VYPR

Samba Web Administration Tool (SWAT)

by Samba (software)

CVEs (3)

  • CVE-2000-0937Dec 19, 2000
    risk 0.04cvss epss 0.08

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks.

  • CVE-2000-0935Dec 19, 2000
    risk 0.03cvss epss 0.01

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.

  • CVE-2011-2694Jul 29, 2011
    risk 0.01cvss epss 0.06

    Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd…