Detections
Analytics

Samba Web Administration Tool (SWAT) Error Message Username Enumeration

medium Nessus Plugin ID 10590

Synopsis

The remote service is vulnerable to information disclosure.

Description

The remote SWAT server replies with different error codes when it is issued a bad user name or a bad password.

An attacker may use this flaw to obtain the list of user names of the remote host by a brute-force attack.

As SWAT does not log login attempts, an attacker may use this flaw even more effectively.

Solution

Upgrade to the latest Samba packages.

See Also

https://seclists.org/bugtraq/2000/Oct/442

Plugin Details

Severity: Medium

ID: 10590

File Name: swat_guessable_usernames.nasl

Version: 1.25

Type: remote

Family: CGI abuses

Published: 1/8/2001

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:samba:samba

Excluded KB Items: Settings/disable_cgi_scanning

Vulnerability Publication Date: 10/30/2000

Reference Information

CVE: CVE-2000-0938