Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2020.1948.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2020:1948-1)
Summary:The remote host is missing an update for the 'ldb, samba' package(s) announced via the SUSE-SU-2020:1948-1 advisory.
Description:Summary:
The remote host is missing an update for the 'ldb, samba' package(s) announced via the SUSE-SU-2020:1948-1 advisory.

Vulnerability Insight:
This update for ldb, samba fixes the following issues:

Changes in samba:
Update to samba 4.11.11
+ CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and
VLV combined, (bso#14364), (bsc#1173159]
+ CVE-2020-10745: invalid DNS or NBT queries containing dots use several
seconds of CPU each, (bso#14378), (bsc#1173160).
+ CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP server
with paged_result or VLV, (bso#14402), (bsc#1173161)
+ CVE-2020-14303: Endless loop from empty UDP packet sent to AD DC
nbt_server, (bso#14417), (bsc#1173359).

Update to samba 4.11.10
+ Fix segfault when using SMBC_opendir_ctx() routine for share folder
that contains incorrect symbols in any file name, (bso#14374).
+ vfs_shadow_copy2 doesn't fail case looking in snapdirseverywhere mode,
(bso#14350)
+ ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr, (bso#14413).
+ Malicous SMB1 server can crash libsmbclient, (bso#14366)
+ winbindd: Fix a use-after-free when winbind clients exit, (bso#14382)
+ ldb: Bump version to 2.0.11, LMDB databases can grow without bounds.
(bso#14330)

Update to samba 4.11.9
+ nmblib: Avoid undefined behaviour in handle_name_ptrs(), (bso#14242).
+ 'samba-tool group' commands do not handle group names with special
chars correctly, (bso#14296).
+ smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid,
(bso#14237).
+ Missing check for DMAPI offline status in async DOS attributes,
(bso#14293).
+ smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs,
(bso#14307).
+ vfs_recycle: Prevent flooding the log if we're called on non-existant
paths, (bso#14316)
+ smbd mistakenly updates a file's write-time on close, (bso#14320).
+ RPC handles cannot be differentiated in source3 RPC server,
(bso#14359).
+ librpc: Fix IDL for svcctl_ChangeServiceConfigW, (bso#14313).
+ nsswitch: Fix use-after-free causing segfault in _pam_delete_cred,
(bso#14327).
+ Fix fruit:time machine max size on arm, (bso#13622)
+ CTDB recovery corner cases can cause record resurrection and node
banning, (bso#14294).
+ ctdb: Fix a memleak, (bso#14348).
+ libsmb: Don't try to find posix stat info in SMBC_getatr().
+ ctdb-tcp: Move free of inbound queue to TCP restart, (bso#14295),
(bsc#1162680).
+ s3/librpc/crypto: Fix double free with unresolved credential cache,
(bso#14344), (bsc#1169095)
+ s3:libads: Fix ads_get_upn(), (bso#14336).
+ CTDB recovery corner cases can cause record resurrection and node
banning, (bso#14294)
+ Starting ctdb node that was powered off hard before results in
recovery loop, (bso#14295), (bsc#1162680).
+ ctdb-recoverd: Avoid dereferencing NULL rec->nodemap, (bso#14324)

Update to samba 4.11.8
+ CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ,
(bso#14331), (bsc#1169850),
+ CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD
DC, (bso#14334), (bsc#1169851),

Update... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'ldb, samba' package(s) on SUSE Linux Enterprise Module for Python2 15-SP2, SUSE Linux Enterprise Module for Basesystem 15-SP2, SUSE Linux Enterprise High Availability 15-SP2

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-10700
Common Vulnerability Exposure (CVE) ID: CVE-2020-10704
Common Vulnerability Exposure (CVE) ID: CVE-2020-10730
Common Vulnerability Exposure (CVE) ID: CVE-2020-10745
Common Vulnerability Exposure (CVE) ID: CVE-2020-10760
Common Vulnerability Exposure (CVE) ID: CVE-2020-14303
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.