OVAL Reference oval:org.mitre.oval:def:19662

Oval Definition:

oval:org.mitre.oval:def:19662

Revision Date:	2015-04-20	Version:	29
Title:	CIFS Server (Samba), Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS)
Description:	Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2011-2522
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis
Criteria meets HP Security Bulletin HPSBUX02768 platforms HP-UX B.11.11 OR HP-UX B.11.23 AND filesets tests CIFS-Development.CIFS-PRG version is less than A.02.04.05 OR CIFS-Server.CIFS-ADMIN version is less than A.02.04.05 OR CIFS-Server.CIFS-DOC version is less than A.02.04.05 OR CIFS-Server.CIFS-LIB version is less than A.02.04.05 OR CIFS-Server.CIFS-RUN version is less than A.02.04.05 OR CIFS-Server.CIFS-UTIL version is less than A.02.04.05 OR Criteria meets HP Security Bulletin HPSBUX02768 HP-UX B.11.31 AND filesets tests CIFS-CFSM.CFSM-KRN version is less than A.02.04.05 OR CIFS-CFSM.CFSM-RUN version is less than A.02.04.05 OR CIFS-Development.CIFS-PRG version is less than A.02.04.05 OR CIFS-Server.CIFS-ADMIN version is less than A.02.04.05 OR CIFS-Server.CIFS-DOC version is less than A.02.04.05 OR CIFS-Server.CIFS-LIB version is less than A.02.04.05 OR CIFS-Server.CIFS-RUN version is less than A.02.04.05 OR CIFS-Server.CIFS-UTIL version is less than A.02.04.05 OR Criteria meets HP Security Bulletin HPSBUX02768 platforms HP-UX B.11.23 OR HP-UX B.11.31 AND filesets tests CIFS-Development.CIFS-PRG version is less than A.03.01.04 OR CIFS-Server.CIFS-ADMIN version is less than A.03.01.04 OR CIFS-Server.CIFS-DOC version is less than A.03.01.04 OR CIFS-Server.CIFS-LIB version is less than A.03.01.04 OR CIFS-Server.CIFS-RUN version is less than A.03.01.04 OR CIFS-Server.CIFS-UTIL version is less than A.03.01.04

BACK