SuSE Local Security Checks : openSUSE: Security Advisory for samba (openSUSE-SU-2018:1727-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.851790

Category: SuSE Local Security Checks

Title: openSUSE: Security Advisory for samba (openSUSE-SU-2018:1727-1)

Summary: The remote host is missing an update for the 'samba'; package(s) announced via the referenced advisory.

Description: Summary:
The remote host is missing an update for the 'samba'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Samba was updated to 4.6.14, fixing bugs and security issues:

Version update to 4.6.14 (bsc#1093664):

+ vfs_ceph: add fake async pwrite/pread send/recv hooks (bso#13425).
+ Fix memory leak in vfs_ceph (bso#13424).
+ winbind: avoid using fstrcpy(dcname, ...) in _dual_init_connection
(bso#13294).
+ s3:smb2_server: correctly maintain request counters for compound
requests (bso#13215).
+ s3: smbd: Unix extensions attempts to change wrong field in fchown call
(bso#13375).
+ s3:smbd: map nterror on smb2_flush errorpath (bso#13338).
+ vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async
(bso#13297).
+ s3: smbd: Fix possible directory fd leak if the underlying OS doesn't
support fdopendir() (bso#13270).
+ s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we
don't own it here (bso#13244).
+ s3:libsmb: allow -U'\\administrator' to work (bso#13206).
+ CVE-2018-1057: s4:dsdb: fix unprivileged password changes (bso#13272)
(bsc#1081024).
+ s3:smbd: Do not crash if we fail to init the session table (bso#13315).
+ libsmb: Use smb2 tcon if conn_protocol = SMB2_02 (bso#13310).
+ smbXcli: Add 'force_channel_sequence' (bso#13215).
+ smbd: Fix channel sequence number checks for long-running requests
(bso#13215).
+ s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired
sessions (bso#13197).
+ s3:smbd: return the correct error for cancelled SMB2 notifies on expired
sessions (bso#13197).
+ samba: Only use async signal-safe functions in signal handler
(bso#13240).
+ subnet: Avoid a segfault when renaming subnet objects (bso#13031).

- Fix vfs_ceph with 'aio read size' or 'aio write size' 0 (bsc#1093664).
+ vfs_ceph: add fake async pwrite/pread send/recv hooks (bso#13425).
+ Fix memory leak in vfs_ceph (bso#13424).

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended
installation methods
like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-649=1

Affected Software/OS:
samba on openSUSE Leap 42.3

Solution:
Please install the updated package(s).

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-1057
103382
http://www.securityfocus.com/bid/103382
1040494
http://www.securitytracker.com/id/1040494
DSA-4135
https://www.debian.org/security/2018/dsa-4135
GLSA-201805-07
https://security.gentoo.org/glsa/201805-07
USN-3595-1
https://usn.ubuntu.com/3595-1/
[debian-lts-announce] 20190409 [SECURITY] [DLA 1754-1] samba security update
https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html
https://bugzilla.redhat.com/show_bug.cgi?id=1553553
https://security.netapp.com/advisory/ntap-20180313-0001/
https://www.samba.org/samba/security/CVE-2018-1057.html
https://www.synology.com/support/security/Synology_SA_18_08

Copyright Copyright (C) 2018 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.851790
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for samba (openSUSE-SU-2018:1727-1)
Summary:	The remote host is missing an update for the 'samba'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the referenced advisory. Vulnerability Insight: Samba was updated to 4.6.14, fixing bugs and security issues: Version update to 4.6.14 (bsc#1093664): + vfs_ceph: add fake async pwrite/pread send/recv hooks (bso#13425). + Fix memory leak in vfs_ceph (bso#13424). + winbind: avoid using fstrcpy(dcname, ...) in _dual_init_connection (bso#13294). + s3:smb2_server: correctly maintain request counters for compound requests (bso#13215). + s3: smbd: Unix extensions attempts to change wrong field in fchown call (bso#13375). + s3:smbd: map nterror on smb2_flush errorpath (bso#13338). + vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async (bso#13297). + s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir() (bso#13270). + s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here (bso#13244). + s3:libsmb: allow -U'\\administrator' to work (bso#13206). + CVE-2018-1057: s4:dsdb: fix unprivileged password changes (bso#13272) (bsc#1081024). + s3:smbd: Do not crash if we fail to init the session table (bso#13315). + libsmb: Use smb2 tcon if conn_protocol = SMB2_02 (bso#13310). + smbXcli: Add 'force_channel_sequence' (bso#13215). + smbd: Fix channel sequence number checks for long-running requests (bso#13215). + s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired sessions (bso#13197). + s3:smbd: return the correct error for cancelled SMB2 notifies on expired sessions (bso#13197). + samba: Only use async signal-safe functions in signal handler (bso#13240). + subnet: Avoid a segfault when renaming subnet objects (bso#13031). - Fix vfs_ceph with 'aio read size' or 'aio write size' 0 (bsc#1093664). + vfs_ceph: add fake async pwrite/pread send/recv hooks (bso#13425). + Fix memory leak in vfs_ceph (bso#13424). This update was imported from the SUSE:SLE-12-SP3:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-649=1 Affected Software/OS: samba on openSUSE Leap 42.3 Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1057 103382 http://www.securityfocus.com/bid/103382 1040494 http://www.securitytracker.com/id/1040494 DSA-4135 https://www.debian.org/security/2018/dsa-4135 GLSA-201805-07 https://security.gentoo.org/glsa/201805-07 USN-3595-1 https://usn.ubuntu.com/3595-1/ [debian-lts-announce] 20190409 [SECURITY] [DLA 1754-1] samba security update https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html https://bugzilla.redhat.com/show_bug.cgi?id=1553553 https://security.netapp.com/advisory/ntap-20180313-0001/ https://www.samba.org/samba/security/CVE-2018-1057.html https://www.synology.com/support/security/Synology_SA_18_08
Copyright	Copyright (C) 2018 Greenbone Networks GmbH