VYPR

SWAT

by Samba (software)

CVEs (5)

  • CVE-2004-0600Jul 27, 2004
    risk 0.05cvss epss 0.29

    Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.

  • CVE-2000-0936Dec 19, 2000
    risk 0.03cvss epss 0.01

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.

  • CVE-2013-0214Feb 2, 2013
    risk 0.00cvss epss 0.02

    Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and…

  • CVE-2013-0213Feb 2, 2013
    risk 0.00cvss epss 0.03

    The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.

  • CVE-2000-0939Dec 19, 2000
    risk 0.00cvss epss 0.02

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart.