Test ID:	1.3.6.1.4.1.25623.1.0.850525
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for update (openSUSE-SU-2013:1339-1)
Summary:	The remote host is missing an update for the 'update'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'update' package(s) announced via the referenced advisory. Vulnerability Insight: This update of samba fixed the following issues: - The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~ 20 (bnc#806501). - Samba 3.0.x to 4.0.7 are affected by a denial of service attack on authenticated or guest connections CVE-2013-4124 (bnc#829969). - PIDL: fix parsing linemarkers in preprocessor output (bso#9636). - build:autoconf: fix output of syslog-facility check (bso#9983). - libreplace: add a missing 'eval' to the AC_VERIFY_C_PROTOTYPE macro. - Remove ldapsmb from the main spec file. - Don't bzip2 the main tar ball, use the upstream gzipped one instead. - Fix crash bug during Win8 sync (bso#9822). - Check for system libtevent and link dbwrap_tool and dbwrap_torture against it (bso#9881). - errno gets overwritten in call to check_parent_exists() (bso#9927). - Fix a bug of drvupgrade of smbcontrol (bso#9941). - Document idmap_ad rfc2307 attribute requirements (bso#9880) (bnc#820531). - Don't install the tdb utilities man pages on post-12.1 systems (bnc#823549). - Fix libreplace license ambiguity (bso#8997) (bnc#765270). - Fix is_printer_published GUID retrieval (bso#9900) (bnc#798856). - Fix 'map untrusted to domain' with NTLMv2 (bso#9817) (bnc#817919). - Don't modify the pidfile name when a custom config file path is used (bnc#812929). - Add extra attributes for AD printer publishing (bso#9378) (bnc#798856). - Fix vfs_catia module (bso#9701) (bnc#824833). - Fix AD printer publishing (bso#9378) (bnc#798856). Affected Software/OS: update on openSUSE 12.2 Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4124 Bugtraq: 20130806 [slackware-security] samba (SSA:2013-218-03) (Google Search) http://archives.neohapsis.com/archives/bugtraq/2013-08/0028.html http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113591.html http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114011.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html http://security.gentoo.org/glsa/glsa-201502-15.xml HPdes Security Advisory: HPSBUX03087 http://marc.info/?l=bugtraq&m=141660010015249&w=2 HPdes Security Advisory: SSRT101413 http://www.mandriva.com/security/advisories?name=MDVSA-2013:207 http://osvdb.org/95969 RedHat Security Advisories: RHSA-2013:1310 http://rhn.redhat.com/errata/RHSA-2013-1310.html RedHat Security Advisories: RHSA-2013:1542 http://rhn.redhat.com/errata/RHSA-2013-1542.html RedHat Security Advisories: RHSA-2013:1543 http://rhn.redhat.com/errata/RHSA-2013-1543.html RedHat Security Advisories: RHSA-2014:0305 http://rhn.redhat.com/errata/RHSA-2014-0305.html http://www.securitytracker.com/id/1028882 http://secunia.com/advisories/54519 SuSE Security Announcement: openSUSE-SU-2013:1339 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00012.html SuSE Security Announcement: openSUSE-SU-2013:1349 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00015.html http://www.ubuntu.com/usn/USN-1966-1 XForce ISS Database: samba-cve20134121-dos(86185) https://exchange.xforce.ibmcloud.com/vulnerabilities/86185
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.