CVE-2013-0214 Information

Feb 14, 2021 cve

Description

Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21 3.6.x before 3.6.12 and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions.

Reference

http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00042.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00029.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00033.html http://osvdb.org/89627 http://rhn.redhat.com/errata/RHSA-2013-1310.html http://rhn.redhat.com/errata/RHSA-2013-1542.html http://rhn.redhat.com/errata/RHSA-2014-0305.html http://www.debian.org/security/2013/dsa-2617 http://www.samba.org/samba/security/CVE-2013-0214 http://www.securityfocus.com/bid/57631 http://www.ubuntu.com/usn/USN-2922-1 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993

Share on: