Lucene search

[email protected]NVD:CVE-2007-4572

HistoryNov 16, 2007 - 6:46 p.m.

CVE-2007-4572

2007-11-1618:46:00

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.059 Low

EPSS

Percentile

93.5%

JSON

Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.

Affected configurations

NVD

Node

sambasambaMatch3.0.0

sambasambaMatch3.0.1

sambasambaMatch3.0.2

sambasambaMatch3.0.2a

sambasambaMatch3.0.3

sambasambaMatch3.0.4

sambasambaMatch3.0.4rc1

sambasambaMatch3.0.5

sambasambaMatch3.0.6

sambasambaMatch3.0.7

sambasambaMatch3.0.8

sambasambaMatch3.0.9

sambasambaMatch3.0.10

sambasambaMatch3.0.11

sambasambaMatch3.0.12

sambasambaMatch3.0.13

sambasambaMatch3.0.14

sambasambaMatch3.0.14a

sambasambaMatch3.0.15

sambasambaMatch3.0.16

sambasambaMatch3.0.17

sambasambaMatch3.0.18

sambasambaMatch3.0.19

sambasambaMatch3.0.20

sambasambaMatch3.0.20a

sambasambaMatch3.0.20b

sambasambaMatch3.0.21

sambasambaMatch3.0.21a

sambasambaMatch3.0.21b

sambasambaMatch3.0.21c

sambasambaMatch3.0.22

sambasambaMatch3.0.23

sambasambaMatch3.0.23a

sambasambaMatch3.0.23b

sambasambaMatch3.0.23c

sambasambaMatch3.0.23d

sambasambaMatch3.0.24

sambasambaMatch3.0.25

sambasambaMatch3.0.25pre1

sambasambaMatch3.0.25pre2

sambasambaMatch3.0.25rc1

sambasambaMatch3.0.25rc2

sambasambaMatch3.0.25rc3

sambasambaMatch3.0.25a

sambasambaMatch3.0.25b

sambasambaMatch3.0.25c

sambasambaMatch3.0.26

sambasambaMatch3.0.26a

References

docs.info.apple.com/article.html?artnum=307179

lists.apple.com/archives/security-announce/2007/Dec/msg00002.html

lists.vmware.com/pipermail/security-announce/2008/000002.html

marc.info/?l=bugtraq&m=120524782005154&w=2

secunia.com/advisories/27450

secunia.com/advisories/27679

secunia.com/advisories/27682

secunia.com/advisories/27691

secunia.com/advisories/27701

secunia.com/advisories/27720

secunia.com/advisories/27731

secunia.com/advisories/27787

secunia.com/advisories/27927

secunia.com/advisories/28136

secunia.com/advisories/28368

secunia.com/advisories/29341

secunia.com/advisories/30484

secunia.com/advisories/30736

secunia.com/advisories/30835

securitytracker.com/id?1018954

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739

sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1

us1.samba.org/samba/security/CVE-2007-4572.html

www.debian.org/security/2007/dsa-1409

www.gentoo.org/security/en/glsa/glsa-200711-29.xml

www.mandriva.com/security/advisories?name=MDKSA-2007:224

www.novell.com/linux/security/advisories/2007_65_samba.html

www.redhat.com/support/errata/RHSA-2007-1013.html

www.redhat.com/support/errata/RHSA-2007-1016.html

www.redhat.com/support/errata/RHSA-2007-1017.html

www.securityfocus.com/archive/1/485936/100/0/threaded

www.securityfocus.com/archive/1/486859/100/0/threaded

www.securityfocus.com/bid/26454

www.ubuntu.com/usn/usn-544-2

www.ubuntu.com/usn/usn-617-1

www.us-cert.gov/cas/techalerts/TA07-352A.html

www.vmware.com/security/advisories/VMSA-2008-0001.html

www.vupen.com/english/advisories/2007/3869

www.vupen.com/english/advisories/2007/4238

www.vupen.com/english/advisories/2008/0064

www.vupen.com/english/advisories/2008/0859/references

www.vupen.com/english/advisories/2008/1712/references

www.vupen.com/english/advisories/2008/1908

www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657

exchange.xforce.ibmcloud.com/vulnerabilities/38501

issues.rpath.com/browse/RPL-1894

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643

usn.ubuntu.com/544-1/

www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.059 Low

EPSS

Percentile

93.5%

JSON

Related for NVD:CVE-2007-4572

ubuntucve1 debiancve1 securityvulns4 prion1 cvelist1 seebug1 veracode1 samba1 cve1 nessus32 openvas81 ubuntu4 debian3 osv3 gentoo1 fedora6 oraclelinux4 redhat4 freebsd1 suse1 centos5 slackware1 vmware2