SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:1024-1) (Badlock)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote SUSE host is missing one or more security updates.

Description :

samba was updated to fix seven security issues.

These security issues were fixed :

- CVE-2015-5370: DCERPC server and client were vulnerable
to DOS and MITM attacks (bsc#936862).

- CVE-2016-2110: A man-in-the-middle could have downgraded
NTLMSSP authentication (bsc#973031).

- CVE-2016-2111: Domain controller netlogon member
computer could have been spoofed (bsc#973032).

- CVE-2016-2112: LDAP conenctions were vulnerable to
downgrade and MITM attack (bsc#973033).

- CVE-2016-2113: TLS certificate validation were missing

- CVE-2016-2115: Named pipe IPC were vulnerable to MITM
attacks (bsc#973036).

- CVE-2016-2118: 'Badlock' DCERPC impersonation of
authenticated account were possible (bsc#971965).

These non-security issues were fixed :

- bsc#974629: Fix samba.tests.messaging test and prevent
potential tdb corruption by removing obsolete now
invalid tdb_close call.

- bsc#973832: Obsolete libsmbsharemodes0 from samba-libs
and libsmbsharemodes-devel from samba-core-devel.

- bsc#972197: Obsolete libsmbclient from libsmbclient0 and
libpdb-devel from libsamba-passdb-devel while not
providing it.

- Getting and setting Windows ACLs on symlinks can change
permissions on link

- bsc#924519: Upgrade on-disk FSRVP server state to new

- bsc#968973: Only obsolete but do not provide gplv2/3
package names.

- bso#6482: s3:utils/smbget: Fix recursive download.

- bso#10489: s3: smbd: posix_acls: Fix check for setting
u:g:o entry on a filesystem with no ACL support.

- bso#11643: docs: Add example for domain logins to
smbspool man page.

- bso#11690: s3-client: Add a KRB5 wrapper for smbspool.

- bso#11708: loadparm: Fix memory leak issue.

- bso#11714: lib/tsocket: Work around sockets not
supporting FIONREAD.

- bso#11719: ctdb-scripts: Drop use of 'smbcontrol
winbindd ip-dropped ...'.

- bso#11727: s3:smbd:open: Skip redundant call to
file_set_dosmode when creating a new file.

- bso#11732: param: Fix str_list_v3 to accept ';' again.

- bso#11740: Real memeory leak(buildup) issue in loadparm.

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP1 :

zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-604=1

SUSE Linux Enterprise Server 12-SP1 :

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-604=1

SUSE Linux Enterprise High Availability 12-SP1 :

zypper in -t patch SUSE-SLE-HA-12-SP1-2016-604=1

SUSE Linux Enterprise Desktop 12-SP1 :

zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-604=1

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.6
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 90534 ()

Bugtraq ID:

CVE ID: CVE-2015-5370

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now