openSUSE Security Update : samba (openSUSE-SU-2014:0404-1)

Medium Nessus Plugin ID 75301

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.3

Synopsis

The remote openSUSE host is missing a security update.

Description

Samba was updated to 4.1.6, fixing bugs and security issues :

- Password lockout not enforced for SAMR password changes, this allowed brute forcing of passwords; CVE-2013-4496;
(bnc#849224).

- smbcacls can remove a file or directory ACL by mistake;
CVE-2013-6442; (bnc#855866).

Also the following bugs were fixed :

- Call update-apparmor-samba-profile via ExecStartPre too;
(bnc#867665).

- Retry named pipe open requests on STATUS_PIPE_NOT_AVAILABLE; (bso#10484); (bnc#865095).

- Propagate snapshot enumeration permissions errors to SMB clients; (bnc#865641).

- Properly handle empty 'requires_membership_of' entries in /etc/security/pam_winbind.conf; (bnc#865771).

- Fix problem with server taking too long to respond to a MSG_PRINTER_DRVUPGRADE message; (bso#9942);
(bnc#863748).

- Fix memory leak in printer_list_get_printer();
(bso#9993); (bnc#865561).

- Fix stream_depot VFS module on Btrfs; (bso#10467);
(bnc#865397).

- Use libarchive to provide improved smbclient tarmode functionality; (bso#9667); (bnc#861135).

- Depend on %version-%release with all manual Provides and Requires; (bnc#844307).

- Update to 4.1.5.

+ Fix 100% CPU utilization in winbindd when trying to free memory in winbindd_reinit_after_fork; (bso#10358);
(bnc#786677).

+ smbd: Fix memory overwrites; (bso#10415).

+ s3-winbind: Improve performance of wb_fill_pwent_sid2uid_done(); (bso#2191).

+ ntlm_auth sometimes returns the wrong username to mod_ntlm_auth_winbind; (bso#10087).

+ s3: smbpasswd: Fix crashes on invalid input;
(bso#10320).

+ s3: vfs_dirsort module: Allow dirsort to work when multiple simultaneous directories are open; (bso#10406).

+ Add support for Heimdal's unified krb5 and hdb plugin system, cope with first element in hdb_method having a different name in different heimdal versions and fix INTERNAL ERROR: Signal 11 in the kdc pid; (bso#10418).

+ vfs_btrfs: Fix incorrect zero length server-side copy request handling; (bso#10424).

+ s3: modules: streaminfo: As we have no VFS function SMB_VFS_LLISTXATTR we can't cope with a symlink when lp_posix_pathnames() is true; (bso#10429).

+ smbd: Fix an ancient oplock bug; (bso#10436).

+ Fix crash bug in smb2_notify code; (bso#10442).

- Remove superfluous obsoletes *-64bit in the ifarch ppc64 case; (bnc#437293).

- Migrate @GMT token parsing functionality into vfs_snapper; (bnc#863079).

+ Improve vfs_snapper documentation.

- Fix Winbind 100% CPU utilization caused by domain list corruption; (bso#10358); (bnc#786677).

- Fix memory overwrite in FSCTL_VALIDATE_NEGOTIATE_INFO handler; (bso#10415); (bnc#862370).

- Streamline the vendor suffix handling and add support for SLE 12.

- Fix zero length server-side copy request handling;
(bso#10424); (bnc#862558).

- Set the PID directory to /run/samba on post-12.2 systems.

- Make use of the tmpfilesdir macro while calling systemd-tmpfiles.

- Make winbindd print the interface version when it gets an INTERFACE_VERSION request; (bnc#726937).

- Fix vfs_btrfs build on older platforms with duplicate WRITE_FLUSH definitions; (bnc#860832).

- Check for NULL gensec_security in gensec_security_by_auth_type(); (bnc#860809).

- Ensure ndr table initialization; (bnc#860648).

