openSUSE Security Update : samba and resource-agents (openSUSE-2017-987) (Orpheus' Lyre)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update provides Samba 4.6.7, which fixes the following issues :

- CVE-2017-11103: Metadata were being taken from the
unauthenticated plaintext (the Ticket) rather than the
authenticated and encrypted KDC response. (bsc#1048278)

- Fix cephwrap_chdir(). (bsc#1048790)

- Fix ctdb logs to /var/log/log.ctdb instead of
/var/log/ctdb. (bsc#1048339)

- Fix inconsistent ctdb socket path. (bsc#1048352)

- Fix non-admin cephx authentication. (bsc#1048387)

- CTDB cannot start when there is no persistent database.
(bsc#1052577)

The CTDB resource agent was also fixed to not fail when the database
is empty.

This update was imported from the SUSE:SLE-12-SP3:Update update
project.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1048278
https://bugzilla.opensuse.org/show_bug.cgi?id=1048339
https://bugzilla.opensuse.org/show_bug.cgi?id=1048352
https://bugzilla.opensuse.org/show_bug.cgi?id=1048387
https://bugzilla.opensuse.org/show_bug.cgi?id=1048790
https://bugzilla.opensuse.org/show_bug.cgi?id=1052577
https://bugzilla.opensuse.org/show_bug.cgi?id=1054017

Solution :

Update the affected samba and resource-agents packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 102849 ()

Bugtraq ID:

CVE ID: CVE-2017-11103

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now