Vulnerability CVE-2008-1105

Vulnerability Name:

CVE-2008-1105 (CCN-42664)

Assigned:

2008-05-28

Published:

2008-05-28

Updated:

2022-08-29

Summary:

Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2008-1105

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2008-06-30

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SA:2008:026

Source: CCN
Type: VMware Security-Announce Mailing List, Mon Jul 28 18:11:35 PDT 2008
VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix

Source: MLIST
Type: Mailing List, Third Party Advisory
[Security-announce] 20080728 VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix

Source: CCN
Type: RHSA-2008-0288
Critical: samba security update

Source: CCN
Type: RHSA-2008-0289
Critical: samba security update

Source: CCN
Type: RHSA-2008-0290
Critical: samba security and bug fix update

Source: CCN
Type: SA30228
Samba "receive_smb_raw()" Buffer Overflow Vulnerability

Source: SECUNIA
Type: Third Party Advisory
30228

Source: SECUNIA
Type: Third Party Advisory
30385

Source: SECUNIA
Type: Third Party Advisory
30396

Source: SECUNIA
Type: Third Party Advisory
30442

Source: SECUNIA
Type: Third Party Advisory
30449

Source: SECUNIA
Type: Third Party Advisory
30478

Source: SECUNIA
Type: Third Party Advisory
30489

Source: SECUNIA
Type: Third Party Advisory
30543

Source: SECUNIA
Type: Third Party Advisory
30736

Source: CCN
Type: SA30802
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
30802

Source: CCN
Type: SA30835
HP-UX HP CIFS Server Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
30835

Source: CCN
Type: SA31246
VMware ESX Server update for Samba and vmnix

Source: SECUNIA
Type: Third Party Advisory
31246

Source: CCN
Type: SA31911
Xerox ESS/Network Controller Samba Vulnerability

Source: SECUNIA
Type: Third Party Advisory
31911

Source: CCN
Type: SA33696
Sun Solaris Samba "receive_smb_raw()" Buffer Overflow Vulnerability

Source: SECUNIA
Type: Third Party Advisory
33696

Source: CCN
Type: Secunia Research 28/05/2008
Samba "receive_smb_raw()" Buffer Overflow Vulnerability

Source: MISC
Type: Third Party Advisory, Vendor Advisory
http://secunia.com/secunia_research/2008-20/advisory/

Source: GENTOO
Type: Third Party Advisory
GLSA-200805-23

Source: CCN
Type: SECTRACK ID: 1020123
Samba Buffer Overflow in receive_smb_raw() Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1020123

Source: SLACKWARE
Type: Mailing List, Third Party Advisory
SSA:2008-149-01

Source: SUNALERT
Type: Broken Link
249086

Source: CCN
Type: Sun Alert ID: 249086
Security Vulnerability in samba(7) Specially Crafted Packet May Allow Execution of Arbitrary Code With Root Privileges

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT2163

Source: CCN
Type: ASA-2008-263
HP-UX running HP CIFS Server (Samba) Remote Execution of Arbitrary Code (HPSBUX02341)

Source: CCN
Type: ASA-2008-266
samba security update (RHSA-2008-0288)

Source: CCN
Type: NORTEL BULLETIN ID: 2009009315, Rev 1
Nortel Response to Sun Alert 249086 - Security Vulnerability in Solaris samba(7) Specially Crafted Packet

Source: CONFIRM
Type: Broken Link
http://wiki.rpath.com/Advisories:rPSA-2008-0180

Source: DEBIAN
Type: Third Party Advisory
DSA-1590

Source: DEBIAN
Type: DSA-1590
samba -- buffer overflow

Source: CCN
Type: GLSA-200805-23
Samba: Heap-based buffer overflow

Source: MANDRIVA
Type: Broken Link
MDVSA-2008:108

Source: REDHAT
Type: Third Party Advisory
RHSA-2008:0288

Source: REDHAT
Type: Third Party Advisory
RHSA-2008:0289

Source: REDHAT
Type: Third Party Advisory
RHSA-2008:0290

Source: CCN
Type: Samba Web site
Samba - opening windows to a wider world

Source: CONFIRM
Type: Vendor Advisory
http://www.samba.org/samba/security/CVE-2008-1105.html

