Samba Web Administration Tool (SWAT) Cross-Site Request Forgery Vulnerability

Release date:
Updated on:

Affected Systems:
Samba 3.0.x-4.0.1
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2013-0214
 
Samba is a set of programs that implement the SMB (Server Messages Block) protocol, cross-platform file sharing and print sharing services.
 
Samba 3.x, 4. x's Samba Web Administration Tool (SWAT) has a Cross-Site Request Forgery Vulnerability. By guessing the user password and constructing a request for executing the SWAT operation, remote attackers can exploit this vulnerability to hijack the authentication of arbitrary users.
 
<* Source: Jann Horn

Link: http://web.nvd.nist.gov/view/vuln/detail? VulnId = CVE-2013-0214
Http://www.samba.org/samba/security/CVE-2013-0214
*>

Suggestion:
--------------------------------------------------------------------------------
Temporary solution:
 
If you cannot install or upgrade the patch immediately, NSFOCUS recommends that you take the following measures to reduce the threat:
 
* Make sure that SWAT is disabled and configure Samba in other ways to edit the smb. conf file.
 
Vendor patch:
 
Samba
-----
Samba has released a Security Bulletin (CVE-2013-0214) and patches for this:
 
CVE-2013-0214: Cross-Site Request Forgery in SWAT
Link: http://www.samba.org/samba/security/CVE-2013-0214