SUSE update for ldb, samba
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2022-32746 CVE-2023-0225 CVE-2023-0614 CVE-2023-0922 |
| CWE-ID | CWE-416 CWE-264 CWE-284 CWE-319 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
SUSE Linux Enterprise Micro for Rancher Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP3 Business Critical Linux Operating systems & Components / Operating system SUSE Linux Enterprise High Availability Extension 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP3 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing LTSS 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing ESPOS 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system SUSE Enterprise Storage Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Linux Enterprise Micro Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system samba-ad-dc-debuginfo Operating systems & Components / Operating system package or component samba-ad-dc Operating systems & Components / Operating system package or component samba-winbind-libs-32bit Operating systems & Components / Operating system package or component samba-libs-32bit-debuginfo Operating systems & Components / Operating system package or component samba-libs-32bit Operating systems & Components / Operating system package or component samba-client-32bit Operating systems & Components / Operating system package or component samba-ad-dc-libs-32bit Operating systems & Components / Operating system package or component samba-client-libs-32bit Operating systems & Components / Operating system package or component samba-client-32bit-debuginfo Operating systems & Components / Operating system package or component libldb2-32bit-debuginfo Operating systems & Components / Operating system package or component samba-client-libs-32bit-debuginfo Operating systems & Components / Operating system package or component samba-winbind-libs-32bit-debuginfo Operating systems & Components / Operating system package or component samba-ad-dc-libs-32bit-debuginfo Operating systems & Components / Operating system package or component libldb2-32bit Operating systems & Components / Operating system package or component samba-devel-32bit Operating systems & Components / Operating system package or component libldb2 Operating systems & Components / Operating system package or component samba-ldb-ldap Operating systems & Components / Operating system package or component samba-tool Operating systems & Components / Operating system package or component samba-client-libs-debuginfo Operating systems & Components / Operating system package or component ldb-tools Operating systems & Components / Operating system package or component python3-ldb-devel Operating systems & Components / Operating system package or component samba-ldb-ldap-debuginfo Operating systems & Components / Operating system package or component ldb-debugsource Operating systems & Components / Operating system package or component samba-dsdb-modules Operating systems & Components / Operating system package or component samba-dsdb-modules-debuginfo Operating systems & Components / Operating system package or component samba-client-debuginfo Operating systems & Components / Operating system package or component ldb-tools-debuginfo Operating systems & Components / Operating system package or component libldb-devel Operating systems & Components / Operating system package or component libsamba-policy-python3-devel Operating systems & Components / Operating system package or component samba-winbind-debuginfo Operating systems & Components / Operating system package or component samba-libs-python3 Operating systems & Components / Operating system package or component libsamba-policy0-python3-debuginfo Operating systems & Components / Operating system package or component samba Operating systems & Components / Operating system package or component samba-ad-dc-libs-debuginfo Operating systems & Components / Operating system package or component libldb2-debuginfo Operating systems & Components / Operating system package or component samba-python3 Operating systems & Components / Operating system package or component samba-python3-debuginfo Operating systems & Components / Operating system package or component samba-libs Operating systems & Components / Operating system package or component samba-winbind Operating systems & Components / Operating system package or component samba-ceph-debuginfo Operating systems & Components / Operating system package or component samba-winbind-libs Operating systems & Components / Operating system package or component samba-ad-dc-libs Operating systems & Components / Operating system package or component python3-ldb Operating systems & Components / Operating system package or component samba-winbind-libs-debuginfo Operating systems & Components / Operating system package or component samba-libs-debuginfo Operating systems & Components / Operating system package or component samba-client-libs Operating systems & Components / Operating system package or component samba-gpupdate Operating systems & Components / Operating system package or component python3-ldb-debuginfo Operating systems & Components / Operating system package or component samba-client Operating systems & Components / Operating system package or component samba-devel Operating systems & Components / Operating system package or component samba-libs-python3-debuginfo Operating systems & Components / Operating system package or component libsamba-policy-devel Operating systems & Components / Operating system package or component samba-ceph Operating systems & Components / Operating system package or component libsamba-policy0-python3 Operating systems & Components / Operating system package or component ctdb Operating systems & Components / Operating system package or component ctdb-debuginfo Operating systems & Components / Operating system package or component samba-debugsource Operating systems & Components / Operating system package or component samba-debuginfo Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU65827
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-32746
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error when handling LDAP requests. A remote user with ability to edit privileged properties, such as userAccountControl, can send a specially crafted LDAP request to the server, trigger a use-after-free error and perform a denial of service (DoS) attack.
