CVE-2013-4496

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-4496 at MITRE

Description

Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) SAMR or (2) RAP attempts.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

SUSE information

SUSE Bugzilla entries: 849224, 866844

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1 LTSS
  • cifs-mount >= 3.4.3-1.52.3
  • ldapsmb >= 1.34b-11.28.52.3
  • libsmbclient0 >= 3.4.3-1.52.3
  • libtalloc1 >= 3.4.3-1.52.3
  • libtdb1 >= 3.4.3-1.52.3
  • libwbclient0 >= 3.4.3-1.52.3
  • samba >= 3.4.3-1.52.3
  • samba-client >= 3.4.3-1.52.3
  • samba-doc >= 3.4.3-1.52.3
  • samba-krb-printing >= 3.4.3-1.52.3
  • samba-winbind >= 3.4.3-1.52.3
Builds
SAT Patch Nr: 9117
SUSE Linux Enterprise Server 11 SP1 LTSS
  • cifs-mount >= 3.4.3-1.52.3
  • ldapsmb >= 1.34b-11.28.52.3
  • libsmbclient0 >= 3.4.3-1.52.3
  • libsmbclient0-32bit >= 3.4.3-1.52.3
  • libtalloc1 >= 3.4.3-1.52.3
  • libtalloc1-32bit >= 3.4.3-1.52.3
  • libtdb1 >= 3.4.3-1.52.3
  • libtdb1-32bit >= 3.4.3-1.52.3
  • libwbclient0 >= 3.4.3-1.52.3
  • libwbclient0-32bit >= 3.4.3-1.52.3
  • samba >= 3.4.3-1.52.3
  • samba-32bit >= 3.4.3-1.52.3
  • samba-client >= 3.4.3-1.52.3
  • samba-client-32bit >= 3.4.3-1.52.3
  • samba-doc >= 3.4.3-1.52.3
  • samba-krb-printing >= 3.4.3-1.52.3
  • samba-winbind >= 3.4.3-1.52.3
  • samba-winbind-32bit >= 3.4.3-1.52.3
Builds
SAT Patch Nr: 9117
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libldb-devel >= 3.6.3-0.50.1
  • libnetapi-devel >= 3.6.3-0.50.1
  • libnetapi0 >= 3.6.3-0.50.1
  • libsmbclient-devel >= 3.6.3-0.50.1
  • libsmbsharemodes-devel >= 3.6.3-0.50.1
  • libsmbsharemodes0 >= 3.6.3-0.50.1
  • libtalloc-devel >= 3.6.3-0.50.1
  • libtdb-devel >= 3.6.3-0.50.1
  • libtevent-devel >= 3.6.3-0.50.1
  • libwbclient-devel >= 3.6.3-0.50.1
  • samba-devel >= 3.6.3-0.50.1
Builds
SAT Patch Nr: 9010
SUSE Linux Enterprise Desktop 11 SP3
  • libldb1 >= 3.6.3-0.50.1
  • libsmbclient0 >= 3.6.3-0.50.1
  • libtalloc2 >= 3.6.3-0.50.1
  • libtdb1 >= 3.6.3-0.50.1
  • libtevent0 >= 3.6.3-0.50.1
  • libwbclient0 >= 3.6.3-0.50.1
  • samba >= 3.6.3-0.50.1
  • samba-client >= 3.6.3-0.50.1
  • samba-doc >= 3.6.3-0.50.1
  • samba-krb-printing >= 3.6.3-0.50.1
  • samba-winbind >= 3.6.3-0.50.1
Builds
SAT Patch Nr: 9010
SUSE Linux Enterprise Desktop 11 SP3
  • libldb1 >= 3.6.3-0.50.1
  • libldb1-32bit >= 3.6.3-0.50.1
  • libsmbclient0 >= 3.6.3-0.50.1
  • libsmbclient0-32bit >= 3.6.3-0.50.1
  • libtalloc2 >= 3.6.3-0.50.1
  • libtalloc2-32bit >= 3.6.3-0.50.1
  • libtdb1 >= 3.6.3-0.50.1
  • libtdb1-32bit >= 3.6.3-0.50.1
  • libtevent0 >= 3.6.3-0.50.1
  • libtevent0-32bit >= 3.6.3-0.50.1
  • libwbclient0 >= 3.6.3-0.50.1
  • libwbclient0-32bit >= 3.6.3-0.50.1
