This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote Solaris system is missing a security patch for third-party
The remote Solaris system is missing necessary patches to address
security updates :
- The Samba Web Administration Tool (SWAT) in Samba 3.x
before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2
allows remote attackers to conduct clickjacking attacks
via a (1) FRAME or (2) IFRAME element. (CVE-2013-0213)
- Cross-site request forgery (CSRF) vulnerability in the
Samba Web Administration Tool (SWAT) in Samba 3.x before
3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows
remote attackers to hijack the authentication of
arbitrary users by leveraging knowledge of a password
and composing requests that perform SWAT actions.
See also :
Upgrade to Solaris 184.108.40.206.0.
Risk factor :
Medium / CVSS Base Score : 5.1