CVE-2011-2522

Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
sambasamba
3.0.0 ≤
𝑥
< 3.3.16
sambasamba
3.4.0 ≤
𝑥
< 3.4.14
sambasamba
3.5.0 ≤
𝑥
< 3.5.10
debiandebian_linux
5.0
debiandebian_linux
6.0
debiandebian_linux
7.0
canonicalubuntu_linux
8.04
canonicalubuntu_linux
10.04
canonicalubuntu_linux
10.10
canonicalubuntu_linux
11.04
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
samba
bookworm
2:4.17.12+dfsg-0+deb12u1
fixed
bookworm (security)
2:4.17.12+dfsg-0+deb12u1
fixed
bullseye
2:4.13.13+dfsg-1~deb11u6
fixed
bullseye (security)
2:4.13.13+dfsg-1~deb11u6
fixed
sid
2:4.21.1+dfsg-2
fixed
trixie
2:4.21.1+dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
samba
hardy
Fixed 3.0.28a-1ubuntu4.15
released
lucid
Fixed 2:3.4.7~dfsg-1ubuntu3.7
released
maverick
Fixed 2:3.5.4~dfsg-1ubuntu8.5
released
natty
Fixed 2:3.5.8~dfsg-1ubuntu2.3
released
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
cifs-utils
RHEL 6
0:4.8.1-2.el6_1.2
fixed
libsmbclient
RHEL 6
0:3.5.6-86.el6_1.4
fixed
libsmbclient-devel
RHEL 6
0:3.5.6-86.el6_1.4
fixed
samba
RHEL 6
0:3.5.6-86.el6_1.4
fixed
samba-client
RHEL 6
0:3.5.6-86.el6_1.4
fixed
samba-common
RHEL 6
0:3.5.6-86.el6_1.4
fixed
samba-doc
RHEL 6
0:3.5.6-86.el6_1.4
fixed
samba-domainjoin-gui
RHEL 6
0:3.5.6-86.el6_1.4
fixed
samba-swat
RHEL 6
0:3.5.6-86.el6_1.4
fixed
samba-winbind
RHEL 6
0:3.5.6-86.el6_1.4
fixed
samba-winbind-clients
RHEL 6
0:3.5.6-86.el6_1.4
fixed
samba-winbind-devel
RHEL 6
0:3.5.6-86.el6_1.4
fixed
samba-winbind-krb5-locator
RHEL 6
0:3.5.6-86.el6_1.4
fixed
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN29529126/index.html
http://marc.info/?l=bugtraq&m=133527864025056&w=2
http://osvdb.org/74071
http://samba.org/samba/history/samba-3.5.10.html
http://secunia.com/advisories/45393
http://secunia.com/advisories/45488
http://secunia.com/advisories/45496
http://securityreason.com/securityalert/8317
http://securitytracker.com/id?1025852
http://ubuntu.com/usn/usn-1182-1
http://www.debian.org/security/2011/dsa-2290
http://www.exploit-db.com/exploits/17577
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543
http://www.mandriva.com/security/advisories?name=MDVSA-2011:121
http://www.samba.org/samba/security/CVE-2011-2522
http://www.securityfocus.com/bid/48899
https://bugzilla.redhat.com/show_bug.cgi?id=721348
https://bugzilla.samba.org/show_bug.cgi?id=8290
https://exchange.xforce.ibmcloud.com/vulnerabilities/68843
http://jvn.jp/en/jp/JVN29529126/index.html
http://marc.info/?l=bugtraq&m=133527864025056&w=2
http://osvdb.org/74071
http://samba.org/samba/history/samba-3.5.10.html
http://secunia.com/advisories/45393
http://secunia.com/advisories/45488
http://secunia.com/advisories/45496
http://securityreason.com/securityalert/8317
http://securitytracker.com/id?1025852
http://ubuntu.com/usn/usn-1182-1
http://www.debian.org/security/2011/dsa-2290
http://www.exploit-db.com/exploits/17577
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543
http://www.mandriva.com/security/advisories?name=MDVSA-2011:121
http://www.samba.org/samba/security/CVE-2011-2522
http://www.securityfocus.com/bid/48899
https://bugzilla.redhat.com/show_bug.cgi?id=721348
https://bugzilla.samba.org/show_bug.cgi?id=8290
https://exchange.xforce.ibmcloud.com/vulnerabilities/68843