CVE-2007-2447 - Vulnerability Details

The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Enterprise Linux
Samba	Samba

Configuration 1 [-]

OR	cpe:2.3:a:samba:samba:3.0.0:::::::*
	cpe:2.3:a:samba:samba:3.0.1:::::::*
	cpe:2.3:a:samba:samba:3.0.2:::::::*
	cpe:2.3:a:samba:samba:3.0.2a:::::::*
	cpe:2.3:a:samba:samba:3.0.3:::::::*
	cpe:2.3:a:samba:samba:3.0.4:::::::*
	cpe:2.3:a:samba:samba:3.0.4:rc1::::::
	cpe:2.3:a:samba:samba:3.0.5:::::::*
	cpe:2.3:a:samba:samba:3.0.6:::::::*
	cpe:2.3:a:samba:samba:3.0.7:::::::*
	cpe:2.3:a:samba:samba:3.0.8:::::::*
	cpe:2.3:a:samba:samba:3.0.9:::::::*
	cpe:2.3:a:samba:samba:3.0.10:::::::*
	cpe:2.3:a:samba:samba:3.0.11:::::::*
	cpe:2.3:a:samba:samba:3.0.12:::::::*
	cpe:2.3:a:samba:samba:3.0.13:::::::*
	cpe:2.3:a:samba:samba:3.0.14:::::::*
	cpe:2.3:a:samba:samba:3.0.14a:::::::*
	cpe:2.3:a:samba:samba:3.0.15:::::::*
	cpe:2.3:a:samba:samba:3.0.16:::::::*
	cpe:2.3:a:samba:samba:3.0.17:::::::*
	cpe:2.3:a:samba:samba:3.0.18:::::::*
	cpe:2.3:a:samba:samba:3.0.19:::::::*
	cpe:2.3:a:samba:samba:3.0.20:::::::*
	cpe:2.3:a:samba:samba:3.0.20a:::::::*
	cpe:2.3:a:samba:samba:3.0.20b:::::::*
	cpe:2.3:a:samba:samba:3.0.21:::::::*
	cpe:2.3:a:samba:samba:3.0.21a:::::::*
	cpe:2.3:a:samba:samba:3.0.21b:::::::*
	cpe:2.3:a:samba:samba:3.0.21c:::::::*
	cpe:2.3:a:samba:samba:3.0.22:::::::*
	cpe:2.3:a:samba:samba:3.0.23:::::::*
	cpe:2.3:a:samba:samba:3.0.23a:::::::*
	cpe:2.3:a:samba:samba:3.0.23b:::::::*
	cpe:2.3:a:samba:samba:3.0.23c:::::::*
	cpe:2.3:a:samba:samba:3.0.23d:::::::*
	cpe:2.3:a:samba:samba:3.0.24:::::::*
	cpe:2.3:a:samba:samba:3.0.25:pre1::::::
	cpe:2.3:a:samba:samba:3.0.25:pre2::::::
	cpe:2.3:a:samba:samba:3.0.25:rc1::::::
	cpe:2.3:a:samba:samba:3.0.25:rc2::::::
	cpe:2.3:a:samba:samba:3.0.25:rc3::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 2.1
samba-0:2.2.12-1.21as.6	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2007:0354	2007-05-14T00:00:00Z
Red Hat Enterprise Linux 3
samba-0:3.0.9-1.3E.13.2	cpe:/o:redhat:enterprise_linux:3	RHSA-2007:0354	2007-05-14T00:00:00Z
Red Hat Enterprise Linux 4
samba-0:3.0.10-1.4E.12.2	cpe:/o:redhat:enterprise_linux:4	RHSA-2007:0354	2007-05-14T00:00:00Z
Red Hat Enterprise Linux 5
samba-0:3.0.23c-2.el5.2.0.2	cpe:/o:redhat:enterprise_linux:5	RHSA-2007:0354	2007-05-14T00:00:00Z