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20080528 [SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20080529 Secunia Research: Samba "receive_smb_raw()" Buffer OverflowVulnerability

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20080602 rPSA-2008-0180-1 samba samba-client samba-server samba-swat

Source: BID
Type: Patch, Third Party Advisory, VDB Entry
29404

Source: CCN
Type: BID-29404
Samba 'receive_smb_raw()' Buffer Overflow Vulnerability

Source: BID
Type: Third Party Advisory, VDB Entry
31255

Source: CCN
Type: BID-31255
RETIRED: Xerox WorkCentre/WorkCentre Pro Network Controller Remote Code Execution Vulnerability

Source: CCN
Type: TLSA-2008-22
Heap Overflow

Source: CCN
Type: USN-617-1
Samba vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-617-1

Source: CCN
Type: USN-617-2
Samba regression

Source: UBUNTU
Type: Third Party Advisory
USN-617-2

Source: VUPEN
Type: Permissions Required
ADV-2008-1681

Source: VUPEN
Type: Permissions Required
ADV-2008-1908

Source: VUPEN
Type: Permissions Required
ADV-2008-1981

Source: VUPEN
Type: Permissions Required
ADV-2008-2222

Source: VUPEN
Type: Permissions Required
ADV-2008-2639

Source: CONFIRM
Type: Broken Link
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_009.pdf

Source: HP
Type: Broken Link
HPSBUX02341

Source: XF
Type: UNKNOWN
samba-receivesmbraw-bo(42664)

Source: XF
Type: VDB Entry
samba-receivesmbraw-bo(42664)

Source: XF
Type: VDB Entry
xerox-controller-samba-code-execution(45251)

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:10020

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:5733

Source: EXPLOIT-DB
Type: Third Party Advisory, VDB Entry
5712

Source: FEDORA
Type: Third Party Advisory
FEDORA-2008-4679

Source: FEDORA
Type: Third Party Advisory
FEDORA-2008-4724

Source: FEDORA
Type: Third Party Advisory
FEDORA-2008-4797

Source: SUSE
Type: SUSE-SA:2008:026
Samba Security problem

Vulnerable Configuration:

Configuration 1:

cpe:/a:samba:samba:*:*:*:*:*:*:*:* (Version >= 3.0.0 and <= 3.0.29)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

OR cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:samba:samba:3.0.28a:*:*:*:*:*:*:*

OR cpe:/a:samba:samba:3.0.29:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:sun:solaris:9::x86:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:es:*:*:*:*:*

OR cpe:/a:vmware:esx_server:2.5.5:*:*:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*

