Detections
Analytics

SuSE 11.2 Security Update : Samba (SAT Patch Number 8170)

medium Nessus Plugin ID 70018

Language:

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

The Samba server suite received a security update to fix a denial of service problem in integer wrap protection. (CVE-2013-4124).

Additionally, the following stability fixes are included in this update :

 - Do not restart the smbfs service on pre-11.3 systems during dhcp lease renewal when the IP address remains the same. (bnc#800782)

 - Fix smbclient recursive mget EPERM handling.
 (bnc#786350)

 - Fix SMB1 Session Setup AndX handling with a large krb PAC. (bnc#802031)

 - Fix periodic printcap cache reloads. (bnc#807334)

 - Fix AD printer publishing. (bnc#798856)

 - Add extra attributes for AD printer publishing.
 (bnc#798856)

 - Fix is_printer_published GUID retrieval. (bnc#798856)

 - Fix vfs_catia module. (bnc#824833)

 - Don't modify the pidfile name when a custom config file path is used. (bnc#812929)

 - Fix the username map optimization. (bnc#815994)

 - Fix libreplace license ambiguity. (bnc#765270)

 - Document idmap_ad rfc2307 attribute requirements.
 (bnc#820531)

 - The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~20. (bnc#806501)

Solution

Apply SAT patch number 8170.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=765270

https://bugzilla.novell.com/show_bug.cgi?id=786350

https://bugzilla.novell.com/show_bug.cgi?id=792294

https://bugzilla.novell.com/show_bug.cgi?id=798856

https://bugzilla.novell.com/show_bug.cgi?id=800782

https://bugzilla.novell.com/show_bug.cgi?id=802031

https://bugzilla.novell.com/show_bug.cgi?id=806501

https://bugzilla.novell.com/show_bug.cgi?id=807334

https://bugzilla.novell.com/show_bug.cgi?id=812929

https://bugzilla.novell.com/show_bug.cgi?id=815994

https://bugzilla.novell.com/show_bug.cgi?id=820531

https://bugzilla.novell.com/show_bug.cgi?id=824833

https://bugzilla.novell.com/show_bug.cgi?id=829969

http://support.novell.com/security/cve/CVE-2013-4124.html

Plugin Details

Severity: Medium

ID: 70018

File Name: suse_11_cifs-mount-130806.nasl

Version: 1.11

Type: local

Agent: unix

Published: 9/20/2013

Updated: 1/19/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:libtdb1-32bit, p-cpe:/a:novell:suse_linux:11:libtevent0, p-cpe:/a:novell:suse_linux:11:libtalloc2-32bit, p-cpe:/a:novell:suse_linux:11:samba-winbind, p-cpe:/a:novell:suse_linux:11:samba-client, p-cpe:/a:novell:suse_linux:11:samba-doc, p-cpe:/a:novell:suse_linux:11:libtalloc1-32bit, p-cpe:/a:novell:suse_linux:11:libtdb1, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:11:libtalloc1, p-cpe:/a:novell:suse_linux:11:libsmbclient0-32bit, p-cpe:/a:novell:suse_linux:11:samba, p-cpe:/a:novell:suse_linux:11:libwbclient0, p-cpe:/a:novell:suse_linux:11:samba-client-32bit, p-cpe:/a:novell:suse_linux:11:samba-winbind-32bit, p-cpe:/a:novell:suse_linux:11:samba-krb-printing, p-cpe:/a:novell:suse_linux:11:libsmbclient0, p-cpe:/a:novell:suse_linux:11:libldb1, p-cpe:/a:novell:suse_linux:11:libldb1-32bit, p-cpe:/a:novell:suse_linux:11:ldapsmb, p-cpe:/a:novell:suse_linux:11:libtevent0-32bit, p-cpe:/a:novell:suse_linux:11:libwbclient0-32bit, p-cpe:/a:novell:suse_linux:11:samba-32bit, p-cpe:/a:novell:suse_linux:11:libtalloc2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 8/6/2013

Reference Information

CVE: CVE-2013-4124