Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.850525
Category:SuSE Local Security Checks
Title:openSUSE: Security Advisory for update (openSUSE-SU-2013:1339-1)
Summary:The remote host is missing an update for the 'update'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'update'
package(s) announced via the referenced advisory.

Vulnerability Insight:
This update of samba fixed the following issues:

- The pam_winbind require_membership_of option allows for a
list of SID, but currently only provides buffer space for
~
20 (bnc#806501).

- Samba 3.0.x to 4.0.7 are affected by a denial of service
attack on authenticated or guest connections
CVE-2013-4124 (bnc#829969).

- PIDL: fix parsing linemarkers in preprocessor output
(bso#9636).

- build:autoconf: fix output of syslog-facility check
(bso#9983).

- libreplace: add a missing 'eval' to the
AC_VERIFY_C_PROTOTYPE macro.

- Remove ldapsmb from the main spec file.

- Don't bzip2 the main tar ball, use the upstream gzipped
one instead.

- Fix crash bug during Win8 sync (bso#9822).

- Check for system libtevent and link dbwrap_tool and
dbwrap_torture against it (bso#9881).

- errno gets overwritten in call to check_parent_exists()
(bso#9927).

- Fix a bug of drvupgrade of smbcontrol (bso#9941).

- Document idmap_ad rfc2307 attribute requirements
(bso#9880) (bnc#820531).

- Don't install the tdb utilities man pages on post-12.1
systems (bnc#823549).

- Fix libreplace license ambiguity (bso#8997)
(bnc#765270).

- Fix is_printer_published GUID retrieval (bso#9900)
(bnc#798856).

- Fix 'map untrusted to domain' with NTLMv2 (bso#9817)
(bnc#817919).

- Don't modify the pidfile name when a custom config file
path is used (bnc#812929).

- Add extra attributes for AD printer publishing
(bso#9378) (bnc#798856).

- Fix vfs_catia module (bso#9701) (bnc#824833).

- Fix AD printer publishing (bso#9378) (bnc#798856).

Affected Software/OS:
update on openSUSE 12.2

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-4124
Bugtraq: 20130806 [slackware-security] samba (SSA:2013-218-03) (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2013-08/0028.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113591.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114011.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html
http://security.gentoo.org/glsa/glsa-201502-15.xml
HPdes Security Advisory: HPSBUX03087
http://marc.info/?l=bugtraq&m=141660010015249&w=2
HPdes Security Advisory: SSRT101413
http://www.mandriva.com/security/advisories?name=MDVSA-2013:207
http://osvdb.org/95969
RedHat Security Advisories: RHSA-2013:1310
http://rhn.redhat.com/errata/RHSA-2013-1310.html
RedHat Security Advisories: RHSA-2013:1542
http://rhn.redhat.com/errata/RHSA-2013-1542.html
RedHat Security Advisories: RHSA-2013:1543
http://rhn.redhat.com/errata/RHSA-2013-1543.html
RedHat Security Advisories: RHSA-2014:0305
http://rhn.redhat.com/errata/RHSA-2014-0305.html
http://www.securitytracker.com/id/1028882
http://secunia.com/advisories/54519
SuSE Security Announcement: openSUSE-SU-2013:1339 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00012.html
SuSE Security Announcement: openSUSE-SU-2013:1349 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00015.html
http://www.ubuntu.com/usn/USN-1966-1
XForce ISS Database: samba-cve20134121-dos(86185)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86185
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.