JVNDB-2011-002110

[Japanese]
JVNDB-2011-002110
Samba Web Administration Tool vulnerable to cross-site request forgery
Overview
Samba Web Administration Tool (SWAT) contains a cross-site request forgery vulnerability. Samba Web Administration Tool (SWAT) allows for Samba configuration through a web interface. SWAT contains a cross-site request forgery vulnerability. SWAT is disabled in a default configuration of Samba. ISHIKAWA YOSHIHIRO of LAC reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)
CVSS V2 Severity: Base Metrics 4.0 (Medium) [IPA Score] Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: Partial
Affected Products
Samba Web Administration Tool (SWAT) contained in the following Samba versions are affected:
Samba Project Samba versions prior to 3.5.10 Samba versions prior to 3.4.14 Samba versions prior to 3.3.16 Samba versions 3.0.x through 3.2.15 VMware VMware ESX 3.5 VMware ESX 4.0 VMware ESX 4.1 Red Hat, Inc. Red Hat Enterprise Linux Server EUS 6.1.z Red Hat Enterprise Linux 5 (server) Red Hat Enterprise Linux 4 (as) Red Hat Enterprise Linux 4 (es) Red Hat Enterprise Linux 4 (ws) Red Hat Enterprise Linux Desktop 4.0 Red Hat Enterprise Linux Desktop 6 Red Hat Enterprise Linux Desktop 5.0 (client) Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux Workstation 6 RHEL Desktop Workstation 5 (client)

Impact
When a user is logged in to SWAT as root, an attacker may change configurations in Samba.
Solution
[Update the software] Update to the latest version of Samba or apply the appropriate patch according to the information provided by the developer.
Vendor Information
Samba Project Samba : Samba 3.3.16 Available for Download Samba : Samba 3.4.14 Available for Download Samba : Samba 3.5.10 Available for Download Samba : Samba3 Release Planning Samba : Samba-JP (Japanese) Samba Security Announcement : Cross-Site Request Forgery in SWAT Samba Security Releases : Samba Security Releases VMware VMware Security Advisories : VMSA-2012-0001 Oracle Corporation SECURITY BLOG : Multiple vulnerabilities in Samba Red Hat, Inc. Red Hat Security Advisory : RHSA-2011:1219 Red Hat Security Advisory : RHSA-2011:1220 Red Hat Security Advisory : RHSA-2011:1221
CWE (What is CWE?)
Cross-Site Request Forgery(CWE-352) [IPA Evaluation]
CVE (What is CVE?)
CVE-2011-2522
References
JVN : JVN#29529126 National Vulnerability Database (NVD) : CVE-2011-2522 Secunia Advisory : SA45393 SecurityFocus : 48899 ISS X-Force Database : 68843 SecurityTracker : 1025852 OPEN SOURCE VULNERABILITY DATABASE (OSVDB) : 74071
Revision History
[2011/08/26] Web page published [2011/09/15] Affected Products : Products were added (Red Hat, Inc. (RHSA-2011:1219)) Affected Products : Products were added (Red Hat, Inc. (RHSA-2011:1220)) Affected Products : Products were added (Red Hat, Inc. (RHSA-2011:1221)) Vendor Information : Content was added (Red Hat, Inc. (RHSA-2011:1219)) Vendor Information : Content was added (Red Hat, Inc. (RHSA-2011:1220)) Vendor Information : Content was added (Red Hat, Inc. (RHSA-2011:1221)) [2012/04/16] Vendor Information : Content was added (Oracle Corporation (Multiple vulnerabilities in Samba)) [2012/12/26] Affected Products : Products were added (VMware (VMSA-2012-0001)) Vendor Information : Content was added (VMware (VMSA-2012-0001))


Date Public	2011/07/26
Date First Published	2011/08/26
Date Last Updated	2012/12/26

Samba Web Administration Tool vulnerable to cross-site request forgery