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr-standard0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libndr0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libnetapi0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libnetapi0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-credentials0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-credentials0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-errors0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-errors0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-hostconfig0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-hostconfig0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-passdb0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-passdb0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-util0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamba-util0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamdb0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsamdb0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbclient0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbclient0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbconf0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbconf0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbldap0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libsmbldap0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libtevent-util0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libtevent-util0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libwbclient0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libwbclient0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-client-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-client-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-libs-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-libs-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-winbind-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"samba-winbind-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libdcerpc-binding0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libdcerpc-binding0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libdcerpc-binding0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libdcerpc-binding0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libdcerpc0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libdcerpc0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libdcerpc0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libdcerpc0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-krb5pac0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-krb5pac0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-krb5pac0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-krb5pac0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-nbt0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-nbt0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-nbt0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-nbt0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-standard0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-standard0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-standard0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr-standard0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libndr0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libnetapi0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libnetapi0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libnetapi0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libnetapi0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-credentials0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-credentials0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-credentials0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-credentials0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-errors0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-errors0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-errors0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-errors0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-hostconfig0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-hostconfig0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-hostconfig0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-hostconfig0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-passdb0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-passdb0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-passdb0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-passdb0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-util0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-util0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-util0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamba-util0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamdb0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamdb0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamdb0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsamdb0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbclient0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbclient0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbclient0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbclient0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbconf0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbconf0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbconf0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbconf0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbldap0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbldap0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbldap0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmbldap0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libtevent-util0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libtevent-util0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libtevent-util0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libtevent-util0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwbclient0-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwbclient0-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwbclient0-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwbclient0-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-client-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-client-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-client-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-client-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-debugsource-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-libs-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-libs-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-libs-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-libs-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-winbind-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-winbind-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-winbind-debuginfo-32bit-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"samba-winbind-debuginfo-4.6.14+git.150.1540e575faf-3.24.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "samba");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-7D0ACD608B.NASL
    descriptionSecurity fix for CVE-2018-1050 CVE-2018-1057 ---- Update to Samba 4.6.13 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-03-21
    plugin id108501
    published2018-03-21
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108501
    titleFedora 26 : 2:samba (2018-7d0acd608b)

The Hacker News

idTHN:9AF63A5439FB2614532C19DFE04ACC6B
last seen2018-03-13
modified2018-03-13
published2018-03-12
reporterMohit Kumar
sourcehttps://thehackernews.com/2018/03/samba-server-vulnerability.html
titleUpdate Samba Servers Immediately to Patch Password Reset and DoS Vulnerabilities