- Add File Server Remote VSS Protocol (FSRVP) server for SMB share shadow-copies; (fate#313346).

- s3-dir: Fix the DOS clients against 64-bit smbd's;
(bso#2662).

- shadow_copy2: module 'Previous Version' not working in Windows 7; (bso#10259).

- s3-passdb: Fix string duplication to pointers;
(bso#10367).

- vfs/glusterfs: in case atime is not passed, set it to the current atime; (bso#10384)

- s3: winbindd: Move calling setup_domain_child() into add_trusted_domain(); (bso#10358); (bnc#786677).

- Default sysconfig daemon options to -D; (bso#10388);
(bnc#857454).

- Add /var/cache/samba to the client file list;
(bnc#846586).

- Really add the WINBINDDOPTIONS sysconfig variable on install; (bnc#857454).

- Correct sysconfig variable names by adding the missing D char; (bnc#857454).

- Update to 4.1.4.

+ Fix segfault in smbd; (bso#10284).

+ Fix SMB2 server panic when a smb2 brlock times out;
(bso#10311).

- Call stop_on_removal from preun and restart_on_update and insserv_cleanup from postun on pre-12.3 systems only; (bnc#857454).

- BuildRequire gamin-devel instead of unmaintained fam-devel package on post-12.1 systems.

- smbd: allow updates on directory write times on open handles; (bso#9870).

- lib/util: use proper include for struct stat;
(bso#10276).

- s3:winbindd fix use of uninitialized variables;
(bso#10280).

- s3-winbindd: Fix DEBUG statement in winbind_msg_offline(); (bso#10285).

- s3-lib: Fix %G substitution for domain users in smbd;
(bso#10286).

- smbd: Always use UCF_PREP_CREATEFILE for filename_convert calls to resolve a path for open;
(bso#10297).

- smb2_server processing overhead; (bso#10298).

- ldb: bad if test in ldb_comparison_fold(); (bso#10305).

- Fix AIO with SMB2 and locks; (bso#10310).

- smbd: Fix a panic when a smb2 brlock times out;
(bso#10311).

- vfs_glusterfs: Enable per client log file; (bso#10337).

- Add /etc/sysconfig/samba to the main and winbind package; (bnc#857454).

- Create /var/run/samba with systemd-tmpfiles on post-12.2 systems; (bnc#856759).

- Fix broken rc(nmb,smb,winbind) sym links which should point to the service binary on post-12.2 systems;
(bnc#856759).

- Add Snapper VFS module for snapshot manipulation;
(fate#313347).

+ dbus-1-devel required at build time.

- Add File Server Remote VSS Protocol (FSRVP) client for SMB share shadow-copies; (fate#313345).

- Do not BuildRequire perl ExtUtils::MakeMaker and Parse::Yapp as they're part of the minimum build environment.

- Allow smbcacls to take a '--propagate-inheritance' flag to indicate that the add, delete, modify and set operations now support automatic propagation of inheritable ACE(s); (FATE#316474).

Solution

Update the affected samba packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=437293