References

Link	Providers
http://docs.info.apple.com/article.html?artnum=306172
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
http://secunia.com/advisories/25232
http://secunia.com/advisories/25241
http://secunia.com/advisories/25246
http://secunia.com/advisories/25251
http://secunia.com/advisories/25255
http://secunia.com/advisories/25256
http://secunia.com/advisories/25257
http://secunia.com/advisories/25259
http://secunia.com/advisories/25270
http://secunia.com/advisories/25289
http://secunia.com/advisories/25567
http://secunia.com/advisories/25675
http://secunia.com/advisories/25772
http://secunia.com/advisories/26083
http://secunia.com/advisories/26235
http://secunia.com/advisories/26909
http://secunia.com/advisories/27706
http://secunia.com/advisories/28292
http://security.gentoo.org/glsa/glsa-200705-15.xml
http://securityreason.com/securityalert/2700
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
http://www.debian.org/security/2007/dsa-1291
http://www.kb.cert.org/vuls/id/268336
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
http://www.novell.com/linux/security/advisories/2007_14_sr.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://www.osvdb.org/34700
http://www.redhat.com/support/errata/RHSA-2007-0354.html
http://www.samba.org/samba/security/CVE-2007-2447.html
http://www.securityfocus.com/archive/1/468565/100/0/threaded
http://www.securityfocus.com/archive/1/468670/100/0/threaded
http://www.securityfocus.com/bid/23972
http://www.securityfocus.com/bid/25159
http://www.securitytracker.com/id?1018051
http://www.trustix.org/errata/2007/0017/
http://www.ubuntu.com/usn/usn-460-1
http://www.vupen.com/english/advisories/2007/1805
http://www.vupen.com/english/advisories/2007/2079
http://www.vupen.com/english/advisories/2007/2210
http://www.vupen.com/english/advisories/2007/2281
http://www.vupen.com/english/advisories/2007/2732
http://www.vupen.com/english/advisories/2007/3229
http://www.vupen.com/english/advisories/2008/0050
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf
https://issues.rpath.com/browse/RPL-1366
https://nvd.nist.gov/vuln/detail/CVE-2007-2447
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062
https://www.cve.org/CVERecord?id=CVE-2007-2447

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2007-05-14T21:00:00

Updated: 2024-08-07T13:42:32.951Z

Reserved: 2007-05-02T00:00:00

Link: CVE-2007-2447

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-05-14T21:19:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-2447