  • samba >= 3.6.3-0.50.1
  • samba-32bit >= 3.6.3-0.50.1
  • samba-client >= 3.6.3-0.50.1
  • samba-client-32bit >= 3.6.3-0.50.1
  • samba-doc >= 3.6.3-0.50.1
  • samba-krb-printing >= 3.6.3-0.50.1
  • samba-winbind >= 3.6.3-0.50.1
  • samba-winbind-32bit >= 3.6.3-0.50.1
Builds
SAT Patch Nr: 9010
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • ldapsmb >= 1.34b-12.50.1
  • libldb1 >= 3.6.3-0.50.1
  • libsmbclient0 >= 3.6.3-0.50.1
  • libtalloc2 >= 3.6.3-0.50.1
  • libtdb1 >= 3.6.3-0.50.1
  • libtevent0 >= 3.6.3-0.50.1
  • libwbclient0 >= 3.6.3-0.50.1
  • samba >= 3.6.3-0.50.1
  • samba-client >= 3.6.3-0.50.1
  • samba-doc >= 3.6.3-0.50.1
  • samba-krb-printing >= 3.6.3-0.50.1
  • samba-winbind >= 3.6.3-0.50.1
Builds
SAT Patch Nr: 9010
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • ldapsmb >= 1.34b-12.50.1
  • libldb1 >= 3.6.3-0.50.1
  • libsmbclient0 >= 3.6.3-0.50.1
  • libsmbclient0-32bit >= 3.6.3-0.50.1
  • libtalloc2 >= 3.6.3-0.50.1
  • libtalloc2-32bit >= 3.6.3-0.50.1
  • libtdb1 >= 3.6.3-0.50.1
  • libtdb1-32bit >= 3.6.3-0.50.1
  • libtevent0 >= 3.6.3-0.50.1
  • libtevent0-32bit >= 3.6.3-0.50.1
  • libwbclient0 >= 3.6.3-0.50.1
  • libwbclient0-32bit >= 3.6.3-0.50.1
  • samba >= 3.6.3-0.50.1
  • samba-32bit >= 3.6.3-0.50.1
  • samba-client >= 3.6.3-0.50.1
  • samba-client-32bit >= 3.6.3-0.50.1
  • samba-doc >= 3.6.3-0.50.1
  • samba-krb-printing >= 3.6.3-0.50.1
  • samba-winbind >= 3.6.3-0.50.1
  • samba-winbind-32bit >= 3.6.3-0.50.1
Builds
SAT Patch Nr: 9010
SUSE Linux Enterprise Server 11 SP3
  • ldapsmb >= 1.34b-12.50.1
  • libldb1 >= 3.6.3-0.50.1
  • libsmbclient0 >= 3.6.3-0.50.1
  • libsmbclient0-x86 >= 3.6.3-0.50.1
  • libtalloc2 >= 3.6.3-0.50.1
  • libtalloc2-x86 >= 3.6.3-0.50.1
  • libtdb1 >= 3.6.3-0.50.1
  • libtdb1-x86 >= 3.6.3-0.50.1
  • libtevent0 >= 3.6.3-0.50.1
  • libwbclient0 >= 3.6.3-0.50.1
  • libwbclient0-x86 >= 3.6.3-0.50.1
  • samba >= 3.6.3-0.50.1
  • samba-client >= 3.6.3-0.50.1
  • samba-client-x86 >= 3.6.3-0.50.1
  • samba-doc >= 3.6.3-0.50.1
  • samba-krb-printing >= 3.6.3-0.50.1
  • samba-winbind >= 3.6.3-0.50.1
  • samba-winbind-x86 >= 3.6.3-0.50.1
  • samba-x86 >= 3.6.3-0.50.1
Builds
SAT Patch Nr: 9010
SUSE Linux Enterprise Server 11 SP2 LTSS
  • ldapsmb >= 1.34b-12.33.41.2
  • libldb1 >= 3.6.3-0.33.41.2
  • libsmbclient0 >= 3.6.3-0.33.41.2
  • libtalloc1 >= 3.4.3-1.54.4
  • libtalloc2 >= 3.6.3-0.33.41.2
  • libtdb1 >= 3.6.3-0.33.41.2
  • libtevent0 >= 3.6.3-0.33.41.2
  • libwbclient0 >= 3.6.3-0.33.41.2
  • samba >= 3.6.3-0.33.41.2
  • samba-client >= 3.6.3-0.33.41.2
  • samba-doc >= 3.6.3-0.33.41.2
  • samba-krb-printing >= 3.6.3-0.33.41.2
  • samba-winbind >= 3.6.3-0.33.41.2
Builds
SAT Patch Nr: 9431
SUSE Linux Enterprise Server 11 SP2 LTSS
  • ldapsmb >= 1.34b-12.33.41.2
  • libldb1 >= 3.6.3-0.33.41.2
  • libsmbclient0 >= 3.6.3-0.33.41.2
  • libsmbclient0-32bit >= 3.6.3-0.33.41.2
  • libtalloc1 >= 3.4.3-1.54.4
  • libtalloc1-32bit >= 3.4.3-1.54.4
  • libtalloc2 >= 3.6.3-0.33.41.2
  • libtalloc2-32bit >= 3.6.3-0.33.41.2
  • libtdb1 >= 3.6.3-0.33.41.2
  • libtdb1-32bit >= 3.6.3-0.33.41.2
  • libtevent0 >= 3.6.3-0.33.41.2
  • libtevent0-32bit >= 3.6.3-0.33.41.2
  • libwbclient0 >= 3.6.3-0.33.41.2
  • libwbclient0-32bit >= 3.6.3-0.33.41.2
  • samba >= 3.6.3-0.33.41.2
  • samba-32bit >= 3.6.3-0.33.41.2
  • samba-client >= 3.6.3-0.33.41.2
  • samba-client-32bit >= 3.6.3-0.33.41.2
  • samba-doc >= 3.6.3-0.33.41.2
  • samba-krb-printing >= 3.6.3-0.33.41.2
  • samba-winbind >= 3.6.3-0.33.41.2
  • samba-winbind-32bit >= 3.6.3-0.33.41.2
Builds
SAT Patch Nr: 9431
openSUSE 12.3
  • libnetapi-devel >= 3.6.12-59.19.1
  • libnetapi0 >= 3.6.12-59.19.1
  • libnetapi0-debuginfo >= 3.6.12-59.19.1
  • libsmbclient-devel >= 3.6.12-59.19.1
  • libsmbclient0 >= 3.6.12-59.19.1
  • libsmbclient0-32bit >= 3.6.12-59.19.1
  • libsmbclient0-debuginfo >= 3.6.12-59.19.1
  • libsmbclient0-debuginfo-32bit >= 3.6.12-59.19.1
  • libsmbsharemodes-devel >= 3.6.12-59.19.1
  • libsmbsharemodes0 >= 3.6.12-59.19.1
  • libsmbsharemodes0-debuginfo >= 3.6.12-59.19.1
  • libwbclient-devel >= 3.6.12-59.19.1
  • libwbclient0 >= 3.6.12-59.19.1
  • libwbclient0-32bit >= 3.6.12-59.19.1
  • libwbclient0-debuginfo >= 3.6.12-59.19.1
  • libwbclient0-debuginfo-32bit >= 3.6.12-59.19.1
  • samba >= 3.6.12-59.19.1
  • samba-32bit >= 3.6.12-59.19.1
  • samba-client >= 3.6.12-59.19.1
  • samba-client-32bit >= 3.6.12-59.19.1
  • samba-client-debuginfo >= 3.6.12-59.19.1
  • samba-client-debuginfo-32bit >= 3.6.12-59.19.1
  • samba-debuginfo >= 3.6.12-59.19.1
  • samba-debuginfo-32bit >= 3.6.12-59.19.1
  • samba-debugsource >= 3.6.12-59.19.1
  • samba-devel >= 3.6.12-59.19.1
  • samba-doc >= 3.6.12-59.19.1
  • samba-krb-printing >= 3.6.12-59.19.1
  • samba-krb-printing-debuginfo >= 3.6.12-59.19.1
  • samba-winbind >= 3.6.12-59.19.1
  • samba-winbind-32bit >= 3.6.12-59.19.1
  • samba-winbind-debuginfo >= 3.6.12-59.19.1
  • samba-winbind-debuginfo-32bit >= 3.6.12-59.19.1
Patchnames:
openSUSE-2014-229
openSUSE 13.1
  • libdcerpc-atsvc-devel >= 4.1.6-3.18.1
  • libdcerpc-atsvc0 >= 4.1.6-3.18.1
  • libdcerpc-atsvc0-32bit >= 4.1.6-3.18.1
  • libdcerpc-atsvc0-debuginfo >= 4.1.6-3.18.1
  • libdcerpc-atsvc0-debuginfo-32bit >= 4.1.6-3.18.1
  • libdcerpc-binding0 >= 4.1.6-3.18.1
  • libdcerpc-binding0-32bit >= 4.1.6-3.18.1
  • libdcerpc-binding0-debuginfo >= 4.1.6-3.18.1
  • libdcerpc-binding0-debuginfo-32bit >= 4.1.6-3.18.1