OR cpe:/a:vmware:esx_server:3.5:*:*:*:*:*:*:*

OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20081105	V	CVE-2008-1105	2022-06-30
oval:org.opensuse.security:def:42280	P	Security update for gzip (Important)	2022-05-10
oval:org.opensuse.security:def:42344	P	Security update for ucode-intel (Important)	2022-02-25
oval:org.opensuse.security:def:112075	P	cifs-utils-6.13-1.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112125	P	ctdb-4.14.6+git.182.2205d5224e3-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:26219	P	Security update for apache2 (Important) (in QA)	2022-01-10
oval:org.opensuse.security:def:26223	P	Security update for net-snmp (Important)	2022-01-05
oval:org.opensuse.security:def:31754	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:31751	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:31722	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:32246	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:33060	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:32229	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:31714	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:31712	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:42141	P	Security update for glibc (Moderate)	2021-12-01
oval:org.opensuse.security:def:32224	P	Security update for postgresql96 (Important)	2021-11-22
oval:org.opensuse.security:def:31707	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:31307	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:26166	P	Security update for php74 (Moderate)	2021-11-18
oval:org.opensuse.security:def:105662	P	Security update for MozillaFirefox (Important)	2021-11-10
oval:org.opensuse.security:def:31701	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:26155	P	Security update for cairo (Low)	2021-10-22
oval:org.opensuse.security:def:31288	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:26145	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:33021	P	Security update for libqt5-qtsvg (Moderate)	2021-10-11
oval:org.opensuse.security:def:31690	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:26141	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:31689	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:105618	P	cifs-utils-6.13-1.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:26114	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:26117	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:32180	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:32173	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:26102	P	Security update for php72 (Important)	2021-08-06
oval:org.opensuse.security:def:31663	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:32160	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:32158	P	Security update for dbus-1 (Important)	2021-08-02
oval:org.opensuse.security:def:31230	P	Security update for linuxptp (Important)	2021-07-21
oval:org.opensuse.security:def:32143	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:31656	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:26085	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:31650	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:31215	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:31214	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:31648	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:31203	P	Security update for apache2 (Important)	2021-06-17
oval:org.opensuse.security:def:31202	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:32119	P	Security update for java-1_8_0-openjdk (Moderate)	2021-06-15
oval:org.opensuse.security:def:31637	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:26072	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:32116	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:42577	P	ldapsmb-1.34b-12.58.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36460	P	libldb-devel-3.6.3-0.58.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36097	P	cifs-utils-5.1-0.14.46 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42630	P	libtevent0-x86-3.6.3-0.39.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31636	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:36170	P	ldapsmb-1.34b-12.58.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42083	P	Security update for the Linux Kernel (Important)	2021-06-08
oval:org.opensuse.security:def:42504	P	cifs-utils-5.1-0.14.46 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36223	P	libtevent0-x86-3.6.3-0.39.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32090	P	Security update for avahi (Important)	2021-06-03
oval:org.opensuse.security:def:26064	P	Security update for libwebp (Critical)	2021-06-02
oval:org.opensuse.security:def:26057	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:32094	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:26053	P	Security update for libxml2 (Important)	2021-05-19
oval:org.opensuse.security:def:31622	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:31156	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:32901	P	Security update for ImageMagick (Moderate)	2021-04-20
oval:org.opensuse.security:def:31607	P	Security update for qemu (Important)	2021-04-16
oval:org.opensuse.security:def:32070	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:31144	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:31145	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:26213	P	Security update for evolution-data-server (Moderate)	2021-03-19
oval:org.opensuse.security:def:31364	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:32278	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:31362	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:33094	P	Security update for apache2 (Moderate)	2021-03-12
oval:org.opensuse.security:def:26205	P	Security update for openssl-1_0_0 (Moderate)	2021-03-08
oval:org.opensuse.security:def:31352	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:26199	P	Security update for ImageMagick (Moderate)	2021-02-25
oval:org.opensuse.security:def:26198	P	Security update for avahi (Moderate)	2021-02-23
oval:org.opensuse.security:def:31341	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:31340	P	Security update for wpa_supplicant (Important)	2021-02-15
oval:org.opensuse.security:def:31649	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:26061	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:32022	P	Security update for xen (Moderate)	2020-12-29
oval:org.opensuse.security:def:31569	P	Security update for clamav (Important)	2020-12-22
oval:org.opensuse.security:def:32837	P	Security update for clamav (Important)	2020-12-22
oval:org.opensuse.security:def:25976	P	Security update for curl (Moderate)	2020-12-10
oval:org.opensuse.security:def:31563	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:32006	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:32003	P	Security update for python-cryptography (Moderate)	2020-12-04
oval:org.opensuse.security:def:31083	P	Security update for python-cryptography (Moderate)	2020-12-04
