Lucene search

K

PRIOn knowledge basePRION:CVE-2007-2444

HistoryMay 14, 2007 - 9:19 p.m.

Code injection

2007-05-1421:19:00

PRIOn knowledge base

www.prio-n.com

4

6.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.529 Medium

EPSS

Percentile

97.5%

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

CPENameOperatorVersion
ubuntu_linuxeq7.04
ubuntu_linuxeq6.10
ubuntu_linuxeq6.06
debian_linuxeq5.0
debian_linuxeq4.0
sambaeq3.0.25 pre2
sambaeq3.0.24
sambaeq3.0.23100

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980

lists.suse.com/archive/suse-security-announce/2007-May/0006.html

osvdb.org/34698

secunia.com/advisories/25232

secunia.com/advisories/25241

secunia.com/advisories/25246

secunia.com/advisories/25251

secunia.com/advisories/25255

secunia.com/advisories/25256

secunia.com/advisories/25259

secunia.com/advisories/25270

secunia.com/advisories/25289

secunia.com/advisories/25675

secunia.com/advisories/25772

security.gentoo.org/glsa/glsa-200705-15.xml

securityreason.com/securityalert/2701

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906

sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1

sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1

www.debian.org/security/2007/dsa-1291

www.mandriva.com/security/advisories?name=MDKSA-2007:104

www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html

www.securityfocus.com/archive/1/468548/100/0/threaded

www.securityfocus.com/archive/1/468670/100/0/threaded

www.securityfocus.com/bid/23974

www.securitytracker.com/id?1018049

www.trustix.org/errata/2007/0017/

www.ubuntu.com/usn/usn-460-1

www.ubuntu.com/usn/usn-460-2

www.vupen.com/english/advisories/2007/1805

www.vupen.com/english/advisories/2007/2210

www.vupen.com/english/advisories/2007/2281

issues.rpath.com/browse/RPL-1366

www.samba.org/samba/security/CVE-2007-2444.html

6.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.529 Medium

EPSS

Percentile

97.5%

Related for PRION:CVE-2007-2444

ubuntucve1 samba1 openvas48 securityvulns2 cve1 nessus11 ubuntu2 debiancve1 fedora2 debian4 gentoo1 slackware1 suse1 osv1 altlinux1 freebsd1