Update the affected package ldb, samba to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.2
SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3
SUSE Linux Enterprise High Availability Extension 15: SP3
SUSE Linux Enterprise Server for SAP Applications 15: SP3
SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3
SUSE Linux Enterprise Server 15: SP3
SUSE Linux Enterprise Real Time 15: SP3
SUSE Linux Enterprise High Performance Computing LTSS 15: SP3
SUSE Linux Enterprise High Performance Computing ESPOS 15: SP3
SUSE Linux Enterprise High Performance Computing 15: SP3
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.2
SUSE Linux Enterprise Micro: 5.1 - 5.2
SUSE Manager Server: 4.2
SUSE Manager Proxy: 4.2
samba-ad-dc-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-32bit-debuginfo: before 2.4.4-150300.3.23.1
samba-client-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-32bit: before 2.4.4-150300.3.23.1
samba-devel-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2: before 2.4.4-150300.3.23.1
samba-ldb-ldap: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-tool: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-tools: before 2.4.4-150300.3.23.1
python3-ldb-devel: before 2.4.4-150300.3.23.1
samba-ldb-ldap-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-debugsource: before 2.4.4-150300.3.23.1
samba-dsdb-modules: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-dsdb-modules-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-tools-debuginfo: before 2.4.4-150300.3.23.1
libldb-devel: before 2.4.4-150300.3.23.1
libsamba-policy-python3-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy0-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-debuginfo: before 2.4.4-150300.3.23.1
samba-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ceph-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
python3-ldb: before 2.4.4-150300.3.23.1
samba-winbind-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-gpupdate: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
python3-ldb-debuginfo: before 2.4.4-150300.3.23.1
samba-client: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ceph: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy0-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ctdb: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ctdb-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-debugsource: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp3_business_critical_linux:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp3_ltss:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_ltss_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_espos_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:samba-ad-dc-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-devel-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ldb-ldap:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-tool:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ldb-ldap-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-dsdb-modules:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-dsdb-modules-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy-python3-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy0-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ceph-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-gpupdate:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ceph:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy0-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ctdb:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ctdb-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-debuginfo:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2023/suse-su-20231687-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU74178
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-0225
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to delete certain attributes.
The vulnerability exists due to improper access restrictions. A remote unprivileged user can delete the "dnsHostname" attribute.
Update the affected package ldb, samba to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.2
SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3
SUSE Linux Enterprise High Availability Extension 15: SP3
SUSE Linux Enterprise Server for SAP Applications 15: SP3
SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3
SUSE Linux Enterprise Server 15: SP3
SUSE Linux Enterprise Real Time 15: SP3
SUSE Linux Enterprise High Performance Computing LTSS 15: SP3
SUSE Linux Enterprise High Performance Computing ESPOS 15: SP3
SUSE Linux Enterprise High Performance Computing 15: SP3
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.2
SUSE Linux Enterprise Micro: 5.1 - 5.2
SUSE Manager Server: 4.2
SUSE Manager Proxy: 4.2
samba-ad-dc-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-32bit-debuginfo: before 2.4.4-150300.3.23.1
samba-client-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-32bit: before 2.4.4-150300.3.23.1
samba-devel-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2: before 2.4.4-150300.3.23.1
samba-ldb-ldap: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-tool: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-tools: before 2.4.4-150300.3.23.1
python3-ldb-devel: before 2.4.4-150300.3.23.1
samba-ldb-ldap-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-debugsource: before 2.4.4-150300.3.23.1
samba-dsdb-modules: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-dsdb-modules-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-tools-debuginfo: before 2.4.4-150300.3.23.1
libldb-devel: before 2.4.4-150300.3.23.1
libsamba-policy-python3-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy0-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-debuginfo: before 2.4.4-150300.3.23.1
samba-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ceph-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
python3-ldb: before 2.4.4-150300.3.23.1
samba-winbind-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-gpupdate: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
python3-ldb-debuginfo: before 2.4.4-150300.3.23.1
samba-client: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ceph: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy0-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ctdb: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ctdb-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-debugsource: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp3_business_critical_linux:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp3_ltss:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_ltss_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_espos_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:samba-ad-dc-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-devel-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ldb-ldap:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-tool:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ldb-ldap-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-dsdb-modules:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-dsdb-modules-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy-python3-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy0-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ceph-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-gpupdate:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ceph:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy0-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ctdb:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ctdb-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-debuginfo:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2023/suse-su-20231687-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper access control
EUVDB-ID: #VU74179
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-0614
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain gain access to sensitive information.
The vulnerability exists due to insufficient patch for vulnerability #VU14335 (CVE-2018-10919). A remote user can bypass implemented security restrictions and gain access to sensitive information.
