Detections
Analytics

Samba 3.x < 3.5.21 / 3.6.12 and 4.x < 4.0.2 SWAT Multiple Vulnerabilities (deprecated)

low Nessus Network Monitor Plugin ID 6686

Synopsis

The remote Samba server is affected by multiple vulnerabilities

Description

According to its banner, the version of Samba 3.x or 4.x running on the remote host is earlier than 3.5.21 / 3.6.12 or 4.0.2. It is, therefore, affected by the following vulnerabilities :

 - An error exists in the SWAT interface that could allow 'clickjacking' attacks. (CVE-2013-0213, Issue #9576)

 - An error exists in the SWAT interface that could allow cross-site request forgery (XSRF) attacks. (CVE-2013-0214, Issue #9577)

Note that these issues are only exploitable when SWAT is enabled and it is not enabled by default.

Solution

Either install the appropriate patch referenced in the project's advisory or upgrade to 3.5.21 / 3.6.12 / 4.0.2 or later

See Also

https://www.samba.org/samba/security/CVE-2012-0213

https://www.samba.org/samba/security/CVE-2013-0214

http://www.samba.org/samba/history/samba-4.0.2.html

Plugin Details

Severity: Low

ID: 6686

Family: Samba

Published: 2/7/2012

Updated: 3/6/2019

Nessus ID: 64459

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS v3

Risk Factor: Low

Base Score: 3.7

Temporal Score: 3.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:samba:samba

Patch Publication Date: 1/30/2012

Vulnerability Publication Date: 1/30/2013

Reference Information

CVE: CVE-2013-0213, CVE-2013-0214

BID: 57631