This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
samba was updated to fix two security issues.
These security issues were fixed :
- CVE-2015-0240: Ensure we don't call talloc_free on an
uninitialized pointer (bnc#917376).
- CVE-2014-8143: Samba 4.0.x before 4.0.24, 4.1.x before
4.1.16, and 4.2.x before 4.2rc4, when an Active
Directory Domain Controller (AD DC) is configured,
allowed remote authenticated users to set the LDB
userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and
consequently gain privileges, by leveraging delegation
of authority for user-account or computer-account
Several non-security issues were fixed, please refer to the changes
See also :
Update the affected samba packages.
Risk factor :
Critical / CVSS Base Score : 10.0
Public Exploit Available : true