CVE-2007-0453 - OpenCVE

Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Samba	Samba

Configuration 1 [-]

OR	cpe:2.3:a:samba:samba:3.0.21:::::::*
	cpe:2.3:a:samba:samba:3.0.21a:::::::*
	cpe:2.3:a:samba:samba:3.0.21b:::::::*
	cpe:2.3:a:samba:samba:3.0.21c:::::::*
	cpe:2.3:a:samba:samba:3.0.22:::::::*
	cpe:2.3:a:samba:samba:3.0.23:::::::*
	cpe:2.3:a:samba:samba:3.0.23a:::::::*
	cpe:2.3:a:samba:samba:3.0.23b:::::::*
	cpe:2.3:a:samba:samba:3.0.23c:::::::*
	cpe:2.3:a:samba:samba:3.0.23d:::::::*

No data.

References

Link	Providers
http://osvdb.org/33098
http://secunia.com/advisories/24043
http://secunia.com/advisories/24101
http://secunia.com/advisories/24151
http://securitytracker.com/id?1017589
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
http://us1.samba.org/samba/security/CVE-2007-0453.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://www.securityfocus.com/archive/1/459168/100/0/threaded
http://www.securityfocus.com/archive/1/459365/100/0/threaded
http://www.securityfocus.com/bid/22410
http://www.trustix.org/errata/2007/0007
http://www.vupen.com/english/advisories/2007/0483
https://exchange.xforce.ibmcloud.com/vulnerabilities/32231
https://issues.rpath.com/browse/RPL-1005

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2007-02-06T02:00:00

Updated: 2024-08-07T12:19:30.504Z

Reserved: 2007-01-23T00:00:00

Link: CVE-2007-0453

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-02-06T02:28:00.000

Modified: 2018-10-16T16:32:49.450

Link: CVE-2007-0453

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-02-05T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "24101", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24101"}, {"name": "33098", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/33098"}, {"name": "20070207 rPSA-2007-0026-1 samba samba-swat", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/459365/100/0/threaded"}, {"name": "OpenPKG-SA-2007.012", "tags": ["vendor-advisory", "x_refsource_OPENPKG"], "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"}, {"name": "samba-winbind-bo(32231)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32231"}, {"name": "24151", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24151"}, {"name": "ADV-2007-0483", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0483"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-1005"}, {"name": "1017589", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017589"}, {"name": "20070205 [SAMBA-SECURITY] CVE-2007-0453: Buffer overrun in nss_winbind.so.1 on Solaris", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/459168/100/0/threaded"}, {"name": "22410", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22410"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://us1.samba.org/samba/security/CVE-2007-0453.html"}, {"name": "2007-0007", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2007/0007"}, {"name": "SSA:2007-038-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916"}, {"name": "24043", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24043"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:19:30.504Z"}, "title": "CVE Program Container", "references": [{"name": "24101", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24101"}, {"name": "33098", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/33098"}, {"name": "20070207 rPSA-2007-0026-1 samba samba-swat", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/459365/100/0/threaded"}, {"name": "OpenPKG-SA-2007.012", "tags": ["vendor-advisory", "x_refsource_OPENPKG", "x_transferred"], "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"}, {"name": "samba-winbind-bo(32231)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32231"}, {"name": "24151", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24151"}, {"name": "ADV-2007-0483", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0483"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-1005"}, {"name": "1017589", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017589"}, {"name": "20070205 [SAMBA-SECURITY] CVE-2007-0453: Buffer overrun in nss_winbind.so.1 on Solaris", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/459168/100/0/threaded"}, {"name": "22410", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22410"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://us1.samba.org/samba/security/CVE-2007-0453.html"}, {"name": "2007-0007", "tags": ["vendor-advisory", "x_refsource_TRUSTIX", "x_transferred"], "url": "http://www.trustix.org/errata/2007/0007"}, {"name": "SSA:2007-038-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916"}, {"name": "24043", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24043"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-0453", "datePublished": "2007-02-06T02:00:00", "dateReserved": "2007-01-23T00:00:00", "dateUpdated": "2024-08-07T12:19:30.504Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "0B918306-8743-404D-A035-CC3997ADCC3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*", "matchCriteriaId": "43684906-D3AA-40FB-A75D-ED65C1DC9BB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*", "matchCriteriaId": "62E39538-4811-49DB-97CF-1F018C58BAE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*", "matchCriteriaId": "C85D69FE-AF43-4B0E-A7A9-2D2C16426180", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "86347948-C08F-4F02-89A0-4F4A55CD4BA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "A908DA9D-A8BD-46BA-A71F-BFDEC0A1341E", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*", "matchCriteriaId": "7CA7905C-51A0-4A56-A6A5-330288613055", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*", "matchCriteriaId": "4AE85033-0658-4D60-8C7A-6E2BD63AFDCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*", "matchCriteriaId": "4600AAA4-834D-4F63-8E9A-88CB555C029E", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*", "matchCriteriaId": "54FE8D2E-AF0D-4C84-A5BC-2CE6759B534C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en la librer\u00eda nss_winbind.so.1 de Samba 3.0.21 hasta 3.0.23d, como se usa en el demonio winbindd de Solaris, permite a los atacantes ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de las funciones (1) gethostbyame y (2) getipnodebyname."}], "id": "CVE-2007-0453", "lastModified": "2018-10-16T16:32:49.450", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-02-06T02:28:00.000", "references": [{"source": "secalert@redhat.com", "url": "http://osvdb.org/33098"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/24043"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/24101"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/24151"}, {"source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1017589"}, {"source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916"}, {"source": "secalert@redhat.com", "url": "http://us1.samba.org/samba/security/CVE-2007-0453.html"}, {"source": "secalert@redhat.com", "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/459168/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/459365/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/22410"}, {"source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2007/0007"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/0483"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32231"}, {"source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-1005"}], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [{"comment": "Not vulnerable. These issues did not affect Linux versions of Samba.", "lastModified": "2007-05-14T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}