Summary
Jann Horn had reported two vulnerabilities in Samba, a popular cross-platform network file and printer sharing suite. In particular, these vulnerabilities affect to SWAT, the Samba Web Administration Tool.
CVE-2013-0213:
Clickjacking issue in SWAT
An attacker can integrate a SWAT page into a malicious web page via a frame or iframe and then overlaid by other content. If an authenticated valid user interacts with this malicious web page, she might perform unintended changes in the Samba settings.
CVE-2013-0214:
Potential Cross-site request forgery
An attacker can persuade a valid SWAT user, who is logged in as root, to click in a malicious link and trigger arbitrary unintended changes in the Samba settings. In order to be vulnerable, the attacker needs to know the victim's password.
Solution
For the stable distribution (squeeze), these problems have been fixed in version 2:3.5.6~dfsg-3squeeze9.
For the testing distribution (wheezy), these problems have been fixed in version 2:3.6.6-5.
For the unstable distribution (sid), these problems have been fixed in version 2:3.6.6-5.
We recommend that you upgrade your samba packages.
Insight
Samba is an implementation of the SMB/CIFS protocol for Unix systems, providing support for cross-platform file and printer sharing with Microsoft Windows, OS X, and other Unix systems. Samba can also function as an NT4-style domain controller, and can integrate with both NT4 domains and Active Directory realms as a member server.
Affected
samba on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-0213, CVE-2013-0214 -
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P
Related Vulnerabilities