10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.964 High
EPSS
Percentile
99.6%
Samba fails to properly handle malformed MS-RPC packets. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code.
Samba is a widely used open-source implementation of Server Message Block (SMB)/Common Internet File System (CIFS). Network Data Representation (NDR) is the scheme to encode MS-RPC data for transport. Samba fails to properly validate MS-RPC packets. Specifically, Samba’s NDR functions do not properly validate arguments supplied to memory allocation routines. This results in a buffer of insufficient size being allocated. When data is copied to this buffer, a heap-based buffer overflow may occur.
More information is available in Samba’s Security Announcement.
A remote attacker may be able to execute arbitrary code.
Apply a patch or upgrade
These vulnerabilities are addressed in Samba version 3.0.25. In addition, patches are available to address this vulnerability in Samba version 3.0.24. Refer to the Samba Security Releases website for more information.
Administrators who get Samba from their operating system vendor should see the systems affected portion of this document for a list of affected vendors.
773720
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: May 14, 2007 Updated: July 30, 2007
Affected
These problems have been fixed in Debian GNU/Linux 4.0 with version 3.0.24-6etch1 via Debian Security Advisory 1291 as in
<<http://www.debian.org/security/2007/dsa-1291>>
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 15, 2007
Affected
This issue affected the Samba package as shipped with Red Hat Enterprise Linux 2.1, 4, 4, and 5. Updated packages to correct this issue are available along with our advisories at the URLs below and via Red Hat Network.
<http://rhn.redhat.com/errata/RHSA-2007-0354.html>
The vendor has not provided us with any further information regarding this vulnerability.
Updated: May 14, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to <http://samba.org/samba/security/CVE-2007-2446.html>.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23773720 Feedback>).
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 14, 2007 Updated: May 14, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
View all 42 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was reported by the Samba Team. Samba, in turn credits Brian Schafer of TippingPoint.
This document was written by Jeff Gennari.
CVE IDs: | CVE-2007-2446 |
---|---|
Severity Metric: | 7.65 Date Public: |
docs.info.apple.com/article.html?artnum=306172
samba.org/samba/history/security.html
samba.org/samba/security/CVE-2007-2446.html
secunia.com/advisories/25232/
sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
www.iss.net/threats/266.html
www.samba.org/samba/history/samba-3.0.25.html
www.zerodayinitiative.com/advisories/ZDI-07-029.html
www.zerodayinitiative.com/advisories/ZDI-07-030.html
www.zerodayinitiative.com/advisories/ZDI-07-031.html
www.zerodayinitiative.com/advisories/ZDI-07-032.html
www.zerodayinitiative.com/advisories/ZDI-07-033.html