FreeBSD : samba -- nss_info plugin privilege escalation vulnerability (2bc96f18-683f-11dc-82b6-02e0185f8d72)

The Samba development team reports : The idmapad.so library provides an nssinfo extension to Winbind for retrieving a user's home directory path, login shell and primary group id from an Active Directory domain controller. This functionality is enabled by defining the 'winbind nss info' smb.conf...

CVE-2007-4138

The Winbind nssinfo extension nsswitch/idmapad.c in idmapad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the 1 RFC2307 or 2 Services for UNIX SFU primary group attribute is not defined...

CVE-2007-4138

The Winbind nssinfo extension nsswitch/idmapad.c in idmapad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the 1 RFC2307 or 2 Services for UNIX SFU primary group attribute is not defined...

Samba NSS_Info插件本地权限提升漏洞

BUGTRAQ ID: 25636 CVECAN ID: CVE-2007-4138 Samba是一套实现SMB（Server Messages Block）协议、跨平台进行文件共享和打印共享服务的程序。 idmapad.so库中为Winbind提供了nssinfo扩展用于从活动目录域控制台检索用户的主目录路径、登录shell和主组id等，可通过将winbind nss info的smb.conf选项定义为sfu或rfc2307来启用这个功能。 Windows的Identity Management for Unix和Services for Unix...

samba -- nss_info plugin privilege escalation vulnerability

The Samba development team reports: The idmapad.so library provides an nssinfo extension to Winbind for retrieving a user's home directory path, login shell and primary group id from an Active Directory domain controller. This functionality is enabled by defining the "winbind nss info" smb.conf...