samba is vulnerable to cross-site request forgery (CSRF). It was found that SWAT web pages did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, the attacker could perform Samba configuration changes with the privileges of the logged in user.

CPENameOperatorVersion
sambaeq3.0.25b__1.el4_6.5
sambaeq3.0.28__0.el5.8
sambaeq3.0.33__0.19.el4_8.3
sambaeq3.0.23c__2.el5.2.0.2
sambaeq3.0.10__2.el4_5.3
sambaeq3.5.4__68.el6_0.2
sambaeq3.0.28__0.el4.9
sambaeq3.0.33__3.14.el5
sambaeq3.0.25b__1.el5_1.4
sambaeq3.0.10__2.el4_5.2

Name	Operator	Version
samba	eq	3.0.25b__1.el4_6.5
samba	eq	3.0.28__0.el5.8
samba	eq	3.0.33__0.19.el4_8.3
samba	eq	3.0.23c__2.el5.2.0.2
samba	eq	3.0.10__2.el4_5.3
samba	eq	3.5.4__68.el6_0.2
samba	eq	3.0.28__0.el4.9
samba	eq	3.0.33__3.14.el5
samba	eq	3.0.25b__1.el5_1.4
samba	eq	3.0.10__2.el4_5.2

Rows per page:

1-10 of 761

References

jvn.jp/en/jp/JVN29529126/index.html

marc.info/?l=bugtraq&m=133527864025056&w=2

osvdb.org/74071

samba.org/samba/history/samba-3.5.10.html

secunia.com/advisories/45393

secunia.com/advisories/45488

secunia.com/advisories/45496

securityreason.com/securityalert/8317

securitytracker.com/id?1025852

ubuntu.com/usn/usn-1182-1

www.debian.org/security/2011/dsa-2290

www.exploit-db.com/exploits/17577

www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543

www.mandriva.com/security/advisories?name=MDVSA-2011:121

www.samba.org/samba/security/CVE-2011-2522

www.securityfocus.com/bid/48899

access.redhat.com/errata/RHSA-2011:1219

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=721348

bugzilla.samba.org/show_bug.cgi?id=8290

exchange.xforce.ibmcloud.com/vulnerabilities/68843

cve 1

samba 2

cvelist 1

jvn 1

prion 1

packetstorm 1

exploitpack 1

seebug 1

ubuntucve 1

nvd 1

debiancve 1

exploitdb 1

nessus 28

slackware 1

openvas 42

debian 1

fedora 4

securityvulns 2

ubuntu 1

osv 1

freebsd 1

altlinux 1

oraclelinux 4

redhat 3

centos 2

vmware 2

cve

CVE-2011-2522

2011-07-29 20:55:02

samba

Cross-Site Request Forgery in SWAT

2011-07-26 00:00:00

Cross-Site Scripting vulnerability in SWAT

2011-07-26 00:00:00

cvelist

CVE-2011-2522

2011-07-29 20:00:00

jvn

JVN#29529126: Samba Web Administration Tool vulnerable to cross-site request forgery

2011-08-26 00:00:00

prion

Cross site request forgery (csrf)

2011-07-29 20:55:00

packetstorm

Samba Web Administration Tool Cross Site Request Forgery

2011-07-27 00:00:00

exploitpack

SWAT Samba Web Administration Tool - Cross-Site Request Forgery

2011-07-27 00:00:00

seebug

SWAT Samba Web Administration Tool Cross-Site Request Forgery PoC

2011-07-28 00:00:00

ubuntucve

CVE-2011-2522

2011-07-28 00:00:00

nvd

CVE-2011-2522

2011-07-29 20:55:02

debiancve

CVE-2011-2522

2011-07-29 20:55:02

exploitdb

SWAT Samba Web Administration Tool - Cross-Site Request Forgery

2011-07-27 00:00:00

nessus

FreeBSD : Samba -- XSS and request forgery vulnerabilities (56f4b3a6-c82c-11e0-a498-00215c6a37bb)

2011-08-17 00:00:00

Samba 3.x < 3.3.16 / 3.4.14 / 3.5.10 Multiple Vulnerabilities

2016-06-09 00:00:00

Fedora 14 : samba-3.5.11-79.fc14 (2011-10367)

2011-08-17 00:00:00

slackware

[slackware-security] samba

2011-07-29 23:19:02

openvas

Debian: Security Advisory (DSA-2290-1)

2011-09-21 00:00:00

Fedora Update for samba FEDORA-2011-10341

2011-08-19 00:00:00

Debian Security Advisory DSA 2290-1 (samba)

2011-09-21 00:00:00

debian

[SECURITY] [DSA 2290-1] samba security update

2011-08-07 20:14:25

fedora

[SECURITY] Fedora 15 Update: samba-3.5.11-71.fc15.1

2011-08-17 01:00:53

[SECURITY] Fedora 15 Update: samba-3.5.14-73.fc15.1

2012-04-22 03:27:16

[SECURITY] Fedora 14 Update: samba-3.5.11-79.fc14

2011-08-17 00:59:07

securityvulns

[ MDVSA-2011:121 ] samba

2011-08-01 00:00:00

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

2011-08-01 00:00:00

ubuntu

Samba vulnerabilities

2011-08-02 00:00:00

osv

samba - cross-side scripting

2011-08-07 00:00:00

freebsd

Samba -- cross site scripting and request forgery vulnerabilities

2011-07-27 00:00:00

altlinux

Security fix for the ALT Linux 6 package samba version 3.5.10-alt1

2011-07-28 00:00:00

oraclelinux

samba3x security update

2011-08-29 00:00:00

samba and cifs-utils security and bug fix update

2011-08-29 00:00:00

samba security update

2011-08-29 00:00:00

redhat

(RHSA-2011:1220) Moderate: samba3x security update

2011-08-29 00:00:00

(RHSA-2011:1221) Moderate: samba and cifs-utils security and bug fix update

2011-08-29 00:00:00

(RHSA-2011:1219) Moderate: samba security update

2011-08-29 00:00:00

centos

samba3x security update

2011-09-01 16:12:20

libsmbclient, samba security update

2011-08-29 21:13:06

vmware

VMware ESXi and ESX updates to third party library and ESX Service Console

2012-01-30 00:00:00

VMware ESXi and ESX updates to third party library and ESX Service Console

2012-01-30 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.008 Low

EPSS

Percentile

81.6%

JSON

Related for VERACODE:24689