MitigationUpdate the affected package ldb, samba to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.2
SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3
SUSE Linux Enterprise High Availability Extension 15: SP3
SUSE Linux Enterprise Server for SAP Applications 15: SP3
SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3
SUSE Linux Enterprise Server 15: SP3
SUSE Linux Enterprise Real Time 15: SP3
SUSE Linux Enterprise High Performance Computing LTSS 15: SP3
SUSE Linux Enterprise High Performance Computing ESPOS 15: SP3
SUSE Linux Enterprise High Performance Computing 15: SP3
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.2
SUSE Linux Enterprise Micro: 5.1 - 5.2
SUSE Manager Server: 4.2
SUSE Manager Proxy: 4.2
samba-ad-dc-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-32bit-debuginfo: before 2.4.4-150300.3.23.1
samba-client-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-32bit: before 2.4.4-150300.3.23.1
samba-devel-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2: before 2.4.4-150300.3.23.1
samba-ldb-ldap: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-tool: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-tools: before 2.4.4-150300.3.23.1
python3-ldb-devel: before 2.4.4-150300.3.23.1
samba-ldb-ldap-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-debugsource: before 2.4.4-150300.3.23.1
samba-dsdb-modules: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-dsdb-modules-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-tools-debuginfo: before 2.4.4-150300.3.23.1
libldb-devel: before 2.4.4-150300.3.23.1
libsamba-policy-python3-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy0-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-debuginfo: before 2.4.4-150300.3.23.1
samba-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ceph-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
python3-ldb: before 2.4.4-150300.3.23.1
samba-winbind-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-gpupdate: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
python3-ldb-debuginfo: before 2.4.4-150300.3.23.1
samba-client: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ceph: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy0-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ctdb: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ctdb-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-debugsource: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp3_business_critical_linux:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp3_ltss:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_ltss_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_espos_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:samba-ad-dc-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-devel-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ldb-ldap:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-tool:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ldb-ldap-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-dsdb-modules:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-dsdb-modules-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy-python3-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy0-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ceph-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-gpupdate:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ceph:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy0-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ctdb:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ctdb-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-debuginfo:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2023/suse-su-20231687-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cleartext transmission of sensitive information
EUVDB-ID: #VU74177
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-0922
CWE-ID:
CWE-319 - Cleartext Transmission of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to samba-tool transmits credentials to the LDAP server in clear text. A remote attacker with ability to intercept network traffic can gain access to sensitive data.
MitigationUpdate the affected package ldb, samba to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.2
SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3
SUSE Linux Enterprise High Availability Extension 15: SP3
SUSE Linux Enterprise Server for SAP Applications 15: SP3
SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3
SUSE Linux Enterprise Server 15: SP3
SUSE Linux Enterprise Real Time 15: SP3
SUSE Linux Enterprise High Performance Computing LTSS 15: SP3
SUSE Linux Enterprise High Performance Computing ESPOS 15: SP3
SUSE Linux Enterprise High Performance Computing 15: SP3
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.2
SUSE Linux Enterprise Micro: 5.1 - 5.2
SUSE Manager Server: 4.2
SUSE Manager Proxy: 4.2
samba-ad-dc-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-32bit-debuginfo: before 2.4.4-150300.3.23.1
samba-client-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-32bit: before 2.4.4-150300.3.23.1
samba-devel-32bit: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2: before 2.4.4-150300.3.23.1
samba-ldb-ldap: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-tool: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-tools: before 2.4.4-150300.3.23.1
python3-ldb-devel: before 2.4.4-150300.3.23.1
samba-ldb-ldap-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-debugsource: before 2.4.4-150300.3.23.1
samba-dsdb-modules: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-dsdb-modules-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ldb-tools-debuginfo: before 2.4.4-150300.3.23.1
libldb-devel: before 2.4.4-150300.3.23.1
libsamba-policy-python3-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy0-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libldb2-debuginfo: before 2.4.4-150300.3.23.1
samba-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ceph-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-winbind-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ad-dc-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
python3-ldb: before 2.4.4-150300.3.23.1
samba-winbind-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-client-libs: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-gpupdate: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
python3-ldb-debuginfo: before 2.4.4-150300.3.23.1
samba-client: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-libs-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy-devel: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-ceph: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
libsamba-policy0-python3: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ctdb: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
ctdb-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-debugsource: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
samba-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp3_business_critical_linux:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp3_ltss:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_ltss_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_espos_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:samba-ad-dc-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-devel-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ldb-ldap:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-tool:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ldb-ldap-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-dsdb-modules:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-dsdb-modules-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ldb-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy-python3-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy0-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libldb2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ceph-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ad-dc-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-winbind-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-gpupdate:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:python3-ldb-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-client:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-libs-python3-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-ceph:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libsamba-policy0-python3:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ctdb:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:ctdb-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:samba-debuginfo:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2023/suse-su-20231687-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