Redhat

Severity : Important

Publid Date: 2007-05-14T00:00:00Z

Links: CVE-2007-2447 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-05-13T00:00:00", "descriptions": [{"lang": "en", "value": "The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the \"username map script\" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "GLSA-200705-15", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200705-15.xml"}, {"name": "25289", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25289"}, {"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "oval:org.mitre.oval:def:10062", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf"}, {"name": "ADV-2007-2732", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"name": "ADV-2007-1805", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1805"}, {"name": "26083", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26083"}, {"name": "ADV-2007-3229", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"name": "25772", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25772"}, {"name": "HPSBUX02218", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768"}, {"name": "20070513 [SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/468565/100/0/threaded"}, {"name": "OpenPKG-SA-2007.012", "tags": ["vendor-advisory", "x_refsource_OPENPKG"], "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"}, {"name": "25257", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25257"}, {"name": "VU#268336", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/268336"}, {"name": "23972", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23972"}, {"name": "SUSE-SA:2007:031", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html"}, {"name": "25270", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25270"}, {"name": "20070515 FLEA-2007-0017-1: samba", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/468670/100/0/threaded"}, {"name": "SUSE-SR:2007:014", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"}, {"name": "APPLE-SA-2007-07-31", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"name": "ADV-2007-2281", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2281"}, {"name": "ADV-2007-2210", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2210"}, {"name": "HPSBTU02218", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980"}, {"name": "2007-0017", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2007/0017/"}, {"name": "USN-460-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-460-1"}, {"name": "25567", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25567"}, {"name": "25241", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25241"}, {"name": "28292", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28292"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.samba.org/samba/security/CVE-2007-2447.html"}, {"name": "MDKSA-2007:104", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:104"}, {"name": "25256", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25256"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-1366"}, {"name": "25259", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25259"}, {"name": "SSA:2007-134-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906"}, {"name": "34700", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/34700"}, {"name": "102964", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1"}, {"name": "20070514 Samba SAMR Change Password Remote Command Injection Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534"}, {"name": "26909", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26909"}, {"name": "SSRT071424", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768"}, {"name": "ADV-2008-0050", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0050"}, {"name": "27706", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27706"}, {"name": "DSA-1291", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1291"}, {"name": "1018051", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018051"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"name": "2700", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/2700"}, {"name": "25232", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25232"}, {"name": "25251", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25251"}, {"name": "200588", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1"}, {"name": "25246", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25246"}, {"name": "25159", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25159"}, {"name": "25255", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25255"}, {"name": "RHSA-2007:0354", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0354.html"}, {"name": "26235", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26235"}, {"name": "25675", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25675"}, {"name": "ADV-2007-2079", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2079"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2007-2447", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the \"username map script\" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-200705-15", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200705-15.xml"}, {"name": "25289", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25289"}, {"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "oval:org.mitre.oval:def:10062", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062"}, {"name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf", "refsource": "CONFIRM", "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf"}, {"name": "ADV-2007-2732", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"name": "ADV-2007-1805", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1805"}, {"name": "26083", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26083"}, {"name": "ADV-2007-3229", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"name": "25772", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25772"}, {"name": "HPSBUX02218", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768"}, {"name": "20070513 [SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/468565/100/0/threaded"}, {"name": "OpenPKG-SA-2007.012", "refsource": "OPENPKG", "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"}, {"name": "25257", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25257"}, {"name": "VU#268336", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/268336"}, {"name": "23972", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23972"}, {"name": "SUSE-SA:2007:031", "refsource": "SUSE", "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html"}, {"name": "25270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25270"}, {"name": "20070515 FLEA-2007-0017-1: samba", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/468670/100/0/threaded"}, {"name": "SUSE-SR:2007:014", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"}, {"name": "APPLE-SA-2007-07-31", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"name": "ADV-2007-2281", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2281"}, {"name": "ADV-2007-2210", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2210"}, {"name": "HPSBTU02218", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980"}, {"name": "2007-0017", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2007/0017/"}, {"name": "USN-460-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-460-1"}, {"name": "25567", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25567"}, {"name": "25241", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25241"}, {"name": "28292", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28292"}, {"name": "http://www.samba.org/samba/security/CVE-2007-2447.html", "refsource": "CONFIRM", "url": "http://www.samba.org/samba/security/CVE-2007-2447.html"}, {"name": "MDKSA-2007:104", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:104"}, {"name": "25256", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25256"}, {"name": "https://issues.rpath.com/browse/RPL-1366", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1366"}, {"name": "25259", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25259"}, {"name": "SSA:2007-134-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906"}, {"name": "34700", "refsource": "OSVDB", "url": "http://www.osvdb.org/34700"}, {"name": "102964", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1"}, {"name": "20070514 Samba SAMR Change Password Remote Command