CVE-2011-2694
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2011-2694
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Samba SWAT修改口令功能跨站脚本攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Samba是Samba团队开发的一套可使UNIX系列的操作系统与微软Windows操作系统的SMB/CIFS网络协议做连结的自由软件。该软件支持共享打印机、互相传输资料文件等。 Samba中存在跨站脚本攻击漏洞。向SWAT的“Change password”页面中的“user”字段传递的输入还没有经过正确过滤就返回给了用户,远程攻击者可利用该漏洞执行受影响站点上下文中用户浏览器会话中的任意HTML和脚本代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2011-2694
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2011-2694
Please Login to view more intelligence information
- https://bugzilla.redhat.com/show_bug.cgi?id=722537x_refsource_CONFIRM
- https://bugzilla.samba.org/show_bug.cgi?id=8289x_refsource_CONFIRM
- http://www.samba.org/samba/security/CVE-2011-2694x_refsource_CONFIRM
- http://samba.org/samba/history/samba-3.5.10.htmlx_refsource_CONFIRM
- http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543vendor-advisoryx_refsource_HP
- https://nvd.nist.gov/vuln/detail/CVE-2011-2694
Same Patch Batch · n/a · 2011-07-29 · 11 CVEs total
| CVE-2011-2400 | HP SiteScope跨站脚本攻击漏洞 | |
| CVE-2011-2401 | HP SiteScope会话固定漏洞 | |
| CVE-2011-2522 | Samba SWAT跨站请求伪造漏洞 | |
| CVE-2011-2697 | HP Linux Imaging和Printing foomatic-rip-hplip任意代码执行漏洞 | |
| CVE-2011-2964 | LinuxFoundation Foomatic foomatic-filters foomatic-rip foomaticrip.c任意代码执行漏洞 | |
| CVE-2011-2959 | 7-Technologies Interactive Graphical SCADA System栈缓冲区溢出漏洞 | |
| CVE-2011-2960 | Sunwayland ForceControl httpsvr.exe堆缓冲区溢出漏洞 | |
| CVE-2011-2961 | Sunwayland pNetPower AngelServer.exe堆缓冲区溢出漏洞 | |
| CVE-2011-2962 | Invensys Wonderware Information Server多个栈缓冲区溢出漏洞 | |
| CVE-2011-2963 | Progea Movicon TCPUploadServer.exe授权问题漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2011-2694
No comments yet