← voltar
CVE-2013-0214

CVE-2013-0214

EPSS 1.9%
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00019.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-03/msg00042.htmlhttp://lists.opensuse.org/opensuse-updates/2013-02/msg00029.htmlhttp://lists.opensuse.org/opensuse-updates/2013-02/msg00033.htmlhttp://osvdb.org/89627http://rhn.redhat.com/errata/RHSA-2013-1310.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1542.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0305.htmlhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993http://www.debian.org/security/2013/dsa-2617http://www.samba.org/samba/security/CVE-2013-0214http://www.securityfocus.com/bid/57631