  • libdcerpc-devel >= 4.1.6-3.18.1
  • libdcerpc-samr-devel >= 4.1.6-3.18.1
  • libdcerpc-samr0 >= 4.1.6-3.18.1
  • libdcerpc-samr0-32bit >= 4.1.6-3.18.1
  • libdcerpc-samr0-debuginfo >= 4.1.6-3.18.1
  • libdcerpc-samr0-debuginfo-32bit >= 4.1.6-3.18.1
  • libdcerpc0 >= 4.1.6-3.18.1
  • libdcerpc0-32bit >= 4.1.6-3.18.1
  • libdcerpc0-debuginfo >= 4.1.6-3.18.1
  • libdcerpc0-debuginfo-32bit >= 4.1.6-3.18.1
  • libgensec-devel >= 4.1.6-3.18.1
  • libgensec0 >= 4.1.6-3.18.1
  • libgensec0-32bit >= 4.1.6-3.18.1
  • libgensec0-debuginfo >= 4.1.6-3.18.1
  • libgensec0-debuginfo-32bit >= 4.1.6-3.18.1
  • libndr-devel >= 4.1.6-3.18.1
  • libndr-krb5pac-devel >= 4.1.6-3.18.1
  • libndr-krb5pac0 >= 4.1.6-3.18.1
  • libndr-krb5pac0-32bit >= 4.1.6-3.18.1
  • libndr-krb5pac0-debuginfo >= 4.1.6-3.18.1
  • libndr-krb5pac0-debuginfo-32bit >= 4.1.6-3.18.1
  • libndr-nbt-devel >= 4.1.6-3.18.1
  • libndr-nbt0 >= 4.1.6-3.18.1
  • libndr-nbt0-32bit >= 4.1.6-3.18.1
  • libndr-nbt0-debuginfo >= 4.1.6-3.18.1
  • libndr-nbt0-debuginfo-32bit >= 4.1.6-3.18.1
  • libndr-standard-devel >= 4.1.6-3.18.1
  • libndr-standard0 >= 4.1.6-3.18.1
  • libndr-standard0-32bit >= 4.1.6-3.18.1
  • libndr-standard0-debuginfo >= 4.1.6-3.18.1
  • libndr-standard0-debuginfo-32bit >= 4.1.6-3.18.1
  • libndr0 >= 4.1.6-3.18.1
  • libndr0-32bit >= 4.1.6-3.18.1
  • libndr0-debuginfo >= 4.1.6-3.18.1
  • libndr0-debuginfo-32bit >= 4.1.6-3.18.1
  • libnetapi-devel >= 4.1.6-3.18.1
  • libnetapi0 >= 4.1.6-3.18.1
  • libnetapi0-32bit >= 4.1.6-3.18.1
  • libnetapi0-debuginfo >= 4.1.6-3.18.1
  • libnetapi0-debuginfo-32bit >= 4.1.6-3.18.1
  • libpdb-devel >= 4.1.6-3.18.1
  • libpdb0 >= 4.1.6-3.18.1
  • libpdb0-32bit >= 4.1.6-3.18.1
  • libpdb0-debuginfo >= 4.1.6-3.18.1
  • libpdb0-debuginfo-32bit >= 4.1.6-3.18.1
  • libregistry-devel >= 4.1.6-3.18.1
  • libregistry0 >= 4.1.6-3.18.1
  • libregistry0-32bit >= 4.1.6-3.18.1
  • libregistry0-debuginfo >= 4.1.6-3.18.1
  • libregistry0-debuginfo-32bit >= 4.1.6-3.18.1
  • libsamba-credentials-devel >= 4.1.6-3.18.1
  • libsamba-credentials0 >= 4.1.6-3.18.1
  • libsamba-credentials0-32bit >= 4.1.6-3.18.1
  • libsamba-credentials0-debuginfo >= 4.1.6-3.18.1
  • libsamba-credentials0-debuginfo-32bit >= 4.1.6-3.18.1
  • libsamba-hostconfig-devel >= 4.1.6-3.18.1
  • libsamba-hostconfig0 >= 4.1.6-3.18.1
  • libsamba-hostconfig0-32bit >= 4.1.6-3.18.1
  • libsamba-hostconfig0-debuginfo >= 4.1.6-3.18.1
  • libsamba-hostconfig0-debuginfo-32bit >= 4.1.6-3.18.1
  • libsamba-policy-devel >= 4.1.6-3.18.1
  • libsamba-policy0 >= 4.1.6-3.18.1
  • libsamba-policy0-32bit >= 4.1.6-3.18.1
  • libsamba-policy0-debuginfo >= 4.1.6-3.18.1
  • libsamba-policy0-debuginfo-32bit >= 4.1.6-3.18.1
  • libsamba-util-devel >= 4.1.6-3.18.1
