4 matches found
CVE-2000-0938
Samba SWAT (Web Administration Tool) shipped with Samba 2.0.7 is vulnerable to username enumeration: SWAT returns different error messages for valid vs. invalid usernames, enabling remote attackers to identify valid users on the server. This is evidenced by multiple sources in the CVE ecosystem (...
CVE-2000-0935
CVE-2000-0935 affects Samba 2.0.7: the SWAT (Samba Web Administration Tool) CGI log file is vulnerable to a symlink attack that lets local users overwrite arbitrary files. This is a local-privilege context with complete impact on confidentiality and integrity as indicated by the CVSS metrics. Sup...
CVE-2000-0938
Samba Web Administration Tool SWAT in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server...
CVE-2000-0939
CVE-2000-0939 affects Samba’s Web Administration Tool (SWAT) shipped with Samba 2.0.7. The issue allows a remote attacker over the network to trigger a denial-of-service by repeatedly sending a nonstandard URL in the GET HTTP request, forcing SWAT to restart. Connected sources corroborate SWAT ex...