openSUSE Security Update : samba (openSUSE-2016-453) (Badlock)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

samba was updated to fix seven security issues.

These security issues were fixed :

- CVE-2015-5370: DCERPC server and client were vulnerable
to DOS and MITM attacks (bsc#936862).

- CVE-2016-2110: A man-in-the-middle could have downgraded
NTLMSSP authentication (bsc#973031).

- CVE-2016-2111: Domain controller netlogon member
computer could have been spoofed (bsc#973032).

- CVE-2016-2112: LDAP conenctions were vulnerable to
downgrade and MITM attack (bsc#973033).

- CVE-2016-2113: TLS certificate validation were missing
(bsc#973034).

- CVE-2016-2115: Named pipe IPC were vulnerable to MITM
attacks (bsc#973036).

- CVE-2016-2118: 'Badlock' DCERPC impersonation of
authenticated account were possible (bsc#971965).

These non-security issues were fixed :

- bsc#974629: Fix samba.tests.messaging test and prevent
potential tdb corruption by removing obsolete now
invalid tdb_close call.

- bsc#973832: Obsolete libsmbsharemodes0 from samba-libs
and libsmbsharemodes-devel from samba-core-devel.

- bsc#972197: Obsolete libsmbclient from libsmbclient0 and
libpdb-devel from libsamba-passdb-devel while not
providing it.

- Getting and setting Windows ACLs on symlinks can change
permissions on link

- bsc#924519: Upgrade on-disk FSRVP server state to new
version.

- bsc#968973: Only obsolete but do not provide gplv2/3
package names.

- bso#6482: s3:utils/smbget: Fix recursive download.

- bso#10489: s3: smbd: posix_acls: Fix check for setting
u:g:o entry on a filesystem with no ACL support.

- bso#11643: docs: Add example for domain logins to
smbspool man page.

- bso#11690: s3-client: Add a KRB5 wrapper for smbspool.

- bso#11708: loadparm: Fix memory leak issue.

- bso#11714: lib/tsocket: Work around sockets not
supporting FIONREAD.

- bso#11719: ctdb-scripts: Drop use of 'smbcontrol
winbindd ip-dropped ...'.

- bso#11727: s3:smbd:open: Skip redundant call to
file_set_dosmode when creating a new file.

- bso#11732: param: Fix str_list_v3 to accept ';' again.

- bso#11740: Real memeory leak(buildup) issue in loadparm.

This update was imported from the SUSE:SLE-12-SP1:Update update
project.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=924519
https://bugzilla.opensuse.org/show_bug.cgi?id=936862
https://bugzilla.opensuse.org/show_bug.cgi?id=968973
https://bugzilla.opensuse.org/show_bug.cgi?id=971965
https://bugzilla.opensuse.org/show_bug.cgi?id=972197
https://bugzilla.opensuse.org/show_bug.cgi?id=973031
https://bugzilla.opensuse.org/show_bug.cgi?id=973032
https://bugzilla.opensuse.org/show_bug.cgi?id=973033
https://bugzilla.opensuse.org/show_bug.cgi?id=973034
https://bugzilla.opensuse.org/show_bug.cgi?id=973036
https://bugzilla.opensuse.org/show_bug.cgi?id=973832
https://bugzilla.opensuse.org/show_bug.cgi?id=974629

Solution :

Update the affected samba packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 90522 ()

Bugtraq ID:

CVE ID: CVE-2015-5370
CVE-2016-2110
CVE-2016-2111
CVE-2016-2112
CVE-2016-2113
CVE-2016-2115
CVE-2016-2118

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now