CVE-2007-2447

2007-05-1400:00:00

ubuntu.com

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.751 High

EPSS

Percentile

98.1%

JSON

The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows
remote attackers to execute arbitrary commands via shell metacharacters
involving the (1) SamrChangePassword function, when the “username map
script” smb.conf option is enabled, and allows remote authenticated users
to execute commands via shell metacharacters involving other MS-RPC
functions in the (2) remote printer and (3) file share management.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchsamba< 3.0.22-1ubuntu3.3UNKNOWN
ubuntu6.10noarchsamba< 3.0.22-1ubuntu4.2UNKNOWN
ubuntu7.04noarchsamba< 3.0.24-2ubuntu1.2UNKNOWN