CVE Vulnerability

CVE-2007-2447

The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.

6 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 6.8 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://www.samba.org/samba/security/CVE-2007-2447.html Patch Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534
https://issues.rpath.com/browse/RPL-1366
http://www.redhat.com/support/errata/RHSA-2007-0354.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
http://www.kb.cert.org/vuls/id/268336 US Government Resource
http://www.securityfocus.com/bid/23972
http://secunia.com/advisories/25241 Vendor Advisory
http://secunia.com/advisories/25246 Vendor Advisory
http://secunia.com/advisories/25256 Vendor Advisory
http://secunia.com/advisories/25257 Vendor Advisory
http://www.debian.org/security/2007/dsa-1291
http://security.gentoo.org/glsa/glsa-200705-15.xml
http://www.trustix.org/errata/2007/0017/
http://www.ubuntu.com/usn/usn-460-1
http://www.osvdb.org/34700
http://www.securitytracker.com/id?1018051
http://secunia.com/advisories/25232 Vendor Advisory
http://secunia.com/advisories/25251 Vendor Advisory
http://secunia.com/advisories/25270 Vendor Advisory
http://secunia.com/advisories/25259 Vendor Advisory
http://secunia.com/advisories/25255 Vendor Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
http://docs.info.apple.com/article.html?artnum=306172
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
http://www.novell.com/linux/security/advisories/2007_14_sr.html
http://www.securityfocus.com/bid/25159
http://secunia.com/advisories/25289
http://secunia.com/advisories/25567
http://secunia.com/advisories/25675
http://secunia.com/advisories/25772
http://secunia.com/advisories/26083
http://secunia.com/advisories/26235
http://secunia.com/advisories/26909
http://secunia.com/advisories/27706
http://securityreason.com/securityalert/2700
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf
http://secunia.com/advisories/28292
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
http://www.vupen.com/english/advisories/2007/2281
http://www.vupen.com/english/advisories/2007/3229
http://www.vupen.com/english/advisories/2007/2210
http://www.vupen.com/english/advisories/2007/1805
http://www.vupen.com/english/advisories/2007/2079
http://www.vupen.com/english/advisories/2007/2732
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
http://www.vupen.com/english/advisories/2008/0050
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062
http://www.securityfocus.com/archive/1/468670/100/0/threaded
http://www.securityfocus.com/archive/1/468565/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:rc1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:pre1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:rc3:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:rc2:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*
Information

Published : 2007-05-14 09:19

Updated : 2018-10-16 04:43

NVD link : CVE-2007-2447

Mitre link : CVE-2007-2447

Products Affected
No products.
CWE
NVD-CWE-Other