CVE-2011-2522 Information

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons (2) start daemons (3) add shares (4) remove shares (5) add printers (6) remove printers (7) add user accounts or (8) remove user accounts as demonstrated by certain start stop and restart parameters to the status program.

Reference

http://jvn.jp/en/jp/JVN29529126/index.html http://marc.info/?l=bugtraq&m=133527864025056&w=2 http://osvdb.org/74071 http://samba.org/samba/history/samba-3.5.10.html http://secunia.com/advisories/45393 http://secunia.com/advisories/45488 http://secunia.com/advisories/45496 http://securityreason.com/securityalert/8317 http://securitytracker.com/id?1025852 http://ubuntu.com/usn/usn-1182-1 http://www.debian.org/security/2011/dsa-2290 http://www.exploit-db.com/exploits/17577 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543 http://www.mandriva.com/security/advisories?name=MDVSA-2011:121 http://www.samba.org/samba/security/CVE-2011-2522 http://www.securityfocus.com/bid/48899 https://bugzilla.redhat.com/show_bug.cgi?id=721348 https://bugzilla.samba.org/show_bug.cgi?id=8290 https://exchange.xforce.ibmcloud.com/vulnerabilities/68843