Detections
Analytics
Samba 3.x < 3.3.16 / 3.4.14 / 3.5.10 Multiple Vulnerabilities
medium Nessus Network Monitor Plugin ID 9343
Synopsis
The remote Samba server is affected by multiple issues.Description
According to its banner, the version of Samba is 3.5.x earlier than 3.5.10, or 3.4.x earlier than 3.4.14, or 3.3.x earlier than 3.3.16, and is therefore affected by multiple vulnerabilities :- A cross-site scripting vulnerability exists because of a failure to sanitize input to the username parameter of the 'passwd' program. (CVE-2011-2522)/n - A cross-site request forgery (CSRF) vulnerability exists which can allow SWAT to be manipulated when a user who is logged in as root is tricked into clicking specially crafted URLs sent by an attacker.
Note that these issues are only exploitable when SWAT is enabled (SWAT is disabled by default) (CVE-2011-2694).
Solution
Upgrade Samba to version 3.5.10 or later. If version 3.5.x cannot be obtained, version 3.4.14 and 3.3.16 have been patched for these issues.See Also
https://bugzilla.samba.org/show_bug.cgi?id=8289
https://bugzilla.samba.org/show_bug.cgi?id=8290
http://samba.org/samba/security/CVE-2011-2522
http://samba.org/samba/security/CVE-2011-2694
http://www.samba.org/samba/history/samba-3.3.16.html
Plugin Details
Severity: Medium
ID: 9343
Family: Samba
Published: 6/9/2016
Updated: 3/6/2019
Nessus ID: 55733
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: Medium
Base Score: 5.6
Temporal Score: 5.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:samba:samba
Patch Publication Date: 8/12/2004
Vulnerability Publication Date: 8/12/2004
Reference Information
CVE: CVE-2011-2522, CVE-2011-2694