Detections
Analytics

Samba Web Administration Tool (SWAT) Detection

info Nessus Plugin ID 10273

Language:

Synopsis

The remote host is running a web server for Samba administration.

Description

The remote host is running SWAT, the Samba Web Administration Tool.

SWAT is a web-based configuration tool for Samba administration that also allows for network-wide MS Windows network password management.

Solution

Either disable SWAT or limit access to authorized users and ensure that it is set up with stunnel to encrypt network traffic.

See Also

https://www.samba.org/samba/docs/old/Samba3-HOWTO/SWAT.html

Plugin Details

Severity: Info

ID: 10273

File Name: swat_detect.nasl

Version: 1.34

Type: remote

Family: CGI abuses

Published: 3/3/2000

Updated: 6/1/2022

Configuration: Enable thorough checks

Asset Inventory: true

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:epicgames:swat_4