vuln-list-alt/oval/p11/ALT-PU-2018-2167/definitions.json

{
  "Definition": [
    {
      "ID": "oval:org.altlinux.errata:def:20182167",
      "Version": "oval:org.altlinux.errata:def:20182167",
      "Class": "patch",
      "Metadata": {
        "Title": "ALT-PU-2018-2167: package `samba` update to version 4.8.4-alt1.S1",
        "AffectedList": [
          {
            "Family": "unix",
            "Platforms": [
              "ALT Linux branch p11"
            ],
            "Products": [
              "ALT Container"
            ]
          }
        ],
        "References": [
          {
            "RefID": "ALT-PU-2018-2167",
            "RefURL": "https://errata.altlinux.org/ALT-PU-2018-2167",
            "Source": "ALTPU"
          },
          {
            "RefID": "BDU:2019-01639",
            "RefURL": "https://bdu.fstec.ru/vul/2019-01639",
            "Source": "BDU"
          },
          {
            "RefID": "BDU:2020-00691",
            "RefURL": "https://bdu.fstec.ru/vul/2020-00691",
            "Source": "BDU"
          },
          {
            "RefID": "BDU:2020-00692",
            "RefURL": "https://bdu.fstec.ru/vul/2020-00692",
            "Source": "BDU"
          },
          {
            "RefID": "BDU:2020-00693",
            "RefURL": "https://bdu.fstec.ru/vul/2020-00693",
            "Source": "BDU"
          },
          {
            "RefID": "BDU:2020-00694",
            "RefURL": "https://bdu.fstec.ru/vul/2020-00694",
            "Source": "BDU"
          },
          {
            "RefID": "CVE-2018-10858",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-10858",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2018-10918",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-10918",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2018-10919",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-10919",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2018-1139",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-1139",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2018-1140",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-1140",
            "Source": "CVE"
          }
        ],
        "Description": "This update upgrades samba to version 4.8.4-alt1.S1. \nSecurity Fix(es):\n\n * BDU:2019-01639: Уязвимость программного обеспечения Samba, связанная c переполнением буфера динамической памяти, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2020-00691: Уязвимость пакета программ для сетевого взаимодействия Samba, связанная с разыменованием нулевого указателя, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-00692: Уязвимость компонента Active Directory LDAP-сервера программ сетевого взаимодействия Samba, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным\n\n * BDU:2020-00693: Уязвимость компонента аутентификации NTLMv1 программ сетевого взаимодействия Samba, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным\n\n * BDU:2020-00694: Уязвимость компонента LDAP-сервера программ сетевого взаимодействия Samba, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2018-10858: A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.\n\n * CVE-2018-10918: A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable.\n\n * CVE-2018-10919: The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.\n\n * CVE-2018-1139: A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.\n\n * CVE-2018-1140: A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable",
        "Advisory": {
          "From": "errata.altlinux.org",
          "Severity": "High",
          "Rights": "Copyright 2024 BaseALT Ltd.",
          "Issued": {
            "Date": "2018-08-17"
          },
          "Updated": {
            "Date": "2018-08-17"
          },
          "BDUs": [
            {
              "ID": "BDU:2019-01639",
              "CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
              "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "CWE": "CWE-119",
              "Href": "https://bdu.fstec.ru/vul/2019-01639",
              "Impact": "High",
              "Public": "20180822"
            },
            {
              "ID": "BDU:2020-00691",
              "CVSS": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
              "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "CWE-476",
              "Href": "https://bdu.fstec.ru/vul/2020-00691",
              "Impact": "Low",
              "Public": "20180822"
            },
            {
              "ID": "BDU:2020-00692",
              "CVSS": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
              "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "CWE": "CWE-200",
              "Href": "https://bdu.fstec.ru/vul/2020-00692",
              "Impact": "Low",
              "Public": "20180822"
            },
            {
              "ID": "BDU:2020-00693",
              "CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
              "CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "CWE": "CWE-522",
              "Href": "https://bdu.fstec.ru/vul/2020-00693",
              "Impact": "High",
              "Public": "20180822"
            },
            {
              "ID": "BDU:2020-00694",
              "CVSS": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
              "CVSS3": "AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "CWE-20",
              "Href": "https://bdu.fstec.ru/vul/2020-00694",
              "Impact": "Low",
              "Public": "20180822"
            }
          ],
          "CVEs": [
            {
              "ID": "CVE-2018-10858",
              "CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
              "CVSS3": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "CWE": "CWE-119",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-10858",
              "Impact": "High",
              "Public": "20180822"
            },
            {
              "ID": "CVE-2018-10918",
              "CVSS": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
              "CVSS3": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "CWE-476",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-10918",
              "Impact": "Low",
              "Public": "20180822"
            },
            {
              "ID": "CVE-2018-10919",
              "CVSS": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
              "CVSS3": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "CWE": "CWE-200",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-10919",
              "Impact": "Low",
              "Public": "20180822"
            },
            {
              "ID": "CVE-2018-1139",
              "CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
              "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "CWE": "CWE-522",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-1139",
              "Impact": "High",
              "Public": "20180822"
            },
            {
              "ID": "CVE-2018-1140",
              "CVSS": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
              "CVSS3": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "CWE-20",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-1140",
              "Impact": "Low",
              "Public": "20180822"
            }
          ],
          "AffectedCPEs": {
            "CPEs": [
              "cpe:/o:alt:container:11"
            ]
          }
        }
      },
      "Criteria": {
        "Operator": "AND",
        "Criterions": [
          {
            "TestRef": "oval:org.altlinux.errata:tst:3001",
            "Comment": "ALT Linux must be installed"
          }
        ],
        "Criterias": [
          {
            "Operator": "OR",
            "Criterions": [
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167001",
                "Comment": "ctdb is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167002",
                "Comment": "ctdb-tests is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167003",
                "Comment": "libnetapi is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167004",
                "Comment": "libsmbclient is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167005",
                "Comment": "libsmbclient-devel is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167006",
                "Comment": "libwbclient is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167007",
                "Comment": "libwbclient-devel is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167008",
                "Comment": "python-module-samba is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167009",
                "Comment": "python3-module-samba is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167010",
                "Comment": "samba is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167011",
                "Comment": "samba-client is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167012",
                "Comment": "samba-client-libs is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167013",
                "Comment": "samba-common is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167014",
                "Comment": "samba-common-libs is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167015",
                "Comment": "samba-common-tools is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167016",
                "Comment": "samba-dc is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167017",
                "Comment": "samba-dc-libs is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167018",
                "Comment": "samba-devel is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167019",
                "Comment": "samba-libs is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167020",
                "Comment": "samba-pidl is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167021",
                "Comment": "samba-test is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167022",
                "Comment": "samba-vfs-cephfs is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167023",
                "Comment": "samba-vfs-glusterfs is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167024",
                "Comment": "samba-winbind is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167025",
                "Comment": "samba-winbind-clients is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167026",
                "Comment": "samba-winbind-krb5-localauth is earlier than 0:4.8.4-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20182167027",
                "Comment": "samba-winbind-krb5-locator is earlier than 0:4.8.4-alt1.S1"
              }
            ]
          }
        ]
      }
    }
  ]
}