[Japanese]

JVNDB-2011-002111

Samba Web Administration Tool vulnerable to cross-site scripting

Overview

Samba Web Administration Tool contains a cross-site scripting vulnerability.

Samba Web Administration Tool (SWAT) allows for Samba configuration through a web interface. SWAT contains a cross-site scripting vulnerability.

SWAT is disabled in a default configuration of Samba.

nobuhiro tsuji of NTT DATA INTELLILINK CORPORATION reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

Base Metrics: 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None

Affected Products

Samba Web Administration Tool (SWAT) contained in the following Samba versions are affected:

Samba Project
  • Samba versions prior to 3.5.10
  • Samba versions prior to 3.4.14
  • Samba versions prior to 3.3.16
  • Samba versions 3.0.x through 3.2.15
VMware
  • VMware ESX 3.5
  • VMware ESX 4.0
  • VMware ESX 4.1
Red Hat, Inc.
  • Red Hat Enterprise Linux Server EUS (v. 6.1.z)
  • Red Hat Desktop (v.4)
  • Red Hat Enterprise Linux (v.5 server)
  • Red Hat Enterprise Linux AS (v.4)
  • Red Hat Enterprise Linux Desktop (v. 6)
  • Red Hat Enterprise Linux Desktop (v.5 client)
  • Red Hat Enterprise Linux ES (v.4)
  • Red Hat Enterprise Linux HPC Node (v. 6)
  • Red Hat Enterprise Linux Server (v. 6)
  • Red Hat Enterprise Linux Workstation (v. 6)
  • Red Hat Enterprise Linux WS (v.4)
  • RHEL Desktop Workstation (v.5 client)

Impact

An arbitrary script may be executed on the web browser of a user that is logged into SWAT.

According to the developer, this vulnerability is exploitable only if JVN#29529126 is not addressed.
Solution

[Update the software]
Update to the latest version of Samba or apply the appropriate patch according to the information provided by the developer.
Vendor Information

Samba Project VMware Oracle Corporation Red Hat, Inc.
CWE (What is CWE?)

  1. Cross-site Scripting(CWE-79) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2011-2694
References

  1. JVN : JVN#63041502
  2. National Vulnerability Database (NVD) : CVE-2011-2694
  3. Secunia Advisory : SA45393
  4. SecurityFocus : 48901
  5. ISS X-Force Database : 68844
  6. SecurityTracker : 1025852
  7. OPEN SOURCE VULNERABILITY DATABASE (OSVDB) : 74072
Revision History

[2011/08/26]
  Web page published
[2011/09/15]
  Affected Products : Added Red Hat, Inc. (RHSA-2011:1219).
  Affected Products : Added Red Hat, Inc. (RHSA-2011:1220).  
  Affected Products : Added Red Hat, Inc. (RHSA-2011:1221).
  Vendor Information : Added Red Hat, Inc. (RHSA-2011:1219).
  Vendor Information : Added Red Hat, Inc. (RHSA-2011:1220).
  Vendor Information : Added Red Hat, Inc. (RHSA-2011:1221).
[2012/04/16]
  Vendor Information : Content was added
[2012/12/26]
  Affected Products : Products were added (VMware (VMSA-2012-0001))
  Vendor Information : Content was added (VMware (VMSA-2012-0001))