Test ID:	1.3.6.1.4.1.25623.1.0.850934
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory for samba (SUSE-SU-2015:0353-1)
Summary:	The remote host is missing an update for the 'samba'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the referenced advisory. Vulnerability Insight: samba was updated to fix one security issue. This security issue was fixed: - CVE-2015-0240: Don't call talloc_free on an uninitialized pointer (bnc#917376). These non-security issues were fixed: - Fix vfs_snapper DBus string handling (bso#11055, bnc#913238). - Fix libsmbclient DFS referral handling. + Reuse connections derived from DFS referrals (bso#10123). + Set domain/workgroup based on authentication callback value (bso#11059). - pam_winbind: Fix warn_pwd_expire implementation (bso#9056). - nsswitch: Fix soname of linux nss_*.so.2 modules (bso#9299). - Fix profiles tool (bso#9629). - s3-lib: Do not require a password with --use-ccache (bso#10279). - s4:dsdb/rootdse: Expand extended dn values with the AS_SYSTEM control (bso#10949). - s4-rpc: dnsserver: Fix enumeration of IPv4 and IPv6 addresses (bso#10952). - s3:smb2_server: Allow reauthentication without signing (bso#10958). - s3-smbclient: Return success if we listed the shares (bso#10960). - s3-smbstatus: Fix exit code of profile output (bso#10961). - libcli: SMB2: Pure SMB2-only negprot fix to make us behave as a Windows client does (bso#10966). - s3: smbd/modules: Fix *allocate* calls to follow POSIX error return convention (bso#10982). - Fix 'domain join' by adding 'drsuapi.DsBindInfoFallBack' attribute 'supported_extensions' (bso#11006). - idl:drsuapi: Manage all possible lengths of drsuapi_DsBindInfo (bso#11006). - winbind: Retry LogonControl RPC in ping-dc after session expiration (bso#11034). - yast2-samba-client should be able to specify osName and osVer on AD domain join (bnc#873922). - Lookup FSRVP share snums at runtime rather than storing them persistently (bnc#908627). - Specify soft dependency for network-online.target in Winbind systemd service file (bnc#889175). - Fix spoolss error response marshalling (bso#10984). - pidl/wscript: Remove --with-perl-* options revert buildtools/wafadmin/ Tools/perl.py back to upstream state (bso#10472). - s4-dns: Add support for BIND 9.10 (bso#10620). - nmbd fails to accept '--piddir' option (bso#10711). - S3: source3/smbd/process.c::srv_send_smb() returns true on the error path (bso#10880). - vfs_glusterfs: Remove 'integer fd' code and store the glfs pointers (bso#10889). - s3-nmbd: Fix netbios name truncation (bso#10896). - spoolss: Fix handling of bad EnumJobs levels (bso#10898). - spoolss: Fix jobid in level 3 EnumJobs response (bso#10905). - s3: nmbd: Ensure NetBIOS names are only 15 characters stored (bso#10920). - s3:smb ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: samba on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12 Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0240 1031783 http://www.securitytracker.com/id/1031783 36741 https://www.exploit-db.com/exploits/36741/ 72711 http://www.securityfocus.com/bid/72711 DSA-3171 http://www.debian.org/security/2015/dsa-3171 GLSA-201502-15 http://security.gentoo.org/glsa/glsa-201502-15.xml HPSBGN03288 http://marc.info/?l=bugtraq&m=142722696102151&w=2 HPSBUX03320 http://marc.info/?l=bugtraq&m=143039217203031&w=2 MDVSA-2015:081 http://www.mandriva.com/security/advisories?name=MDVSA-2015:081 MDVSA-2015:082 http://www.mandriva.com/security/advisories?name=MDVSA-2015:082 RHSA-2015:0249 http://rhn.redhat.com/errata/RHSA-2015-0249.html RHSA-2015:0250 http://rhn.redhat.com/errata/RHSA-2015-0250.html RHSA-2015:0251 http://rhn.redhat.com/errata/RHSA-2015-0251.html RHSA-2015:0252 http://rhn.redhat.com/errata/RHSA-2015-0252.html RHSA-2015:0253 http://rhn.redhat.com/errata/RHSA-2015-0253.html RHSA-2015:0254 http://rhn.redhat.com/errata/RHSA-2015-0254.html RHSA-2015:0255 http://rhn.redhat.com/errata/RHSA-2015-0255.html RHSA-2015:0256 http://rhn.redhat.com/errata/RHSA-2015-0256.html RHSA-2015:0257 http://rhn.redhat.com/errata/RHSA-2015-0257.html SSA:2015-064-01 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360345 SSRT101952 SSRT101979 SUSE-SU-2015:0353 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html SUSE-SU-2015:0371 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html SUSE-SU-2015:0386 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html USN-2508-1 http://www.ubuntu.com/usn/USN-2508-1 http://advisories.mageia.org/MGASA-2015-0084.html http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html https://access.redhat.com/articles/1346913 https://bugzilla.redhat.com/show_bug.cgi?id=1191325 https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/ https://support.lenovo.com/product_security/samba_remote_vuln https://support.lenovo.com/us/en/product_security/samba_remote_vuln https://www.samba.org/samba/security/CVE-2015-0240 openSUSE-SU-2015:0375 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html openSUSE-SU-2016:1064 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html openSUSE-SU-2016:1106 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html openSUSE-SU-2016:1107 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.