SuSE Local Security Checks : SUSE: Security Advisory (SUSE-SU-2018:1687-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.4.2018.1687.1

Category: SuSE Local Security Checks

Title: SUSE: Security Advisory (SUSE-SU-2018:1687-1)

Summary: The remote host is missing an update for the 'samba' package(s) announced via the SUSE-SU-2018:1687-1 advisory.

Description: Summary:
The remote host is missing an update for the 'samba' package(s) announced via the SUSE-SU-2018:1687-1 advisory.

Vulnerability Insight:
Samba was updated to 4.6.14, fixing bugs and security issues:

Version update to 4.6.14 (bsc#1093664):

+ vfs_ceph: add fake async pwrite/pread send/recv hooks, (bso#13425).
+ Fix memory leak in vfs_ceph, (bso#13424).
+ winbind: avoid using fstrcpy(dcname,...) in _dual_init_connection,
(bso#13294).
+ s3:smb2_server: correctly maintain request counters for compound
requests, (bso#13215).
+ s3: smbd: Unix extensions attempts to change wrong field in fchown
call, (bso#13375).
+ s3:smbd: map nterror on smb2_flush errorpath, (bso#13338).
+ vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async,
(bso#13297).
+ s3: smbd: Fix possible directory fd leak if the underlying OS doesn't
support fdopendir(), (bso#13270).
+ s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we
don't own it here, (bso#13244).
+ s3:libsmb: allow -U'\\administrator' to work, (bso#13206).
+ CVE-2018-1057: s4:dsdb: fix unprivileged password changes,
(bso#13272), (bsc#1081024).
+ s3:smbd: Do not crash if we fail to init the session table,
(bso#13315).
+ libsmb: Use smb2 tcon if conn_protocol >= SMB2_02, (bso#13310).
+ smbXcli: Add 'force_channel_sequence', (bso#13215).
+ smbd: Fix channel sequence number checks for long-running requests,
(bso#13215).
+ s3:smb2_server: allow logoff, close, unlock, cancel and echo on
expired sessions, (bso#13197).
+ s3:smbd: return the correct error for cancelled SMB2 notifies on
expired sessions, (bso#13197).
+ samba: Only use async signal-safe functions in signal handler,
(bso#13240).
+ subnet: Avoid a segfault when renaming subnet objects, (bso#13031).

- Fix vfs_ceph with 'aio read size' or 'aio write size' > 0,
(bsc#1093664).
+ vfs_ceph: add fake async pwrite/pread send/recv hooks, (bso#13425).
+ Fix memory leak in vfs_ceph, (bso#13424).

Affected Software/OS:
'samba' package(s) on SUSE Linux Enterprise Desktop 12-SP3, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server for SAP Applications 12-SP3.

Solution:
Please install the updated package(s).

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-1057
103382
http://www.securityfocus.com/bid/103382
1040494
http://www.securitytracker.com/id/1040494
DSA-4135
https://www.debian.org/security/2018/dsa-4135
GLSA-201805-07
https://security.gentoo.org/glsa/201805-07
USN-3595-1
https://usn.ubuntu.com/3595-1/
[debian-lts-announce] 20190409 [SECURITY] [DLA 1754-1] samba security update
https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html
https://bugzilla.redhat.com/show_bug.cgi?id=1553553
https://security.netapp.com/advisory/ntap-20180313-0001/
https://www.samba.org/samba/security/CVE-2018-1057.html
https://www.synology.com/support/security/Synology_SA_18_08

Copyright Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.4.2018.1687.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2018:1687-1)
Summary:	The remote host is missing an update for the 'samba' package(s) announced via the SUSE-SU-2018:1687-1 advisory.
Description:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the SUSE-SU-2018:1687-1 advisory. Vulnerability Insight: Samba was updated to 4.6.14, fixing bugs and security issues: Version update to 4.6.14 (bsc#1093664): + vfs_ceph: add fake async pwrite/pread send/recv hooks, (bso#13425). + Fix memory leak in vfs_ceph, (bso#13424). + winbind: avoid using fstrcpy(dcname,...) in _dual_init_connection, (bso#13294). + s3:smb2_server: correctly maintain request counters for compound requests, (bso#13215). + s3: smbd: Unix extensions attempts to change wrong field in fchown call, (bso#13375). + s3:smbd: map nterror on smb2_flush errorpath, (bso#13338). + vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async, (bso#13297). + s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir(), (bso#13270). + s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here, (bso#13244). + s3:libsmb: allow -U'\\administrator' to work, (bso#13206). + CVE-2018-1057: s4:dsdb: fix unprivileged password changes, (bso#13272), (bsc#1081024). + s3:smbd: Do not crash if we fail to init the session table, (bso#13315). + libsmb: Use smb2 tcon if conn_protocol >= SMB2_02, (bso#13310). + smbXcli: Add 'force_channel_sequence', (bso#13215). + smbd: Fix channel sequence number checks for long-running requests, (bso#13215). + s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired sessions, (bso#13197). + s3:smbd: return the correct error for cancelled SMB2 notifies on expired sessions, (bso#13197). + samba: Only use async signal-safe functions in signal handler, (bso#13240). + subnet: Avoid a segfault when renaming subnet objects, (bso#13031). - Fix vfs_ceph with 'aio read size' or 'aio write size' > 0, (bsc#1093664). + vfs_ceph: add fake async pwrite/pread send/recv hooks, (bso#13425). + Fix memory leak in vfs_ceph, (bso#13424). Affected Software/OS: 'samba' package(s) on SUSE Linux Enterprise Desktop 12-SP3, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server for SAP Applications 12-SP3. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1057 103382 http://www.securityfocus.com/bid/103382 1040494 http://www.securitytracker.com/id/1040494 DSA-4135 https://www.debian.org/security/2018/dsa-4135 GLSA-201805-07 https://security.gentoo.org/glsa/201805-07 USN-3595-1 https://usn.ubuntu.com/3595-1/ [debian-lts-announce] 20190409 [SECURITY] [DLA 1754-1] samba security update https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html https://bugzilla.redhat.com/show_bug.cgi?id=1553553 https://security.netapp.com/advisory/ntap-20180313-0001/ https://www.samba.org/samba/security/CVE-2018-1057.html https://www.synology.com/support/security/Synology_SA_18_08
Copyright	Copyright (C) 2021 Greenbone AG