Alpine: multiple ldb packages, multiple samba packages, pam-winbind: security update to 4.11.3-r0

medium Tenable Self-Hosted Container Security Plugin ID 424449

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue,
where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and
zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the
DNS partition allow creation of new records by authenticated users. This is used for example to allow
machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of
the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to
the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following
invalid memory as a pointer. (CVE-2019-14861)

- All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue,
where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be
opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by
forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute
delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD
DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the
not-delegated flag set. (CVE-2019-14870)

See Also

https://security.alpinelinux.org/vuln/CVE-2019-14861

https://security.alpinelinux.org/vuln/CVE-2019-14870

Plugin Details

Severity: Medium

ID: 424449

Version: Revision 1.10

Type: Local

Published: 4/4/2025

Updated: 9/17/2025

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 5

Percentile: 95.09

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2019-14870

CVSS v3

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 12/10/2019

Reference Information

CVE: CVE-2019-14861, CVE-2019-14870

IAVA: 2019-A-0446-S