SuSE 11.3 Security Update : Samba (SAT Patch Number 8171)

medium Nessus Plugin ID 70019

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

The Samba server suite received a security update to fix a denial of service problem in integer wrap protection. (CVE-2013-4124).

Additionally, the following stability fixes are included in this update :

- Fix libreplace license ambiguity. (bnc#765270)

- Document idmap_ad rfc2307 attribute requirements.
(bnc#820531)

- The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~20. (bnc#806501).

Solution

Apply SAT patch number 8171.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=765270

https://bugzilla.novell.com/show_bug.cgi?id=806501

https://bugzilla.novell.com/show_bug.cgi?id=820531

https://bugzilla.novell.com/show_bug.cgi?id=829969

http://support.novell.com/security/cve/CVE-2013-4124.html

Plugin Details

Severity: Medium

ID: 70019

File Name: suse_11_cifs-mount-130807.nasl

Version: 1.11

Type: local

Agent: unix

Published: 9/20/2013

Updated: 1/19/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:libtdb1-32bit, p-cpe:/a:novell:suse_linux:11:libtevent0, p-cpe:/a:novell:suse_linux:11:libtalloc2-32bit, p-cpe:/a:novell:suse_linux:11:samba-winbind, p-cpe:/a:novell:suse_linux:11:samba-client, p-cpe:/a:novell:suse_linux:11:samba-doc, p-cpe:/a:novell:suse_linux:11:libtdb1, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:11:libsmbclient0-32bit, p-cpe:/a:novell:suse_linux:11:samba, p-cpe:/a:novell:suse_linux:11:libwbclient0, p-cpe:/a:novell:suse_linux:11:samba-client-32bit, p-cpe:/a:novell:suse_linux:11:samba-winbind-32bit, p-cpe:/a:novell:suse_linux:11:samba-krb-printing, p-cpe:/a:novell:suse_linux:11:libsmbclient0, p-cpe:/a:novell:suse_linux:11:libldb1, p-cpe:/a:novell:suse_linux:11:libldb1-32bit, p-cpe:/a:novell:suse_linux:11:ldapsmb, p-cpe:/a:novell:suse_linux:11:libtevent0-32bit, p-cpe:/a:novell:suse_linux:11:libwbclient0-32bit, p-cpe:/a:novell:suse_linux:11:samba-32bit, p-cpe:/a:novell:suse_linux:11:libtalloc2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 8/7/2013

Reference Information

CVE: CVE-2013-4124