oval:org.opensuse.security:def:35676	P	cifs-utils-5.1-0.4.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41936	P	cifs-mount-3.4.3-1.17.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35734	P	ldapsmb-1.34b-12.18.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35873	P	cifs-utils-5.1-0.11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35529	P	cifs-mount-3.4.3-1.17.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35937	P	ldapsmb-1.34b-12.39.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31558	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:26021	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26017	P	Security update for gnome-shell (Low)	2020-12-01
oval:org.opensuse.security:def:26837	P	vte on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25423	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25239	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25284	P	Security update for xrdp (Important)	2020-12-01
oval:org.opensuse.security:def:31999	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:32699	P	ldapsmb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26435	P	Security update for znc (Low)	2020-12-01
oval:org.opensuse.security:def:26402	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:26364	P	Security update for irssi (Low)	2020-12-01
oval:org.opensuse.security:def:26495	P	Security update for phpMyAdmin (Important)	2020-12-01
oval:org.opensuse.security:def:26936	P	ldapsmb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25488	P	Security update for file-roller (Low)	2020-12-01
oval:org.opensuse.security:def:25361	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25512	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25653	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32299	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32351	P	Security update for squid (Moderate)	2020-12-01
oval:org.opensuse.security:def:32339	P	Security update for shim (Moderate)	2020-12-01
oval:org.opensuse.security:def:31420	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26688	P	ecryptfs-utils-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26504	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:27186	P	libgcrypt11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25772	P	Security update for gstreamer-0_10-plugins-bad (Moderate)	2020-12-01
oval:org.opensuse.security:def:25658	P	Security update for liblouis (Low)	2020-12-01
oval:org.opensuse.security:def:25691	P	Security update for python36 (Important)	2020-12-01
oval:org.opensuse.security:def:25829	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25862	P	Recommended update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25906	P	Security update for sane-backends (Moderate)	2020-12-01
oval:org.opensuse.security:def:32443	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:26494	P	Security update for pdns-recursor (Important)	2020-12-01
oval:org.opensuse.security:def:33133	P	ldapsmb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25080	P	Security update for libxml2 (Low)	2020-12-01
oval:org.opensuse.security:def:31794	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31868	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31964	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:27458	P	libldb-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26010	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:25848	P	Security update for flex, at, bogofilter, cyrus-imapd, kdelibs4, libQtWebKit4, libbonobo, mdbtools, netpbm, openslp, sgmltool, virtuoso, libqt5-qtwebkit (Moderate)	2020-12-01
oval:org.opensuse.security:def:26004	P	Security update for shotwell (Moderate)	2020-12-01
oval:org.opensuse.security:def:26003	P	Security update for yaml-cpp (Moderate)	2020-12-01
oval:org.opensuse.security:def:26676	P	cifs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25228	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:31854	P	Security update for cracklib (Moderate)	2020-12-01
oval:org.opensuse.security:def:32014	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32055	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:31978	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32660	P	fetchmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31009	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26351	P	Security update for mongodb (Moderate)	2020-12-01
oval:org.opensuse.security:def:26296	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26325	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26901	P	g3utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25487	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:25297	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:25431	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25422	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:32302	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:32383	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:31454	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:31451	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:26639	P	star on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26437	P	Security update for enigmail (Important)	2020-12-01
oval:org.opensuse.security:def:26548	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27095	P	cifs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25647	P	Security update for freetype2 (Important)	2020-12-01
oval:org.opensuse.security:def:25563	P	Security update for xrdp (Important)	2020-12-01
oval:org.opensuse.security:def:25570	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:25711	P	Security update for python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer (Moderate)	2020-12-01
oval:org.opensuse.security:def:25710	P	Security update for log4j (Important)	2020-12-01
oval:org.opensuse.security:def:32404	P	Security update for w3m (Moderate)	2020-12-01
oval:org.opensuse.security:def:32412	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:31416	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:26741	P	libcap-progs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27423	P	kdebase4-workspace-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26009	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25731	P	Security update for memcached (Moderate)	2020-12-01
oval:org.opensuse.security:def:25850	P	Security update for libreoffice (Low)	2020-12-01
oval:org.opensuse.security:def:25988	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:26000	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25964	P	Security update for libraw (Moderate)	2020-12-01
oval:org.opensuse.security:def:25812	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26641	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33186	P	libtevent0-x86 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25227	P	Security update for wicked (Important)	2020-12-01
oval:org.opensuse.security:def:31873	P	Security update for cvs (Moderate)	2020-12-01
oval:org.opensuse.security:def:31858	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:31898	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:32494	P	cifs-mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30998	P	Security update for jasper (Low)	2020-12-01
oval:org.opensuse.security:def:26263	P	Security update for libEMF (Important)	2020-12-01
