Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2019.2868.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2019:2868-1)
Summary:The remote host is missing an update for the 'samba' package(s) announced via the SUSE-SU-2019:2868-1 advisory.
Description:Summary:
The remote host is missing an update for the 'samba' package(s) announced via the SUSE-SU-2019:2868-1 advisory.

Vulnerability Insight:
This update for samba fixes the following issues:

Security issues fixed:
CVE-2019-14847: User with 'get changes' permission can crash AD DC LDAP
server via dirsync (bsc#1154598).

CVE-2019-10218: Client code can return filenames containing path
separators (bsc#1144902).

CVE-2019-14833: Fixed Accent with 'check script password' where the
Samba AD DC check password script does not receive the full password
(bsc#1154289).

Other issues fixed:
Fix vfs_ceph realpath (bsc#1134452).

MacOS credit accounting breaks with async SESSION SETUP (bsc#1125601).

Mac OS X SMB2 implmenetation sees Input/output error or Resource
temporarily unavailable and drops connection

Explicitly enable libcephfs POSIX ACL support (bsc#1130245).

Fix vfs_ceph ftruncate and fallocate handling (bsc#1127153).

Affected Software/OS:
'samba' package(s) on SUSE Linux Enterprise Module for Packagehub Subpackages 15, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Module for Basesystem 15, SUSE Linux Enterprise High Availability 15

Solution:
Please install the updated package(s).

CVSS Score:
4.9

CVSS Vector:
AV:N/AC:M/Au:S/C:P/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-10218
Common Vulnerability Exposure (CVE) ID: CVE-2019-14833
Common Vulnerability Exposure (CVE) ID: CVE-2019-14847
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.