39 matches found
EUVD-2000-0922
Malware in sbrugna...
EUVD-2013-0248
Malware in sbrugna...
EUVD-2013-0247
Malware in sbrugna...
EUVD-2000-0925
Malware in sbrugna...
EUVD-2000-0926
Malware in sbrugna...
EUVD-2000-0923
Malware in sbrugna...
EUVD-2000-0924
Malware in sbrugna...
CentOS 6 : samba (CESA-2013:1542)
Updated samba packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...
SAMBA 2.0.7 SWAT Symlink Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1872/info The Samba software suite is a collection of programs that implements the SMB protocol for unix systems, allowing you to serve files and printers to Windows, NT, OS/2 and DOS clients. This protocol is sometimes...
SAMBA 2.0.7 SWAT Symlink Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/1872/info The Samba software suite is a collection of programs that implements the SMB protocol for unix systems, allowing you to serve files and printers to Windows, NT, OS/2 and DOS clients. This protocol is sometimes...
CVE-2013-0213
The Samba Web Administration Tool SWAT in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a 1 FRAME or 2 IFRAME element...
CVE-2013-0214
Cross-site request forgery CSRF vulnerability in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that...
Cross-Site Request Forgery in SWAT
Description All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool SWAT. By guessing a user's password and then tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possibl...
(SWAT): XSS flaw in Change Password page
Cross-site scripting XSS vulnerability in the chgpasswd function in web/swat.c in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program aka the user field...
FreeBSD : Samba -- XSS and request forgery vulnerabilities (56f4b3a6-c82c-11e0-a498-00215c6a37bb)
Samba security advisory reports : All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool SWAT. By tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possible to manipulat...
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : samba vulnerabilities (USN-1182-1)
Yoshihiro Ishikawa discovered that the Samba Web Administration Tool SWAT was vulnerable to cross-site request forgeries CSRF. If a Samba administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the Samba configuration...
CVE-2011-2694
Cross-site scripting XSS vulnerability in the chgpasswd function in web/swat.c in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program aka the user field...
CVE-2011-2522
Multiple cross-site request forgery CSRF vulnerabilities in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that 1 shut down daemons, 2 start daemons, 3 add shares, 4 remove shares, 5 add printers...
Cross site scripting
Cross-site scripting XSS vulnerability in the chgpasswd function in web/swat.c in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program aka the user field...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that 1 shut down daemons, 2 start daemons, 3 add shares, 4 remove shares, 5 add printers...