Lucene search
Ubuntu.comUB:CVE-2007-4138HistorySep 14, 2007 - 12:00 a.m.
CVE-2007-4138
2007-09-1400:00:00
ubuntu.com
ubuntu.com
14
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
12.0%
The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in
Samba 3.0.25 through 3.0.25c, when the βwinbind nss infoβ option is set to
rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1)
RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not
defined.
Notes
| Author | Note |
|---|---|
| jdstrand | affects only Samba 3.0.25 - 3.0.25c (inclusive) |
Related
openvas
openvas
Samba 3.0.25 <= 3.0.25c Vulnerability (CVE-2007-4138)
2021-09-24 00:00:00
FreeBSD Ports: samba
2008-09-04 00:00:00
Fedora Update for samba FEDORA-2007-2145
2009-02-27 00:00:00
samba
samba
Incorrect primary group assignment for
2007-09-11 00:00:00
cve
cve
CVE-2007-4138
2007-09-14 01:17:00
securityvulns
securityvulns
prion
prion
Code injection
2007-09-14 01:17:00
debiancve
debiancve
CVE-2007-4138
2007-09-14 01:17:00
freebsd
freebsd
samba -- nss_info plugin privilege escalation vulnerability
2007-09-11 00:00:00
nessus
nessus
Samba idmap_ad.so Winbind nss_info Extension Local Privilege Escalation
2011-11-18 00:00:00
FreeBSD : samba -- nss_info plugin privilege escalation vulnerability (2bc96f18-683f-11dc-82b6-02e0185f8d72)
2007-09-24 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 : samba (SSA:2007-255-02)
2007-09-14 00:00:00
seebug
seebug
Samba NSS_Infoζδ»Άζ¬ε°ζιζεζΌζ΄
2007-09-12 00:00:00
slackware
slackware
[slackware-security] samba
2007-09-12 21:56:57
altlinux
altlinux
Security fix for the ALT Linux 5 package samba version 3.0.26a-alt1
2007-09-11 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:17:28
fedora
fedora
[SECURITY] Fedora 7 Update: samba-3.0.26a-0.fc7
2007-09-12 16:45:15
redhat
redhat
(RHSA-2007:1016) Critical: samba security update
2007-11-15 00:00:00
(RHSA-2007:1017) Critical: samba security update
2007-11-15 00:00:00
oraclelinux
oraclelinux
Critical: samba security update
2007-12-04 00:00:00
Critical: samba security update
2007-11-23 00:00:00
centos
centos
samba security update
2007-11-15 18:56:31
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
12.0%
Related for UB:CVE-2007-4138