Lucene search

K
nvd[email protected]NVD:CVE-2007-6015
HistoryDec 13, 2007 - 9:46 p.m.

CVE-2007-6015

2007-12-1321:46:00
CWE-119
web.nvd.nist.gov
16
stack-based buffer overflow
samba 3.0.0
remote code execution
getdc mailslot
samlogon logon

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.972

Percentile

99.9%

Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the β€œdomain logons” option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.

Affected configurations

Nvd
Node
sambasambaMatch2.0.1
OR
sambasambaMatch2.0.2
OR
sambasambaMatch2.0.3
OR
sambasambaMatch2.0.4
OR
sambasambaMatch2.0.5
OR
sambasambaMatch2.0.6
OR
sambasambaMatch2.0.7
OR
sambasambaMatch2.0.8
OR
sambasambaMatch2.0.9
OR
sambasambaMatch2.0.10
OR
sambasambaMatch2.2.0
OR
sambasambaMatch2.2.0a
OR
sambasambaMatch2.2.1a
OR
sambasambaMatch2.2.2
OR
sambasambaMatch2.2.3
OR
sambasambaMatch2.2.3a
OR
sambasambaMatch2.2.4
OR
sambasambaMatch2.2.5
OR
sambasambaMatch2.2.6
OR
sambasambaMatch2.2.7
OR
sambasambaMatch2.2.7a
OR
sambasambaMatch2.2.8
OR
sambasambaMatch2.2.8a
OR
sambasambaMatch2.2.9
OR
sambasambaMatch2.2.11
OR
sambasambaMatch2.2.12
OR
sambasambaMatch3.0.0
OR
sambasambaMatch3.0.1
OR
sambasambaMatch3.0.2
OR
sambasambaMatch3.0.2a
OR
sambasambaMatch3.0.10
OR
sambasambaMatch3.0.11
OR
sambasambaMatch3.0.12
OR
sambasambaMatch3.0.13
OR
sambasambaMatch3.0.14
OR
sambasambaMatch3.0.14a
OR
sambasambaMatch3.0.20
OR
sambasambaMatch3.0.20a
OR
sambasambaMatch3.0.20b
OR
sambasambaMatch3.0.21
OR
sambasambaMatch3.0.21a
OR
sambasambaMatch3.0.21b
OR
sambasambaMatch3.0.21c
OR
sambasambaMatch3.0.22
OR
sambasambaMatch3.0.23a
OR
sambasambaMatch3.0.23b
OR
sambasambaMatch3.0.23c
OR
sambasambaMatch3.0.23d
OR
sambasambaMatch3.0.24
OR
sambasambaMatch3.0.25
OR
sambasambaMatch3.0.25pre1
OR
sambasambaMatch3.0.25pre2
OR
sambasambaMatch3.0.25rc1
OR
sambasambaMatch3.0.25rc2
OR
sambasambaMatch3.0.25rc3
OR
sambasambaMatch3.0.25a
OR
sambasambaMatch3.0.25b
OR
sambasambaMatch3.0.25c
OR
sambasambaMatch3.0.26
OR
sambasambaMatch3.0.26a
OR
sambasambaMatch3.0.27
VendorProductVersionCPE
sambasamba2.0.1cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:*
sambasamba2.0.2cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:*
sambasamba2.0.3cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:*
sambasamba2.0.4cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:*
sambasamba2.0.5cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:*
sambasamba2.0.6cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:*
sambasamba2.0.7cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:*
sambasamba2.0.8cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:*
sambasamba2.0.9cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:*
sambasamba2.0.10cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:*
Rows per page:
1-10 of 611

References

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.972

Percentile

99.9%