Local SID/Name translation bug can result in user privilege elevation

ID SAMBA:CVE-2007-2444
Type samba
Reporter Samba
Modified 2007-05-14T00:00:00


When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a transition to the root user id rather than the non-root user. The user is then able to temporarily issue SMB/CIFS protocol operations as the root user. This window of opportunity may allow the attacker to establish additional means of gaining root access to the server.