JVNDB-2011-002111

[Japanese]
JVNDB-2011-002111
Samba Web Administration Tool vulnerable to cross-site scripting
Overview
Samba Web Administration Tool contains a cross-site scripting vulnerability. Samba Web Administration Tool (SWAT) allows for Samba configuration through a web interface. SWAT contains a cross-site scripting vulnerability. SWAT is disabled in a default configuration of Samba. nobuhiro tsuji of NTT DATA INTELLILINK CORPORATION reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)
CVSS V2 Severity: Base Metrics 2.6 (Low) [IPA Score] Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
Affected Products
Samba Web Administration Tool (SWAT) contained in the following Samba versions are affected:
Samba Project Samba versions prior to 3.5.10 Samba versions prior to 3.4.14 Samba versions prior to 3.3.16 Samba versions 3.0.x through 3.2.15 VMware VMware ESX 3.5 VMware ESX 4.0 VMware ESX 4.1 Red Hat, Inc. Red Hat Enterprise Linux Server EUS 6.1.z Red Hat Enterprise Linux 5 (server) Red Hat Enterprise Linux 4 (as) Red Hat Enterprise Linux 4 (es) Red Hat Enterprise Linux 4 (ws) Red Hat Enterprise Linux Desktop 4.0 Red Hat Enterprise Linux Desktop 6 Red Hat Enterprise Linux Desktop 5.0 (client) Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux Workstation 6 RHEL Desktop Workstation 5 (client)

Impact
An arbitrary script may be executed on the web browser of a user that is logged into SWAT. According to the developer, this vulnerability is exploitable only if JVN#29529126 is not addressed.
Solution
[Update the software] Update to the latest version of Samba or apply the appropriate patch according to the information provided by the developer.
Vendor Information
Samba Project Samba : Samba 3.3.16 Available for Download Samba : Samba 3.4.14 Available for Download Samba : Samba 3.5.10 Available for Download Samba : Samba3 Release Planning Samba : Samba-JP (Japanese) Samba Security Announcement : Cross-Site Scripting vulnerability in SWAT Samba Security Releases : Samba Security Releases VMware VMware Security Advisories : VMSA-2012-0001 Oracle Corporation SECURITY BLOG : Multiple vulnerabilities in Samba Red Hat, Inc. Red Hat Security Advisory : RHSA-2011:1219 Red Hat Security Advisory : RHSA-2011:1220 Red Hat Security Advisory : RHSA-2011:1221
CWE (What is CWE?)
Cross-site Scripting(CWE-79) [IPA Evaluation]
CVE (What is CVE?)
CVE-2011-2694
References
JVN : JVN#63041502 National Vulnerability Database (NVD) : CVE-2011-2694 Secunia Advisory : SA45393 SecurityFocus : 48901 ISS X-Force Database : 68844 SecurityTracker : 1025852 OPEN SOURCE VULNERABILITY DATABASE (OSVDB) : 74072
Revision History
[2011/08/26] Web page published [2011/09/15] Affected Products : Added Red Hat, Inc. (RHSA-2011:1219). Affected Products : Added Red Hat, Inc. (RHSA-2011:1220). Affected Products : Added Red Hat, Inc. (RHSA-2011:1221). Vendor Information : Added Red Hat, Inc. (RHSA-2011:1219). Vendor Information : Added Red Hat, Inc. (RHSA-2011:1220). Vendor Information : Added Red Hat, Inc. (RHSA-2011:1221). [2012/04/16] Vendor Information : Content was added [2012/12/26] Affected Products : Products were added (VMware (VMSA-2012-0001)) Vendor Information : Content was added (VMware (VMSA-2012-0001))


Date Public	2011/07/26
Date First Published	2011/08/26
Date Last Updated	2012/12/26

Samba Web Administration Tool vulnerable to cross-site scripting