Lucene search
K

Samba Web Administration Tool (SWAT) Detection

🗓️ 03 Mar 2000 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 30 Views

Remote host running Samba Web Administration Tool, SWAT, for network management.

Refs
Code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description) {
  script_id(10273);
  script_version("1.34");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/06/01");

  script_name(english:"Samba Web Administration Tool (SWAT) Detection");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is running a web server for Samba administration.");
  script_set_attribute(attribute:"description", value:
"The remote host is running SWAT, the Samba Web Administration Tool.

SWAT is a web-based configuration tool for Samba administration that
also allows for network-wide MS Windows network password management.");
  script_set_attribute(attribute:"see_also", value:"https://www.samba.org/samba/docs/old/Samba3-HOWTO/SWAT.html");
  script_set_attribute(attribute:"solution", value:
"Either disable SWAT or limit access to authorized users and ensure that
it is set up with stunnel to encrypt network traffic.");
  script_set_attribute(attribute:"risk_factor", value:"None");

  script_set_attribute(attribute:"plugin_publication_date", value:"2000/03/03");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"asset_inventory", value:"True");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:epicgames:swat_4");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2000-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("http_version.nasl");
  script_require_ports("Services/swat", "Services/www", 901);

  exit(0);
}


include("global_settings.inc");
include("misc_func.inc");
include("http.inc");


# Fire on any ports that find_services already identified as running SWAT.
port901 = 0;
foreach port (get_kb_list("Services/swat")) {
  if (port == 901) port901 = 1;
  if (get_port_state(port)) {
    security_note(port);
  }
}


# Explicitly test various ports.
if (thorough_tests) {
  if (port901) ports = get_kb_list("Services/www");
  else ports = add_port_in_list(list:get_kb_list("Services/www"), port:901);
}
else {
  if (port901) ports = make_list();
  else ports = make_list(901);
}
if (! isnull(ports)) {
  foreach port (ports) {
    if ( ! get_port_state(port) ) continue;
    # Try to pull up the initial page.
    w = http_send_recv3(method:"GET", item:"/", port:port);
    if (isnull(w)) exit(1, "the web server did not answer");

    # SWAT's running if we're prompted to authenticated to the SWAT realm.
    if ('WWW-Authenticate: Basic realm="SWAT"' >< w[1]) {
      security_note(port);
    }
    # else SWAT's running in demo mode if we get to the initial page.
    else if (
      '<TITLE>Samba Web Administration Tool</TITLE>' >< w[2] &&
      '<IMG SRC="/swat/images/samba.gif" ALT="[ Samba ]" border=0>' >< w[2]
    ) 
    {
     set_kb_item(name:"SWAT/no_auth", value:port);
     security_note(port);
    }
  }
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

01 Jun 2022 00:00Current
5.5Medium risk
Vulners AI Score5.5
30