  • libsamba-util0 >= 4.1.6-3.18.1
  • libsamba-util0-32bit >= 4.1.6-3.18.1
  • libsamba-util0-debuginfo >= 4.1.6-3.18.1
  • libsamba-util0-debuginfo-32bit >= 4.1.6-3.18.1
  • libsamdb-devel >= 4.1.6-3.18.1
  • libsamdb0 >= 4.1.6-3.18.1
  • libsamdb0-32bit >= 4.1.6-3.18.1
  • libsamdb0-debuginfo >= 4.1.6-3.18.1
  • libsamdb0-debuginfo-32bit >= 4.1.6-3.18.1
  • libsmbclient-devel >= 4.1.6-3.18.1
  • libsmbclient-raw-devel >= 4.1.6-3.18.1
  • libsmbclient-raw0 >= 4.1.6-3.18.1
  • libsmbclient-raw0-32bit >= 4.1.6-3.18.1
  • libsmbclient-raw0-debuginfo >= 4.1.6-3.18.1
  • libsmbclient-raw0-debuginfo-32bit >= 4.1.6-3.18.1
  • libsmbclient0 >= 4.1.6-3.18.1
  • libsmbclient0-32bit >= 4.1.6-3.18.1
  • libsmbclient0-debuginfo >= 4.1.6-3.18.1
  • libsmbclient0-debuginfo-32bit >= 4.1.6-3.18.1
  • libsmbconf-devel >= 4.1.6-3.18.1
  • libsmbconf0 >= 4.1.6-3.18.1
  • libsmbconf0-32bit >= 4.1.6-3.18.1
  • libsmbconf0-debuginfo >= 4.1.6-3.18.1
  • libsmbconf0-debuginfo-32bit >= 4.1.6-3.18.1
  • libsmbldap-devel >= 4.1.6-3.18.1
  • libsmbldap0 >= 4.1.6-3.18.1
  • libsmbldap0-32bit >= 4.1.6-3.18.1
  • libsmbldap0-debuginfo >= 4.1.6-3.18.1
  • libsmbldap0-debuginfo-32bit >= 4.1.6-3.18.1
  • libsmbsharemodes-devel >= 4.1.6-3.18.1
  • libsmbsharemodes0 >= 4.1.6-3.18.1
  • libsmbsharemodes0-debuginfo >= 4.1.6-3.18.1
  • libtevent-util-devel >= 4.1.6-3.18.1
  • libtevent-util0 >= 4.1.6-3.18.1
  • libtevent-util0-32bit >= 4.1.6-3.18.1
  • libtevent-util0-debuginfo >= 4.1.6-3.18.1
  • libtevent-util0-debuginfo-32bit >= 4.1.6-3.18.1
  • libwbclient-devel >= 4.1.6-3.18.1
  • libwbclient0 >= 4.1.6-3.18.1
  • libwbclient0-32bit >= 4.1.6-3.18.1
  • libwbclient0-debuginfo >= 4.1.6-3.18.1
  • libwbclient0-debuginfo-32bit >= 4.1.6-3.18.1
  • samba >= 4.1.6-3.18.1
  • samba-32bit >= 4.1.6-3.18.1
  • samba-client >= 4.1.6-3.18.1
  • samba-client-32bit >= 4.1.6-3.18.1
  • samba-client-debuginfo >= 4.1.6-3.18.1
  • samba-client-debuginfo-32bit >= 4.1.6-3.18.1
  • samba-core-devel >= 4.1.6-3.18.1
  • samba-debuginfo >= 4.1.6-3.18.1
  • samba-debuginfo-32bit >= 4.1.6-3.18.1
  • samba-debugsource >= 4.1.6-3.18.1
  • samba-doc >= 4.1.6-3.18.1
  • samba-libs >= 4.1.6-3.18.1
  • samba-libs-32bit >= 4.1.6-3.18.1
  • samba-libs-debuginfo >= 4.1.6-3.18.1
  • samba-libs-debuginfo-32bit >= 4.1.6-3.18.1
  • samba-pidl >= 4.1.6-3.18.1
  • samba-python >= 4.1.6-3.18.1
  • samba-python-debuginfo >= 4.1.6-3.18.1
  • samba-test >= 4.1.6-3.18.1
  • samba-test-debuginfo >= 4.1.6-3.18.1
  • samba-test-devel >= 4.1.6-3.18.1
  • samba-winbind >= 4.1.6-3.18.1
  • samba-winbind-32bit >= 4.1.6-3.18.1
  • samba-winbind-debuginfo >= 4.1.6-3.18.1
  • samba-winbind-debuginfo-32bit >= 4.1.6-3.18.1
Patchnames:
openSUSE-2014-228