Professional OVAL Repository

[Eng] [Rus] [Sign-In]

oval:org.mitre.oval:def:9944

Version

Class

vulnerability

ALTXid

1646

Language

English

Severity

NotAvailable

Title

smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.

Description

Family

unix

Platform

OVAL Repository

Status: ACCEPTED
Status: ACCEPTED
- 2010-07-09T03:56:16-04:00 : submitted
  - SCAP.com, LLC Aharon Chernin
- 2010-07-28T14:22:02.322-04:00 : status_change DRAFT
- 2010-08-16T04:15:05.773-04:00 : status_change INTERIM
- 2010-09-06T04:16:13.964-04:00 : status_change ACCEPTED
- 2013-04-10T17:02:00.876-04:00 : modified EDITED oval:org.mitre.oval:def:9944 - Expanded the vulnerability checks for RHEL 3, 4, and 5 to cover CentOS 3, 4, 5 and Oracle Linux 4 and 5
  - G2, Inc. Dragos Prisaca
- 2013-04-10T17:08:33.158-04:00 : status_change INTERIM
- 2013-04-29T04:23:31.679-04:00 : status_change ACCEPTED

Reference

CVE: CVE-2009-2906

Criteria

Expand All

Collapse All

AND

OS Section: RHEL3, CentOS3

OR	RHEL3 or CentOS3

EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:11782) The operating system installed on the system is Red Hat Enterprise Linux 3

EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:16651) CentOS Linux 3.x

OR Configuration section
- CRITERION samba-common is earlier than 0:3.0.9-1.3E.16
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39355) check=at least one, check_existence=at_least_one_exists, comment=samba-common is earlier than 0:3.0.9-1.3E.16, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:14032)
      name samba-common
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11264)
      evr datatype=evr_string | operation=less than | value=0:3.0.9-1.3E.16
- CRITERION samba-swat is earlier than 0:3.0.9-1.3E.16
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39369) check=at least one, check_existence=at_least_one_exists, comment=samba-swat is earlier than 0:3.0.9-1.3E.16, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:13707)
      name samba-swat
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11264)
      evr datatype=evr_string | operation=less than | value=0:3.0.9-1.3E.16
- CRITERION samba-client is earlier than 0:3.0.9-1.3E.16
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39545) check=at least one, check_existence=at_least_one_exists, comment=samba-client is earlier than 0:3.0.9-1.3E.16, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:13861)
      name samba-client
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11264)
      evr datatype=evr_string | operation=less than | value=0:3.0.9-1.3E.16
- CRITERION samba is earlier than 0:3.0.9-1.3E.16
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39475) check=at least one, check_existence=at_least_one_exists, comment=samba is earlier than 0:3.0.9-1.3E.16, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:13931)
      name samba
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11264)
      evr datatype=evr_string | operation=less than | value=0:3.0.9-1.3E.16

AND

OS Section: RHEL4, CentOS4, Oracle Linux 4

OR	RHEL4, CentOS4 or Oracle Linux 4

EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:11831) The operating system installed on the system is Red Hat Enterprise Linux 4

EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:16636) CentOS Linux 4.x
EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:15990) Oracle Linux 4.x

OR Configuration section
- CRITERION samba-common is earlier than 0:3.0.33-0.18.el4_8
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39162) check=at least one, check_existence=at_least_one_exists, comment=samba-common is earlier than 0:3.0.33-0.18.el4_8, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:14032)
      name samba-common
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11350)
      evr datatype=evr_string | operation=less than | value=0:3.0.33-0.18.el4_8
- CRITERION samba-swat is earlier than 0:3.0.33-0.18.el4_8
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39589) check=at least one, check_existence=at_least_one_exists, comment=samba-swat is earlier than 0:3.0.33-0.18.el4_8, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:13707)
      name samba-swat
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11350)
      evr datatype=evr_string | operation=less than | value=0:3.0.33-0.18.el4_8
- CRITERION samba-client is earlier than 0:3.0.33-0.18.el4_8
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39603) check=at least one, check_existence=at_least_one_exists, comment=samba-client is earlier than 0:3.0.33-0.18.el4_8, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:13861)
      name samba-client
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11350)
      evr datatype=evr_string | operation=less than | value=0:3.0.33-0.18.el4_8
- CRITERION samba is earlier than 0:3.0.33-0.18.el4_8
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39658) check=at least one, check_existence=at_least_one_exists, comment=samba is earlier than 0:3.0.33-0.18.el4_8, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:13931)
      name samba
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11350)
      evr datatype=evr_string | operation=less than | value=0:3.0.33-0.18.el4_8

AND

OS Section: RHEL5, CentOS5, Oracle Linux 5

OR	RHEL5, CentOS5 or Oracle Linux 5

EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:11414) The operating system installed on the system is Red Hat Enterprise Linux 5

EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:15802) The operating system installed on the system is CentOS Linux 5.x

EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:15459) Oracle Linux 5.x

OR Configuration section
- CRITERION samba-common is earlier than 0:3.0.33-3.15.el5_4
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39633) check=at least one, check_existence=at_least_one_exists, comment=samba-common is earlier than 0:3.0.33-3.15.el5_4, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:14032)
      name samba-common
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11296)
      evr datatype=evr_string | operation=less than | value=0:3.0.33-3.15.el5_4
- CRITERION samba-swat is earlier than 0:3.0.33-3.15.el5_4
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39222) check=at least one, check_existence=at_least_one_exists, comment=samba-swat is earlier than 0:3.0.33-3.15.el5_4, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:13707)
      name samba-swat
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11296)
      evr datatype=evr_string | operation=less than | value=0:3.0.33-3.15.el5_4
- CRITERION samba-client is earlier than 0:3.0.33-3.15.el5_4
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39493) check=at least one, check_existence=at_least_one_exists, comment=samba-client is earlier than 0:3.0.33-3.15.el5_4, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:13861)
      name samba-client
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11296)
      evr datatype=evr_string | operation=less than | value=0:3.0.33-3.15.el5_4
- CRITERION samba is earlier than 0:3.0.33-3.15.el5_4
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:39205) check=at least one, check_existence=at_least_one_exists, comment=samba is earlier than 0:3.0.33-3.15.el5_4, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:13931)
      name samba
    - rpminfo_state (ID = oval:org.mitre.oval:ste:11296)
      evr datatype=evr_string | operation=less than | value=0:3.0.33-3.15.el5_4


	2008-2021, © AO ALTEX-SOFT , ovaldb@altx-soft.com OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Other names may be trademarks of their respective owners.

Access vector:	PARTIAL
Access complexity:	LOW
Authentication:	SINGLE
Confidentiality impact:	NONE
Integrity impact:	NONE
Availability impact:	PARTIAL