oval:org.opensuse.security:def:26734	P	ldapsmb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25286	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:25156	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31907	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32056	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:32798	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26349	P	Security update for redis (Moderate)	2020-12-01
oval:org.opensuse.security:def:26398	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:27060	P	xorg-x11-libs-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25646	P	Security update for tomcat (Moderate)	2020-12-01
oval:org.opensuse.security:def:25435	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:25489	P	Security update for pam_radius (Important)	2020-12-01
oval:org.opensuse.security:def:25569	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25657	P	Security update for graphviz (Low)	2020-12-01
oval:org.opensuse.security:def:32355	P	Security update for squid3 (Important)	2020-12-01
oval:org.opensuse.security:def:32317	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:32456	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31405	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:31426	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31512	P	Recommended update for python 2.7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31598	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26490	P	Security update for pdns (Moderate)	2020-12-01
oval:org.opensuse.security:def:26785	P	mozilla-xulrunner192 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27168	P	ldapsmb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25720	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25722	P	Security update for ovmf (Low)	2020-12-01
oval:org.opensuse.security:def:25708	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25849	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25857	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25798	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:32465	P	Security update for xorg-x11-libXv (Moderate)	2020-12-01
oval:org.opensuse.security:def:33147	P	libexif on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31575	P	Security update for sudo	2020-12-01
oval:org.opensuse.security:def:31771	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:31812	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:31859	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31773	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32455	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30997	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:25784	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:25923	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:25959	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26699	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25285	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25092	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31775	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:31946	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:32017	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31956	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32641	P	cifs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26294	P	Security update for bluez (Important)	2020-12-01
oval:org.opensuse.security:def:26276	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:26422	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26872	P	cifs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25424	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:25303	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25365	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:25506	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:32862	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31404	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:31511	P	Security update for python27-urllib3, python27-boto3, python27-botocore, python27-s3transfer (Moderate)	2020-12-01
oval:org.opensuse.security:def:26586	P	libexiv2-4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26451	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26378	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:27133	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25719	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:25499	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:25627	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25765	P	Security update for Adobe Flash Player (Important)	2020-12-01
oval:org.opensuse.security:def:25804	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25759	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:32390	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32509	P	fetchmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31564	P	Security update for squid3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31490	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:31810	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26727	P	kdenetwork4-filesharing on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31817	P	Security update for atftp (Important)	2020-12-01
oval:org.opensuse.security:def:27221	P	libtevent0-x86 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25773	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25795	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:25931	P	Security update for libcares2 (Low)	2020-12-01
oval:org.opensuse.security:def:25913	P	Security update for tcpdump, libpcap (Moderate)	2020-12-01
oval:org.opensuse.security:def:25915	P	Security update for libosip2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25945	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:25856	P	Security update for gd (Important)	2020-12-01
oval:org.opensuse.security:def:26529	P	cifs-mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25081	P	Security update for libarchive (Moderate)	2020-12-01
oval:org.opensuse.security:def:31781	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31930	P	Security update for glib2 (Important)	2020-12-01
oval:org.opensuse.security:def:31950	P	Security update for grub2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31917	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:31920	P	Security update for ghostscript-library (Important)	2020-12-01
oval:org.opensuse.security:def:32602	P	ruby on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:5733	V	HP-UX running HP CIFS Server (Samba), Remote Execution of Arbitrary Code	2015-04-20
oval:org.mitre.oval:def:17424	P	USN-617-2 -- samba regression	2014-06-30
oval:org.mitre.oval:def:17391	P	USN-617-1 -- samba vulnerabilities	2014-06-30
oval:org.mitre.oval:def:8331	P	DSA-1590 samba -- buffer overflow	2014-06-23
oval:org.mitre.oval:def:18720	P	DSA-1590-1 samba - arbitrary code execution	2014-06-23
oval:org.mitre.oval:def:21727	P	ELSA-2008:0290: samba security and bug fix update (Critical)	2014-05-26
oval:org.mitre.oval:def:10020	V	Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.	2013-04-29
oval:org.debian:def:1590	V	buffer overflow	2008-05-30
oval:com.redhat.rhsa:def:20080288	P	RHSA-2008:0288: samba security update (Critical)	2008-05-28
oval:com.redhat.rhsa:def:20080290	P	RHSA-2008:0290: samba security and bug fix update (Critical)	2008-05-28

BACK