cifs-utils-6.13-1.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10683-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z cifs-utils-6.13-1.3 on GA media These are all security issues fixed in the cifs-utils-6.13-1.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10683 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2006-1059/ SUSE CVE CVE-2006-1059 page https://www.suse.com/security/cve/CVE-2006-3403/ SUSE CVE CVE-2006-3403 page https://www.suse.com/security/cve/CVE-2007-0452/ SUSE CVE CVE-2007-0452 page https://www.suse.com/security/cve/CVE-2007-2444/ SUSE CVE CVE-2007-2444 page https://www.suse.com/security/cve/CVE-2007-2446/ SUSE CVE CVE-2007-2446 page https://www.suse.com/security/cve/CVE-2007-2447/ SUSE CVE CVE-2007-2447 page https://www.suse.com/security/cve/CVE-2007-4138/ SUSE CVE CVE-2007-4138 page https://www.suse.com/security/cve/CVE-2007-4572/ SUSE CVE CVE-2007-4572 page https://www.suse.com/security/cve/CVE-2007-5398/ SUSE CVE CVE-2007-5398 page https://www.suse.com/security/cve/CVE-2007-6015/ SUSE CVE CVE-2007-6015 page https://www.suse.com/security/cve/CVE-2008-1105/ SUSE CVE CVE-2008-1105 page https://www.suse.com/security/cve/CVE-2008-3789/ SUSE CVE CVE-2008-3789 page https://www.suse.com/security/cve/CVE-2008-4314/ SUSE CVE CVE-2008-4314 page https://www.suse.com/security/cve/CVE-2009-0022/ SUSE CVE CVE-2009-0022 page https://www.suse.com/security/cve/CVE-2020-14342/ SUSE CVE CVE-2020-14342 page https://www.suse.com/security/cve/CVE-2021-20208/ SUSE CVE CVE-2021-20208 page openSUSE Tumbleweed cifs-utils-6.13-1.3 cifs-utils-devel-6.13-1.3 pam_cifscreds-6.13-1.3 cifs-utils-6.13-1.3 as a component of openSUSE Tumbleweed cifs-utils-devel-6.13-1.3 as a component of openSUSE Tumbleweed pam_cifscreds-6.13-1.3 as a component of openSUSE Tumbleweed The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain. CVE-2006-1059 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 1.2 AV:L/AC:H/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2006-1059.html CVE-2006-1059 https://bugzilla.suse.com/161778 SUSE Bug 161778 The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests. CVE-2006-3403 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2006-3403.html CVE-2006-3403 https://bugzilla.suse.com/190468 SUSE Bug 190468 smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop. CVE-2007-0452 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 6.8 AV:N/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2007-0452.html CVE-2007-0452 https://bugzilla.suse.com/240265 SUSE Bug 240265 Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user. CVE-2007-2444 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2007-2444.html CVE-2007-2444 https://bugzilla.suse.com/262090 SUSE Bug 262090 https://bugzilla.suse.com/273613 SUSE Bug 273613 Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names). CVE-2007-2446 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2007-2446.html CVE-2007-2446 https://bugzilla.suse.com/273613 SUSE Bug 273613 The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management. CVE-2007-2447 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 6 AV:N/AC:M/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2007-2447.html CVE-2007-2447 https://bugzilla.suse.com/273611 SUSE Bug 273611 https://bugzilla.suse.com/273613 SUSE Bug 273613 The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not defined. CVE-2007-4138 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2007-4138.html CVE-2007-4138 https://bugzilla.suse.com/307623 SUSE Bug 307623 Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests. CVE-2007-4572 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2007-4572.html CVE-2007-4572 https://bugzilla.suse.com/326261 SUSE Bug 326261 https://bugzilla.suse.com/337823 SUSE Bug 337823 Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request. CVE-2007-5398 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2007-5398.html CVE-2007-5398 https://bugzilla.suse.com/337823 SUSE Bug 337823 Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request. CVE-2007-6015 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2007-6015.html CVE-2007-6015 https://bugzilla.suse.com/343702 SUSE Bug 343702 Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. CVE-2008-1105 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2008-1105.html CVE-2008-1105 https://bugzilla.suse.com/391168 SUSE Bug 391168 Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups. CVE-2008-3789 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2008-3789.html CVE-2008-3789 https://bugzilla.suse.com/420634 SUSE Bug 420634 smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed. CVE-2008-4314 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 8.5 AV:N/AC:L/Au:N/C:C/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2008-4314.html CVE-2008-4314 https://bugzilla.suse.com/446971 SUSE Bug 446971 Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name. CVE-2009-0022 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 6.3 AV:N/AC:M/Au:S/C:C/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-0022.html CVE-2009-0022 https://bugzilla.suse.com/460764 SUSE Bug 460764 It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their privileges. CVE-2020-14342 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-14342.html CVE-2020-14342 https://bugzilla.suse.com/1174477 SUSE Bug 1174477 A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity. CVE-2021-20208 openSUSE Tumbleweed:cifs-utils-6.13-1.3 openSUSE Tumbleweed:cifs-utils-devel-6.13-1.3 openSUSE Tumbleweed:pam_cifscreds-6.13-1.3 moderate 4.9 AV:N/AC:M/Au:S/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-20208.html CVE-2021-20208 https://bugzilla.suse.com/1183239 SUSE Bug 1183239