https://bugzilla.novell.com/show_bug.cgi?id=726937

https://bugzilla.novell.com/show_bug.cgi?id=786677

https://bugzilla.novell.com/show_bug.cgi?id=844307

https://bugzilla.novell.com/show_bug.cgi?id=846586

https://bugzilla.novell.com/show_bug.cgi?id=849224

https://bugzilla.novell.com/show_bug.cgi?id=855866

https://bugzilla.novell.com/show_bug.cgi?id=856759

https://bugzilla.novell.com/show_bug.cgi?id=857454

https://bugzilla.novell.com/show_bug.cgi?id=860648

https://bugzilla.novell.com/show_bug.cgi?id=860809

https://bugzilla.novell.com/show_bug.cgi?id=860832

https://bugzilla.novell.com/show_bug.cgi?id=861135

https://bugzilla.novell.com/show_bug.cgi?id=862370

https://bugzilla.novell.com/show_bug.cgi?id=862558

https://bugzilla.novell.com/show_bug.cgi?id=863079

https://bugzilla.novell.com/show_bug.cgi?id=863748

https://bugzilla.novell.com/show_bug.cgi?id=865095

https://bugzilla.novell.com/show_bug.cgi?id=865397

https://bugzilla.novell.com/show_bug.cgi?id=865561

https://bugzilla.novell.com/show_bug.cgi?id=865641

https://bugzilla.novell.com/show_bug.cgi?id=865771

https://bugzilla.novell.com/show_bug.cgi?id=867665

https://lists.opensuse.org/opensuse-updates/2014-03/msg00062.html

Plugin Details

Severity: Medium

ID: 75301

File Name: openSUSE-2014-228.nasl

Version: 1.4

Type: local

Agent: unix

Published: 2014/06/13

Updated: 2020/06/04

Dependencies: 12634

Risk Information

Risk Factor: Medium

VPR Score: 5.3

CVSS v2.0

Base Score: 5.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libdcerpc-atsvc-devel, p-cpe:/a:novell:opensuse:libdcerpc-atsvc0, p-cpe:/a:novell:opensuse:libdcerpc-atsvc0-32bit, p-cpe:/a:novell:opensuse:libdcerpc-atsvc0-debuginfo, p-cpe:/a:novell:opensuse:libdcerpc-atsvc0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libdcerpc-binding0, p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit, p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo, p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libdcerpc-devel, p-cpe:/a:novell:opensuse:libdcerpc-samr-devel, p-cpe:/a:novell:opensuse:libdcerpc-samr0, p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit, p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo, p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libdcerpc0, p-cpe:/a:novell:opensuse:libdcerpc0-32bit, p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo, p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libgensec-devel, p-cpe:/a:novell:opensuse:libgensec0, p-cpe:/a:novell:opensuse:libgensec0-32bit, p-cpe:/a:novell:opensuse:libgensec0-debuginfo, p-cpe:/a:novell:opensuse:libgensec0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libndr-devel, p-cpe:/a:novell:opensuse:libndr-krb5pac-devel, p-cpe:/a:novell:opensuse:libndr-krb5pac0, p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit, p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo, p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libndr-nbt-devel, p-cpe:/a:novell:opensuse:libndr-nbt0, p-cpe:/a:novell:opensuse:libndr-nbt0-32bit, p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo, p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libndr-standard-devel, p-cpe:/a:novell:opensuse:libndr-standard0, p-cpe:/a:novell:opensuse:libndr-standard0-32bit, p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo, p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libndr0, p-cpe:/a:novell:opensuse:libndr0-32bit, p-cpe:/a:novell:opensuse:libndr0-debuginfo, p-cpe:/a:novell:opensuse:libndr0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libnetapi-devel, p-cpe:/a:novell:opensuse:libnetapi0, p-cpe:/a:novell:opensuse:libnetapi0-32bit, p-cpe:/a:novell:opensuse:libnetapi0-debuginfo, p-cpe:/a:novell:opensuse:libnetapi0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libpdb-devel, p-cpe:/a:novell:opensuse:libpdb0, p-cpe:/a:novell:opensuse:libpdb0-32bit, p-cpe:/a:novell:opensuse:libpdb0-debuginfo, p-cpe:/a:novell:opensuse:libpdb0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libregistry-devel, p-cpe:/a:novell:opensuse:libregistry0, p-cpe:/a:novell:opensuse:libregistry0-32bit, p-cpe:/a:novell:opensuse:libregistry0-debuginfo, p-cpe:/a:novell:opensuse:libregistry0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsamba-credentials-devel, p-cpe:/a:novell:opensuse:libsamba-credentials0, p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit, p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo, p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel, p-cpe:/a:novell:opensuse:libsamba-hostconfig0, p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit, p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo, p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsamba-policy-devel, p-cpe:/a:novell:opensuse:libsamba-policy0, p-cpe:/a:novell:opensuse:libsamba-policy0-32bit, p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo, p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsamba-util-devel, p-cpe:/a:novell:opensuse:libsamba-util0, p-cpe:/a:novell:opensuse:libsamba-util0-32bit, p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo, p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsamdb-devel, p-cpe:/a:novell:opensuse:libsamdb0, p-cpe:/a:novell:opensuse:libsamdb0-32bit, p-cpe:/a:novell:opensuse:libsamdb0-debuginfo, p-cpe:/a:novell:opensuse:libsamdb0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsmbclient-devel, p-cpe:/a:novell:opensuse:libsmbclient-raw-devel, p-cpe:/a:novell:opensuse:libsmbclient-raw0, p-cpe:/a:novell:opensuse:libsmbclient-raw0-32bit, p-cpe:/a:novell:opensuse:libsmbclient-raw0-debuginfo, p-cpe:/a:novell:opensuse:libsmbclient-raw0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsmbclient0, p-cpe:/a:novell:opensuse:libsmbclient0-32bit, p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo, p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsmbconf-devel, p-cpe:/a:novell:opensuse:libsmbconf0, p-cpe:/a:novell:opensuse:libsmbconf0-32bit, p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo, p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsmbldap-devel, p-cpe:/a:novell:opensuse:libsmbldap0, p-cpe:/a:novell:opensuse:libsmbldap0-32bit, p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo, p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsmbsharemodes-devel, p-cpe:/a:novell:opensuse:libsmbsharemodes0, p-cpe:/a:novell:opensuse:libsmbsharemodes0-debuginfo, p-cpe:/a:novell:opensuse:libtevent-util-devel, p-cpe:/a:novell:opensuse:libtevent-util0, p-cpe:/a:novell:opensuse:libtevent-util0-32bit, p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo, p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libwbclient-devel, p-cpe:/a:novell:opensuse:libwbclient0, p-cpe:/a:novell:opensuse:libwbclient0-32bit, p-cpe:/a:novell:opensuse:libwbclient0-debuginfo, p-cpe:/a:novell:opensuse:libwbclient0-debuginfo-32bit, p-cpe:/a:novell:opensuse:samba, p-cpe:/a:novell:opensuse:samba-32bit, p-cpe:/a:novell:opensuse:samba-client, p-cpe:/a:novell:opensuse:samba-client-32bit, p-cpe:/a:novell:opensuse:samba-client-debuginfo, p-cpe:/a:novell:opensuse:samba-client-debuginfo-32bit, p-cpe:/a:novell:opensuse:samba-core-devel, p-cpe:/a:novell:opensuse:samba-debuginfo, p-cpe:/a:novell:opensuse:samba-debuginfo-32bit, p-cpe:/a:novell:opensuse:samba-debugsource, p-cpe:/a:novell:opensuse:samba-libs, p-cpe:/a:novell:opensuse:samba-libs-32bit, p-cpe:/a:novell:opensuse:samba-libs-debuginfo, p-cpe:/a:novell:opensuse:samba-libs-debuginfo-32bit, p-cpe:/a:novell:opensuse:samba-pidl, p-cpe:/a:novell:opensuse:samba-python, p-cpe:/a:novell:opensuse:samba-python-debuginfo, p-cpe:/a:novell:opensuse:samba-test, p-cpe:/a:novell:opensuse:samba-test-debuginfo, p-cpe:/a:novell:opensuse:samba-test-devel, p-cpe:/a:novell:opensuse:samba-winbind, p-cpe:/a:novell:opensuse:samba-winbind-32bit, p-cpe:/a:novell:opensuse:samba-winbind-debuginfo, p-cpe:/a:novell:opensuse:samba-winbind-debuginfo-32bit, cpe:/o:novell:opensuse:13.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2014/03/12

Vulnerability Publication Date: 2014/03/14

Reference Information

CVE: CVE-2013-4496, CVE-2013-6442