Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Informations | |||
|---|---|---|---|
| Name | CVE-2013-0214 | First vendor Publication | 2013-02-02 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5.1 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | High |
| Cvss Expoit Score | 4.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-352 | Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:18555 | |||
| Oval ID: | oval:org.mitre.oval:def:18555 | ||
| Title: | DSA-2617-1 samba - several issues | ||
| Description: | Jann Horn had reported two vulnerabilities in Samba, a popular cross-platform network file and printer sharing suite. In particular, these vulnerabilities affect to SWAT, the Samba Web Administration Tool. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2617-1 CVE-2013-0213 CVE-2013-0214 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | samba |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2922-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0723-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0325-1.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_samba_20130521.nasl - Type : ACT_GATHER_INFO |
| 2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1542.nasl - Type : ACT_GATHER_INFO |
| 2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1310.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-107.nasl - Type : ACT_GATHER_INFO |
| 2014-03-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0305.nasl - Type : ACT_GATHER_INFO |
| 2014-03-18 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0305.nasl - Type : ACT_GATHER_INFO |
| 2014-03-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0305.nasl - Type : ACT_GATHER_INFO |
| 2014-03-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140317_samba_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2013-12-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131121_samba_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2013-11-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1542.nasl - Type : ACT_GATHER_INFO |
| 2013-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1542.nasl - Type : ACT_GATHER_INFO |
| 2013-10-11 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130930_samba3x_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2013-10-09 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1310.nasl - Type : ACT_GATHER_INFO |
| 2013-10-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1310.nasl - Type : ACT_GATHER_INFO |
| 2013-02-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_cifs-mount-130131.nasl - Type : ACT_GATHER_INFO |
| 2013-02-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cifs-mount-8449.nasl - Type : ACT_GATHER_INFO |
| 2013-02-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-011.nasl - Type : ACT_GATHER_INFO |
| 2013-02-13 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1718.nasl - Type : ACT_GATHER_INFO |
| 2013-02-13 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1716.nasl - Type : ACT_GATHER_INFO |
| 2013-02-13 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1667.nasl - Type : ACT_GATHER_INFO |
| 2013-02-13 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1654.nasl - Type : ACT_GATHER_INFO |
| 2013-02-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2617.nasl - Type : ACT_GATHER_INFO |
| 2013-02-04 | Name : The remote Samba server is affected by multiple vulnerabilities. File : samba_4_0_2.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 12:33:02 |
|
| 2024-08-02 12:22:17 |
|
| 2024-08-02 01:06:31 |
|
| 2024-02-02 01:21:37 |
|
| 2024-02-01 12:06:20 |
|
| 2023-09-05 12:20:25 |
|
| 2023-09-05 01:06:14 |
|
| 2023-09-02 12:20:27 |
|
| 2023-09-02 01:06:19 |
|
| 2023-08-12 12:24:27 |
|
| 2023-08-12 01:06:21 |
|
| 2023-08-11 12:20:35 |
|
| 2023-08-11 01:06:31 |
|
| 2023-08-06 12:19:49 |
|
| 2023-08-06 01:06:22 |
|
| 2023-08-04 12:19:52 |
|
| 2023-08-04 01:06:24 |
|
| 2023-07-14 12:19:51 |
|
| 2023-07-14 01:06:19 |
|
| 2023-03-29 01:21:50 |
|
| 2023-03-28 12:06:26 |
|
| 2022-10-11 12:17:44 |
|
| 2022-10-11 01:06:01 |
|
| 2021-05-04 12:23:15 |
|
| 2021-04-22 01:27:47 |
|
| 2020-05-23 00:35:41 |
|
| 2018-10-31 00:20:26 |
|
| 2016-12-03 09:23:53 |
|
| 2016-11-29 00:24:48 |
|
| 2016-08-23 09:24:47 |
|
| 2016-08-20 09:22:28 |
|
| 2016-06-28 19:15:18 |
|
| 2016-06-15 09:25:29 |
|
| 2016-03-31 21:24:46 |
|
| 2016-03-10 13:25:20 |
|
| 2015-05-21 13:29:57 |
|
| 2015-05-21 09:28:35 |
|
| 2015-01-21 13:26:00 |
|
| 2014-11-13 13:26:41 |
|
| 2014-06-14 13:34:12 |
|
| 2014-03-26 13:22:15 |
|
| 2014-03-19 13:21:27 |
|
| 2014-02-17 11:15:23 |
|
| 2014-01-04 13:18:59 |
|
| 2013-10-11 13:25:09 |
|
| 2013-05-16 17:02:59 |
|
| 2013-05-10 22:27:58 |
|
| 2013-03-08 13:19:26 |
|
| 2013-02-07 13:21:31 |
|
| 2013-02-04 21:21:56 |
|
| 2013-02-03 00:19:49 |
|
