Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2007-0454
HistoryFeb 06, 2007 - 2:28 a.m.

CVE-2007-0454

2007-02-0602:28:00
CWE-134
[email protected]
web.nvd.nist.gov
3

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.7%

JSON

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.

Affected configurations

NVD
Node
sambasambaMatch3.0.6
OR
sambasambaMatch3.0.7
OR
sambasambaMatch3.0.8
OR
sambasambaMatch3.0.9
OR
sambasambaMatch3.0.10
OR
sambasambaMatch3.0.11
OR
sambasambaMatch3.0.12
OR
sambasambaMatch3.0.13
OR
sambasambaMatch3.0.14
OR
sambasambaMatch3.0.14a
OR
sambasambaMatch3.0.20
OR
sambasambaMatch3.0.20a
OR
sambasambaMatch3.0.20b
OR
sambasambaMatch3.0.21
OR
sambasambaMatch3.0.21a
OR
sambasambaMatch3.0.21b
OR
sambasambaMatch3.0.21c
OR
sambasambaMatch3.0.22
OR
sambasambaMatch3.0.23d
Node
debiandebian_linuxMatch3.0
OR
debiandebian_linuxMatch3.0alpha
OR
debiandebian_linuxMatch3.0arm
OR
debiandebian_linuxMatch3.0hppa
OR
debiandebian_linuxMatch3.0ia-32
OR
debiandebian_linuxMatch3.0ia-64
OR
debiandebian_linuxMatch3.0m68k
OR
debiandebian_linuxMatch3.0mips
OR
debiandebian_linuxMatch3.0mipsel
OR
debiandebian_linuxMatch3.0ppc
OR
debiandebian_linuxMatch3.0s-390
OR
debiandebian_linuxMatch3.0sparc
OR
debiandebian_linuxMatch3.1
OR
debiandebian_linuxMatch3.1alpha
OR
debiandebian_linuxMatch3.1amd64
OR
debiandebian_linuxMatch3.1arm
OR
debiandebian_linuxMatch3.1hppa
OR
debiandebian_linuxMatch3.1ia-32
OR
debiandebian_linuxMatch3.1ia-64
OR
debiandebian_linuxMatch3.1m68k
OR
debiandebian_linuxMatch3.1mips
OR
debiandebian_linuxMatch3.1mipsel
OR
debiandebian_linuxMatch3.1ppc
OR
debiandebian_linuxMatch3.1s-390
OR
debiandebian_linuxMatch3.1sparc
OR
mandrakesoftmandrake_linuxMatch2006
OR
mandrakesoftmandrake_linuxMatch2006x86_64
OR
mandrakesoftmandrake_linux_corporate_serverMatch3.0
OR
mandrakesoftmandrake_linux_corporate_serverMatch3.0x86_64
OR
mandrakesoftmandrake_linux_corporate_serverMatch4.0
OR
mandrakesoftmandrake_linux_corporate_serverMatch4.0x86_64
OR
mandrakesoftmandrake_linuxsoft_2007
OR
mandrakesoftmandrake_linuxsoft_2007x86_64

References

Related

nessus 7
debiancve 1
ubuntucve 1
securityvulns 2
openvas 14
redhatcve 1
cert 1
seebug 1
samba 1
cvelist 1
cve 1
freebsd 1
prion 1
gentoo 1
osv 1
debian 1
ubuntu 1
slackware 1
suse 1
nessus
nessus
FreeBSD : samba -- format string bug in afsacl.so VFS plugin (57ae52f7-b9cc-11db-bf0f-0013720b182d)
2007-03-16 00:00:00
GLSA-200702-01 : Samba: Multiple vulnerabilities
2007-02-15 00:00:00
Debian DSA-1257-1 : samba - several vulnerabilities
2007-02-09 00:00:00
debiancve
debiancve
CVE-2007-0454
2007-02-06 02:28:00
ubuntucve
ubuntucve
CVE-2007-0454
2007-02-06 00:00:00
securityvulns
securityvulns
[SAMBA-SECURITY] CVE-2007-0454: Format string bug in afsacl.so VFS plugin
2007-02-05 00:00:00
Samba file server multiple security vulnerabilities
2007-02-05 00:00:00
openvas
openvas
FreeBSD Ports: samba, ja-samba
2008-09-04 00:00:00
FreeBSD Ports: samba, ja-samba
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200702-01 (samba)
2008-09-24 00:00:00
redhatcve
redhatcve
CVE-2007-0454
2015-10-30 09:23:24
cert
cert
Samba AFS ACL mapping VFS plug-in format string vulnerability
2007-02-07 00:00:00
seebug
seebug
SambaๆœๅŠกๅ™จVFSๆ’ไปถafsacl.so่ฟœ็จ‹ๆ ผๅผไธฒๅค„็†ๆผๆดž
2007-02-07 00:00:00
samba
samba
Format string bug in afsacl.so VFS plugin.
2007-02-05 00:00:00
cvelist
cvelist
CVE-2007-0454
2007-02-06 02:00:00
cve
cve
CVE-2007-0454
2007-02-06 02:28:00
freebsd
freebsd
samba -- format string bug in afsacl.so VFS plugin
2007-02-05 00:00:00
prion
prion
Format string
2007-02-06 02:28:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2007-02-13 00:00:00
osv
osv
samba
2007-02-05 00:00:00
debian
debian
[SECURITY] [DSA 1257-1] New samba packages fix several vulnerabilities
2007-02-05 18:41:02
ubuntu
ubuntu
Samba vulnerabilities
2007-02-06 00:00:00
slackware
slackware
[slackware-security] samba
2007-02-07 21:58:37
suse
suse
remote denial of service in samba
2007-02-15 17:07:18

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.7%

JSON
Related for NVD:CVE-2007-0454
nessus7debiancve1ubuntucve1securityvulns2openvas14redhatcve1cert1seebug1samba1cvelist1cve1freebsd1prion1gentoo1osv1debian1ubuntu1slackware1suse1