CVE-2011-2522

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2011-2522 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by Yoshihiro Ishikawa and Takayuki Uchiyama.

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2011-2522

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Samba 3.0.x - 3.5.9 (inclusive)

All current released versions of Samba are vulnerable to a cross-site
request forgery in the Samba Web Administration Tool (SWAT). By tricking
a user who is authenticated with SWAT into clicking a manipulated URL on
a different web page, it is possible to manipulate SWAT.

In order to be vulnerable, SWAT must have been installed and enabled
either as a standalone server launched from inetd or xinetd, or as a
CGI plugin to Apache. If SWAT has not been installed or enabled (which
is the default install state for Samba) this advisory can be ignored.

If the user authenticated to SWAT as root, it is possible to shut down or
start the samba daemons, add or remove shares, printers and user accounts
and to change other aspects of the Samba configuration.

Vendor Status:
Samba had issued an update for this vulnerability.

Patch Availability:
A patch addressing this defect has been posted to

http://www.samba.org/samba/security/

CVE Information:
CVE-2011-2522

Disclosure Timeline:
Date issued: 26 Jul 2011

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus