Test ID:	1.3.6.1.4.1.25623.1.1.4.2021.3647.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2021:3647-1)
Summary:	The remote host is missing an update for the 'samba and ldb' package(s) announced via the SUSE-SU-2021:3647-1 advisory.
Description:	Summary: The remote host is missing an update for the 'samba and ldb' package(s) announced via the SUSE-SU-2021:3647-1 advisory. Vulnerability Insight: This update for samba and ldb fixes the following issues: CVE-2020-25718: Fixed that an RODC can issue (forge) administrator tickets to other servers (bsc#1192246). CVE-2021-3738: Fixed crash in dsdb stack (bsc#1192215). CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos (bsc#1014440). CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members (bsc#1192284). CVE-2020-25719: Fixed AD DC Username based races when no PAC is given (bsc#1192247). CVE-2020-25722: Fixed AD DC UPN vs samAccountName not checked (top-level bug for AD DC validation issues) (bsc#1192283). CVE-2021-23192: Fixed dcerpc requests to don't check all fragments against the first auth_state (bsc#1192214). CVE-2020-25721: Fixed fill in the new HAS_SAM_NAME_AND_SID values (bsc#1192505). Samba was updated to 4.13.13 rodc_rwdc test flaps,(bso#14868). Backport bronze bit fixes, tests, and selftest improvements, (bso#14881). Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze bit' S4U2Proxy Constrained Delegation bypass in Samba with embedded Heimdal,(bso#14642). Python ldb.msg_diff() memory handling failure,(bso#14836). 'in' operator on ldb.Message is case sensitive,(bso#14845). Fix Samba support for UF_NO_AUTH_DATA_REQUIRED,(bso#14871). Allow special chars like '@' in samAccountName when generating the salt,(bso#14874). Fix transit path validation,(bso#12998). Prepare to operate with MIT krb5 >= 1.20,(bso#14870). rpcclient NetFileEnum and net rpc file both cause lock order violation: brlock.tdb, share_entries.tdb,(bso#14645). Python ldb.msg_diff() memory handling failure,(bso#14836). Release LDB 2.3.1 for Samba 4.14.9,(bso#14848). Samba was updated to 4.13.12: Address a significant performance regression in database access in the AD DC since Samba 4.12,(bso#14806). Fix performance regression in lsa_LookupSids3/LookupNames4 since Samba 4.9 by using an explicit database handle cache, (bso#14807). An unuthenticated user can crash the AD DC KDC by omitting the server name in a TGS-REQ,(bso#14817). Address flapping samba_tool_drs_showrepl test,(bso#14818). Address flapping dsdb_schema_attributes test,(bso#14819). An unuthenticated user can crash the AD DC KDC by omitting the server name in a TGS-REQ,(bso#14817). Fix CTDB flag/status update race conditions(bso#14784). Samba was updated to 4.13.11: smbd: panic on force-close share during offload write, (bso#14769). Fix returned attributes on fake quota file handle and avoid hitting the VFS,(bso#14731). smbd: 'deadtime' parameter doesn't work anymore,(bso#14783). net conf list crashes when run as normal user,(bso#14787). Work around special SMB2 READ response behavior of NetApp Ontap 7.3.7,(bso#14607). Start the SMB encryption as soon as possible,(bso#14793). Winbind should not start if the socket path for the ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'samba and ldb' package(s) on SUSE Linux Enterprise High Availability 15-SP3, SUSE Linux Enterprise Module for Basesystem 15-SP3, SUSE Linux Enterprise Module for Python2 15-SP3, SUSE MicroOS 5.1. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2124 https://security.gentoo.org/glsa/202309-06 https://bugzilla.redhat.com/show_bug.cgi?id=2019660 https://www.samba.org/samba/security/CVE-2016-2124.html https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html Common Vulnerability Exposure (CVE) ID: CVE-2020-17049 GLSA-202309-06 [oss-security] 20211110 Fwd: Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download http://www.openwall.com/lists/oss-security/2021/11/10/3 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049 Common Vulnerability Exposure (CVE) ID: CVE-2020-25717 https://bugzilla.redhat.com/show_bug.cgi?id=2019672 https://www.samba.org/samba/security/CVE-2020-25717.html Common Vulnerability Exposure (CVE) ID: CVE-2020-25718 https://bugzilla.redhat.com/show_bug.cgi?id=2019726 https://www.samba.org/samba/security/CVE-2020-25718.html Common Vulnerability Exposure (CVE) ID: CVE-2020-25719 https://bugzilla.redhat.com/show_bug.cgi?id=2019732 https://www.samba.org/samba/security/CVE-2020-25719.html Common Vulnerability Exposure (CVE) ID: CVE-2020-25721 https://bugzilla.redhat.com/show_bug.cgi?id=2021728 https://bugzilla.samba.org/show_bug.cgi?id=14725 https://www.samba.org/samba/security/CVE-2020-25721.html Common Vulnerability Exposure (CVE) ID: CVE-2020-25722 https://bugzilla.redhat.com/show_bug.cgi?id=2019764 https://www.samba.org/samba/security/CVE-2020-25722.html Common Vulnerability Exposure (CVE) ID: CVE-2021-23192 https://bugzilla.redhat.com/show_bug.cgi?id=2019666 https://ubuntu.com/security/CVE-2021-23192 https://www.samba.org/samba/security/CVE-2021-23192.html Common Vulnerability Exposure (CVE) ID: CVE-2021-3738 https://bugzilla.redhat.com/show_bug.cgi?id=2021726 https://bugzilla.samba.org/show_bug.cgi?id=14468 https://www.samba.org/samba/security/CVE-2021-3738.html
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.