openSUSE 10 Security Update : samba (samba-2584)

High Nessus Plugin ID 27428


The remote openSUSE host is missing a security update.


A logic error in the deferred open code can lead to an infinite loop in Samba's smbd daemon.

In addition the following changes are included with these packages :

- Disable broken DCERPC funnel patch; [#242833].

- Avoid winbind event handler for internal domains.

- Fix smbcontrol winbind offline; [#223418].

- Fail on offline pwd change attempts; [#223501].

- Register check_dom_handler when coming from offline mode.

- Fix pam_winbind passwd changes in online mode.

- Call set_domain_online in init_domain_list().

- Winbind cleanup after failure and fix crash bug.

- Don't register check domain handler for all trusts.

- Add separate logfile for dc-connect wb child.

- Only write custom krb5 conf for own domain.

- Move check domain handler to fork_domain_child.

- Fix pam_winbind text string typo; [#238496].

- Support sites without DCs (automatic site coverage);

- Fix invalid krb5 cred cache deletion; [#227782].

- Fix invalid warning in the PAM session close;

- Fix DC queries for all DCs; [#230963].

- Fix sitename usage depending on realm; [#195354].

- Add DCERPC funnel patch; fate [#300768].

- Fix pam password change with w2k DCs; [#237281].

- Check from the init script for SAMBA_<daemonname>_ENV variable expected to be set in /etc/sysconfig/samba to export a particular environment variable before starting a daemon. See section 'Setup a particular environment for a Samba daemon' from the README file how this feature is to use.

- Remove %config tag from /usr/share/omc/svcinfo.d/*.xml files.

- Fix pam_winbind grace offline logins; [#223501].

- Fix password expiry message; [#231583].

- Move XML service description documents; fate [#301712].

- Disable smbmnt, smbmount, and smbumount for systems newer than 10.1.

- Add XML service description documents; fate [#301712].

- Move tdb utils to the client package.

- Fix crash caused by deleting a message dispatch handler from inside the handler itself; [#221709].

- Fix delays in winbindd access when on a non-home network; [#222595].


Update the affected samba packages.

Plugin Details

Severity: High

ID: 27428

File Name: suse_samba-2584.nasl

Version: $Revision: 1.8 $

Type: local

Agent: unix

Published: 2007/10/17

Modified: 2014/06/13

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:samba, p-cpe:/a:novell:opensuse:samba-32bit, p-cpe:/a:novell:opensuse:samba-client, p-cpe:/a:novell:opensuse:samba-client-32bit, p-cpe:/a:novell:opensuse:samba-winbind, p-cpe:/a:novell:opensuse:samba-winbind-32bit, cpe:/o:novell:opensuse:10.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2007/02/08