Pardus: 2011-110: Samba: Multiple Vulnerabilities
Posted by Benjamin D. Thomas   
Multiple vulnerabilities have been fixed in samba.
------------------------------------------------------------------------
Pardus Linux Security Advisory 2011-110           security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2011-09-05
      Type: Remote
------------------------------------------------------------------------

Summary
======
Multiple vulnerabilities have been fixed in samba.


Description
==========
CVE-2011-2522:

Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba
Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow  remote
attackers to hijack the authentication of administrators  for  requests
that (1) shut down daemons, (2) start  daemons,  (3)  add  shares,  (4)
remove shares, (5) add printers, (6)  remove  printers,  (7)  add  user
accounts, or (8) remove user accounts, as demonstrated by certain start,
stop, and restart parameters to the status program.



CVE-2011-2694 :

Cross-site scripting (XSS) vulnerability in the chg_passwd function  in
web/swat.c in the Samba Web Administration Tool  (SWAT)  in  Samba  3.x
before 3.5.10 allows  remote  authenticated  administrators  to  inject
arbitrary web script or HTML via the username parameter to  the  passwd
program (aka the user field to the Change Password page).


Affected packages:

  Pardus 2009:
    samba, all before 3.3.16-56-17
  Pardus 2011:
    samba, all before 3.5.10-68-p11


Resolution
=========
There are update(s) for samba. You can update them via Package  Manager
or with a single command from console:

  Pardus 2009:
    pisi up samba

  Pardus 2011:
    pisi up samba


References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id842

------------------------------------------------------------------------