CVE-2013-0214
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2013-0214
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2013-0214.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2013-0214
- Related
- Published
- 2013-02-02T20:55:03Z
- Modified
- 2024-09-18T01:00:22Z
- Summary
- [none]
- Details
-
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions.
- References
-
- http://rhn.redhat.com/errata/RHSA-2013-1310.html
- http://rhn.redhat.com/errata/RHSA-2013-1542.html
- http://rhn.redhat.com/errata/RHSA-2014-0305.html
- http://www.debian.org/security/2013/dsa-2617
- http://www.samba.org/samba/security/CVE-2013-0214
- http://www.ubuntu.com/usn/USN-2922-1
- http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00019.html
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00042.html
- http://lists.opensuse.org/opensuse-updates/2013-02/msg00029.html
- http://lists.opensuse.org/opensuse-updates/2013-02/msg00033.html
- http://osvdb.org/89627
- http://www.securityfocus.com/bid/57631
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993
- https://security-tracker.debian.org/tracker/CVE-2013-0214
Affected packages
Debian:11 / samba
Package
- Name
- samba
- Purl
- pkg:deb/debian/samba?arch=source
Debian:12 / samba
Package
- Name
- samba
- Purl
- pkg:deb/debian/samba?arch=source
Debian:13 / samba
Package
- Name
- samba
- Purl
- pkg:deb/debian/samba?arch=source