CVE-2013-0214

Priority
Description
Cross-site request forgery (CSRF) vulnerability in the Samba Web
Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12,
and 4.x before 4.0.2 allows remote attackers to hijack the authentication
of arbitrary users by leveraging knowledge of a password and composing
requests that perform SWAT actions.
Notes
mdeslaurswat is in universe
Package
Source: samba (LP Ubuntu Debian)
Upstream:released (2:3.6.6-5)
Ubuntu 12.04 ESM (Precise Pangolin):released (2:3.6.3-2ubuntu2.17)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (2:3.6.15-1ubuntu1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (2:3.6.15-1ubuntu1)
Patches:
Vendor:http://www.debian.org/security/2013/dsa-2617
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-12-05 21:02:08 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)