vuln-list-alt/oval/c9f2/ALT-PU-2016-2466/definitions.json

{
  "Definition": [
    {
      "ID": "oval:org.altlinux.errata:def:20162466",
      "Version": "oval:org.altlinux.errata:def:20162466",
      "Class": "patch",
      "Metadata": {
        "Title": "ALT-PU-2016-2466: package `samba-DC` update to version 4.5.3-alt1.S1",
        "AffectedList": [
          {
            "Family": "unix",
            "Platforms": [
              "ALT Linux branch c9f2"
            ],
            "Products": [
              "ALT SPWorkstation",
              "ALT SPServer"
            ]
          }
        ],
        "References": [
          {
            "RefID": "ALT-PU-2016-2466",
            "RefURL": "https://errata.altlinux.org/ALT-PU-2016-2466",
            "Source": "ALTPU"
          },
          {
            "RefID": "BDU:2021-01289",
            "RefURL": "https://bdu.fstec.ru/vul/2021-01289",
            "Source": "BDU"
          },
          {
            "RefID": "BDU:2021-01425",
            "RefURL": "https://bdu.fstec.ru/vul/2021-01425",
            "Source": "BDU"
          },
          {
            "RefID": "CVE-2016-2123",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2123",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2016-2125",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2125",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2016-2126",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2126",
            "Source": "CVE"
          }
        ],
        "Description": "This update upgrades samba-DC to version 4.5.3-alt1.S1. \nSecurity Fix(es):\n\n * BDU:2021-01289: Уязвимость парсера ndr_pull_dnsp_name пакета программ сетевого взаимодействия Samba, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01425: Уязвимость реализации протокола Kerberos пакета программ сетевого взаимодействия Samba, связанная с недостатком механизма контроля привилегий и средств управления доступом, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2016-2123: A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory corruption. By default, all authenticated LDAP users can write to the dnsRecord attribute on new DNS objects. This makes the defect a remote privilege escalation.\n\n * CVE-2016-2125: It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.\n\n * CVE-2016-2126: Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.",
        "Advisory": {
          "From": "errata.altlinux.org",
          "Severity": "High",
          "Rights": "Copyright 2024 BaseALT Ltd.",
          "Issued": {
            "Date": "2016-12-20"
          },
          "Updated": {
            "Date": "2016-12-20"
          },
          "BDUs": [
            {
              "ID": "BDU:2021-01289",
              "CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
              "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "CWE": "CWE-119",
              "Href": "https://bdu.fstec.ru/vul/2021-01289",
              "Impact": "High",
              "Public": "20181101"
            },
            {
              "ID": "BDU:2021-01425",
              "CVSS": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
              "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "CWE-264",
              "Href": "https://bdu.fstec.ru/vul/2021-01425",
              "Impact": "Low",
              "Public": "20170511"
            }
          ],
          "CVEs": [
            {
              "ID": "CVE-2016-2123",
              "CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "CWE": "CWE-122",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2123",
              "Impact": "High",
              "Public": "20181101"
            },
            {
              "ID": "CVE-2016-2125",
              "CVSS": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
              "CVSS3": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "CWE": "CWE-20",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2125",
              "Impact": "Low",
              "Public": "20181031"
            },
            {
              "ID": "CVE-2016-2126",
              "CVSS": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "CWE-264",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2126",
              "Impact": "Low",
              "Public": "20170511"
            }
          ],
          "AffectedCPEs": {
            "CPEs": [
              "cpe:/o:alt:spworkstation:8.4",
              "cpe:/o:alt:spserver:8.4"
            ]
          }
        }
      },
      "Criteria": {
        "Operator": "AND",
        "Criterions": [
          {
            "TestRef": "oval:org.altlinux.errata:tst:3001",
            "Comment": "ALT Linux must be installed"
          }
        ],
        "Criterias": [
          {
            "Operator": "OR",
            "Criterions": [
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466001",
                "Comment": "libwbclient-DC is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466002",
                "Comment": "libwbclient-DC-devel is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466003",
                "Comment": "python-module-samba-DC is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466004",
                "Comment": "samba-DC is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466005",
                "Comment": "samba-DC-client is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466006",
                "Comment": "samba-DC-common is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466007",
                "Comment": "samba-DC-ctdb is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466008",
                "Comment": "samba-DC-ctdb-tests is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466009",
                "Comment": "samba-DC-devel is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466010",
                "Comment": "samba-DC-doc is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466011",
                "Comment": "samba-DC-libs is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466012",
                "Comment": "samba-DC-pidl is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466013",
                "Comment": "samba-DC-test is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466014",
                "Comment": "samba-DC-util-private-headers is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466015",
                "Comment": "samba-DC-winbind is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466016",
                "Comment": "samba-DC-winbind-clients is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466017",
                "Comment": "samba-DC-winbind-krb5-locator is earlier than 0:4.5.3-alt1.S1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20162466018",
                "Comment": "task-samba-dc is earlier than 0:4.5.3-alt1.S1"
              }
            ]
          }
        ]
      }
    }
  ]
}