Detections
Analytics
Rocky Linux 8 : samba (RLSA-2021:5082)
high Nessus Plugin ID 184610
Synopsis
The remote Rocky Linux host is missing one or more security updates.Description
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5082 advisory.- A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
(CVE-2016-2124)
- A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. (CVE-2020-25717)
- A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements. (CVE-2021-23192)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://errata.rockylinux.org/RLSA-2021:5082
https://bugzilla.redhat.com/show_bug.cgi?id=2019660
Plugin Details
Severity: High
ID: 184610
File Name: rocky_linux_RLSA-2021-5082.nasl
Version: 1.0
Type: local
Published: 11/6/2023
Updated: 11/6/2023
Supported Sensors: Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
CVSS v2
Risk Factor: High
Base Score: 8.5
Temporal Score: 6.3
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:N
CVSS Score Source: CVE-2020-25717
CVSS v3
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.1
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:rocky:linux:libwbclient-debuginfo, p-cpe:/a:rocky:linux:samba-vfs-iouring-debuginfo, p-cpe:/a:rocky:linux:samba-common-libs, p-cpe:/a:rocky:linux:samba-test-libs, p-cpe:/a:rocky:linux:samba-winexe, p-cpe:/a:rocky:linux:python3-samba-test, p-cpe:/a:rocky:linux:samba-vfs-iouring, p-cpe:/a:rocky:linux:samba-debuginfo, p-cpe:/a:rocky:linux:samba-winbind-modules, p-cpe:/a:rocky:linux:samba-debugsource, p-cpe:/a:rocky:linux:samba-common-libs-debuginfo, p-cpe:/a:rocky:linux:samba-client-debuginfo, p-cpe:/a:rocky:linux:libwbclient, p-cpe:/a:rocky:linux:samba-winbind-clients, cpe:/o:rocky:linux:8, p-cpe:/a:rocky:linux:samba-common, p-cpe:/a:rocky:linux:samba-client, p-cpe:/a:rocky:linux:ctdb-debuginfo, p-cpe:/a:rocky:linux:samba-winexe-debuginfo, p-cpe:/a:rocky:linux:samba-winbind-krb5-locator-debuginfo, p-cpe:/a:rocky:linux:python3-samba-debuginfo, p-cpe:/a:rocky:linux:samba-libs, p-cpe:/a:rocky:linux:samba-krb5-printing, p-cpe:/a:rocky:linux:samba-krb5-printing-debuginfo, p-cpe:/a:rocky:linux:samba-test, p-cpe:/a:rocky:linux:samba-winbind, p-cpe:/a:rocky:linux:samba-common-tools, p-cpe:/a:rocky:linux:samba-pidl, p-cpe:/a:rocky:linux:libwbclient-devel, p-cpe:/a:rocky:linux:samba-libs-debuginfo, p-cpe:/a:rocky:linux:python3-samba, p-cpe:/a:rocky:linux:samba-winbind-krb5-locator, p-cpe:/a:rocky:linux:samba-winbind-debuginfo, p-cpe:/a:rocky:linux:samba-client-libs-debuginfo, p-cpe:/a:rocky:linux:samba-test-debuginfo, p-cpe:/a:rocky:linux:samba-common-tools-debuginfo, p-cpe:/a:rocky:linux:ctdb, p-cpe:/a:rocky:linux:samba-devel, p-cpe:/a:rocky:linux:libsmbclient-devel, p-cpe:/a:rocky:linux:samba-test-libs-debuginfo, p-cpe:/a:rocky:linux:samba-client-libs, p-cpe:/a:rocky:linux:samba-winbind-modules-debuginfo, p-cpe:/a:rocky:linux:samba, p-cpe:/a:rocky:linux:samba-winbind-clients-debuginfo, p-cpe:/a:rocky:linux:libsmbclient-debuginfo, p-cpe:/a:rocky:linux:libsmbclient
Required KB Items: Host/local_checks_enabled, Host/RockyLinux/release, Host/RockyLinux/rpm-list, Host/cpu
Exploit Ease: No known exploits are available
Patch Publication Date: 12/13/2021
Vulnerability Publication Date: 11/9/2021