openSUSE Security Update : samba and resource-agents (openSUSE-2017-987) (Orpheus' Lyre)

high Nessus Plugin ID 102849

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote openSUSE host is missing a security update.

Description

This update provides Samba 4.6.7, which fixes the following issues :

- CVE-2017-11103: Metadata were being taken from the unauthenticated plaintext (the Ticket) rather than the authenticated and encrypted KDC response. (bsc#1048278)

- Fix cephwrap_chdir(). (bsc#1048790)

- Fix ctdb logs to /var/log/log.ctdb instead of /var/log/ctdb. (bsc#1048339)

- Fix inconsistent ctdb socket path. (bsc#1048352)

- Fix non-admin cephx authentication. (bsc#1048387)

- CTDB cannot start when there is no persistent database.
(bsc#1052577)

The CTDB resource agent was also fixed to not fail when the database is empty.

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Solution

Update the affected samba and resource-agents packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1048278

https://bugzilla.opensuse.org/show_bug.cgi?id=1048339

https://bugzilla.opensuse.org/show_bug.cgi?id=1048352

https://bugzilla.opensuse.org/show_bug.cgi?id=1048387

https://bugzilla.opensuse.org/show_bug.cgi?id=1048790

https://bugzilla.opensuse.org/show_bug.cgi?id=1052577

https://bugzilla.opensuse.org/show_bug.cgi?id=1054017

Plugin Details

Severity: High

ID: 102849

File Name: openSUSE-2017-987.nasl

Version: 3.4

Type: local

Agent: unix

Published: 8/31/2017

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:2.3:o:novell:opensuse:42.3:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libnetapi-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libnetapi0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libnetapi0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbclient-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbclient0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbclient0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbclient0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbclient0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwbclient-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwbclient0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwbclient0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwbclient0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwbclient0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-client:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-client-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-client-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-client-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-debugsource:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-winbind:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-winbind-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-winbind-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-winbind-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:ctdb:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:ctdb-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:ctdb-tests:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:ctdb-tests-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc-binding0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc-binding0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc-binding0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc-binding0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc-samr-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc-samr0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc-samr0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc-samr0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc-samr0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libdcerpc0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-krb5pac-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-krb5pac0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-krb5pac0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-krb5pac0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-krb5pac0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-nbt-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-nbt0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-nbt0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-nbt0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-nbt0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-standard-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-standard0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-standard0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-standard0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr-standard0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libndr0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libnetapi0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libnetapi0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-credentials-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-credentials0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-credentials0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-credentials0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-credentials0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-hostconfig-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-hostconfig0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-hostconfig0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-hostconfig0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-hostconfig0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-passdb-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-passdb0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-passdb0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-passdb0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-passdb0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-policy-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-policy0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-policy0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-policy0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-policy0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-util-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-util0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-util0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-util0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-util0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamdb-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamdb0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamdb0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamdb0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamdb0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbconf-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbconf0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbconf0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbconf0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbconf0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbldap-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbldap0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbldap0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbldap0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsmbldap0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libtevent-util-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libtevent-util0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libtevent-util0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libtevent-util0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libtevent-util0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-core-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-libs:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-libs-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-libs-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-libs-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-pidl:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-python:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-python-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-test:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-test-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-errors-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-errors0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-errors0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-errors0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libsamba-errors0-debuginfo-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-ceph:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:samba-ceph-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:ldirectord:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:monitoring-plugins-metadata:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:resource-agents:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:resource-agents-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:resource-agents-debugsource:*:*:*:*:*:*:*

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 8/30/2017

Reference Information

CVE: CVE-2017-11103