vuln-list-alt/oval/c10f1/ALT-PU-2018-1497/definitions.json

{
  "Definition": [
    {
      "ID": "oval:org.altlinux.errata:def:20181497",
      "Version": "oval:org.altlinux.errata:def:20181497",
      "Class": "patch",
      "Metadata": {
        "Title": "ALT-PU-2018-1497: package `samba` update to version 4.7.6-alt1.S1",
        "AffectedList": [
          {
            "Family": "unix",
            "Platforms": [
              "ALT Linux branch c10f1"
            ],
            "Products": [
              "ALT SP Workstation",
              "ALT SP Server"
            ]
          }
        ],
        "References": [
          {
            "RefID": "ALT-PU-2018-1497",
            "RefURL": "https://errata.altlinux.org/ALT-PU-2018-1497",
            "Source": "ALTPU"
          },
          {
            "RefID": "BDU:2018-00367",
            "RefURL": "https://bdu.fstec.ru/vul/2018-00367",
            "Source": "BDU"
          },
          {
            "RefID": "BDU:2018-00368",
            "RefURL": "https://bdu.fstec.ru/vul/2018-00368",
            "Source": "BDU"
          },
          {
            "RefID": "CVE-2018-1050",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-1050",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2018-1057",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-1057",
            "Source": "CVE"
          }
        ],
        "Description": "This update upgrades samba to version 4.7.6-alt1.S1. \nSecurity Fix(es):\n\n * BDU:2018-00367: Уязвимость пакета программ сетевого взаимодействия Samba, связанная с отсутствием проверки входных данных, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2018-00368: Уязвимость сервера LDAP пакета программ сетевого взаимодействия Samba, позволяющая нарушителю изменять пароли других пользователей\n\n * CVE-2018-1050: All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.\n\n * CVE-2018-1057: On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).",
        "Advisory": {
          "From": "errata.altlinux.org",
          "Severity": "High",
          "Rights": "Copyright 2024 BaseALT Ltd.",
          "Issued": {
            "Date": "2018-03-27"
          },
          "Updated": {
            "Date": "2018-03-27"
          },
          "BDUs": [
            {
              "ID": "BDU:2018-00367",
              "CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
              "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "CWE-20",
              "Href": "https://bdu.fstec.ru/vul/2018-00367",
              "Impact": "High",
              "Public": "20180313"
            },
            {
              "ID": "BDU:2018-00368",
              "CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
              "CVSS3": "AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
              "CWE": "CWE-863",
              "Href": "https://bdu.fstec.ru/vul/2018-00368",
              "Impact": "High",
              "Public": "20180313"
            }
          ],
          "CVEs": [
            {
              "ID": "CVE-2018-1050",
              "CVSS": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
              "CVSS3": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "CWE": "CWE-476",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-1050",
              "Impact": "Low",
              "Public": "20180313"
            },
            {
              "ID": "CVE-2018-1057",
              "CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "CWE": "CWE-863",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-1057",
              "Impact": "High",
              "Public": "20180313"
            }
          ],
          "AffectedCPEs": {
            "CPEs": [
              "cpe:/o:alt:spworkstation:10",
              "cpe:/o:alt:spserver:10"
            ]
          }
        }
      },
      "Criteria": {
        "Operator": "AND",
        "Criterions": [
          {
            "TestRef": "oval:org.altlinux.errata:tst:4001",
            "Comment": "ALT Linux must be installed"
          }
        ],
        "Criterias": [
          {
            "Operator": "OR",
            "Criterions": [
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497001",
                "Comment": "ctdb is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497002",
                "Comment": "ctdb-tests is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497003",
                "Comment": "libnetapi is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497004",
                "Comment": "libsmbclient is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497005",
                "Comment": "libsmbclient-devel is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497006",
                "Comment": "libwbclient is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497007",
                "Comment": "libwbclient-devel is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497008",
                "Comment": "python-module-samba is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497009",
                "Comment": "samba is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497010",
                "Comment": "samba-client is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497011",
                "Comment": "samba-client-libs is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497012",
                "Comment": "samba-common is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497013",
                "Comment": "samba-common-libs is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497014",
                "Comment": "samba-common-tools is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497015",
                "Comment": "samba-dc is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497016",
                "Comment": "samba-dc-libs is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497017",
                "Comment": "samba-devel is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497018",
                "Comment": "samba-libs is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497019",
                "Comment": "samba-pidl is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497020",
                "Comment": "samba-test is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497021",
                "Comment": "samba-vfs-cephfs is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497022",
                "Comment": "samba-vfs-glusterfs is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497023",
                "Comment": "samba-winbind is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497024",
                "Comment": "samba-winbind-clients is earlier than 0:4.7.6-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181497025",
                "Comment": "samba-winbind-krb5-locator is earlier than 0:4.7.6-alt1.S1"
              }
            ]
          }
        ]
      }
    }
  ]
}