Injection Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534"}, {"name": "26909", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26909"}, {"name": "SSRT071424", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768"}, {"name": "ADV-2008-0050", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0050"}, {"name": "27706", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27706"}, {"name": "DSA-1291", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1291"}, {"name": "1018051", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018051"}, {"name": "http://docs.info.apple.com/article.html?artnum=306172", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"name": "2700", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2700"}, {"name": "25232", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25232"}, {"name": "25251", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25251"}, {"name": "200588", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1"}, {"name": "25246", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25246"}, {"name": "25159", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25159"}, {"name": "25255", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25255"}, {"name": "RHSA-2007:0354", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0354.html"}, {"name": "26235", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26235"}, {"name": "25675", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25675"}, {"name": "ADV-2007-2079", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2079"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:42:32.951Z"}, "title": "CVE Program Container", "references": [{"name": "GLSA-200705-15", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200705-15.xml"}, {"name": "25289", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25289"}, {"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "oval:org.mitre.oval:def:10062", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf"}, {"name": "ADV-2007-2732", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"name": "ADV-2007-1805", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1805"}, {"name": "26083", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26083"}, {"name": "ADV-2007-3229", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"name": "25772", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25772"}, {"name": "HPSBUX02218", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768"}, {"name": "20070513 [SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/468565/100/0/threaded"}, {"name": "OpenPKG-SA-2007.012", "tags": ["vendor-advisory", "x_refsource_OPENPKG", "x_transferred"], "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"}, {"name": "25257", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25257"}, {"name": "VU#268336", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/268336"}, {"name": "23972", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23972"}, {"name": "SUSE-SA:2007:031", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html"}, {"name": "25270", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25270"}, {"name": "20070515 FLEA-2007-0017-1: samba", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/468670/100/0/threaded"}, {"name": "SUSE-SR:2007:014", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"}, {"name": "APPLE-SA-2007-07-31", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"name": "ADV-2007-2281", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2281"}, {"name": "ADV-2007-2210", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2210"}, {"name": "HPSBTU02218", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980"}, {"name": "2007-0017", "tags": ["vendor-advisory", "x_refsource_TRUSTIX", "x_transferred"], "url": "http://www.trustix.org/errata/2007/0017/"}, {"name": "USN-460-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-460-1"}, {"name": "25567", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25567"}, {"name": "25241", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25241"}, {"name": "28292", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28292"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.samba.org/samba/security/CVE-2007-2447.html"}, {"name": "MDKSA-2007:104", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:104"}, {"name": "25256", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25256"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-1366"}, {"name": "25259", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25259"}, {"name": "SSA:2007-134-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906"}, {"name": "34700", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/34700"}, {"name": "102964", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1"}, {"name": "20070514 Samba SAMR Change Password Remote Command Injection Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534"}, {"name": "26909", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26909"}, {"name": "SSRT071424", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768"}, {"name": "ADV-2008-0050", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0050"}, {"name": "27706", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27706"}, {"name": "DSA-1291", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1291"}, {"name": "1018051", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018051"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"name": "2700", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/2700"}, {"name": "25232", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25232"}, {"name": "25251", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25251"}, {"name": "200588", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1"}, {"name": "25246", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25246"}, {"name": "25159", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25159"}, {"name": "25255", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25255"}, {"name": "RHSA-2007:0354", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0354.html"}, {"name": "26235", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26235"}, {"name": "25675", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25675"}, {"name": "ADV-2007-2079", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2079"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-2447", "datePublished": "2007-05-14T21:00:00", "dateReserved": "2007-05-02T00:00:00", "dateUpdated": "2024-08-07T13:42:32.951Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F84FB25B-5EA5-48DC-B528-E8CCF714C919", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "216145B7-4716-42F7-90DC-03884ECB2271", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "898968E5-577E-4B86-A804-EBEC67157A61", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*", "matchCriteriaId": "920EF846-41D1-429D-AF0F-3D7950F93069", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "8016DC4F-F410-4401-BDCC-91BE0D44D028", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DC94A2CF-85DF-4BB5-8F78-470A3454C3CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "632D2489-3B5E-466E-A6DF-1EF00303869B", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "9FC116E5-B739-4E18-AA51-FFF59EBCA08F", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "3D40F682-9F2E-465F-98F7-23E1036C74A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "9478CC84-802F-4960-ACAB-3700154E813F", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "5BEA3806-E33A-49A6-99A4-095B4E543C43", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "AA7D08FB-30B9-4E42-B831-21A0C095062C", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "13E6C8A4-FA17-44EF-A447-C73108540B59", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "57D5EA00-CC2E-4E56-8297-A3C1CEDBBE06", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "50E05AD3-C7F0-421D-8C9B-604E553332E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "3A53517C-F12D-4D74-A722-5AE23598CEC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "2BF4A0A7-E176-4009-BAA2-E23B330D91A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*", "matchCriteriaId": "42EB6115-CC45-4464-8400-D7E3A9402803", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "58B06DAF-869F-481B-965D-70353581A6E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "FBF1A1D4-39DE-4227-A6E0-7E7817BDCCE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "84F0E277-09BD-4FA8-B2A3-7E83AD1656BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "9F260B05-3963-49BF-9D96-EB06722C5483", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "59A7E91B-7B13-47E5-B8E6-CE7D6DC490F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "F002F105-A911-4E56-8630-C287DC527E05", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*", "matchCriteriaId": "D1936E19-9887-4E53-AA0C-738ABD4B97EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*", "matchCriteriaId": "A2206C09-6A4B-4EC4-A206-E48EDF966913", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "0B918306-8743-404D-A035-CC3997ADCC3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*", "matchCriteriaId": "43684906-D3AA-40FB-A75D-ED65C1DC9BB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*", "matchCriteriaId": "62E39538-4811-49DB-97CF-1F018C58BAE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*", "matchCriteriaId": "C85D69FE-AF43-4B0E-A7A9-2D2C16426180", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "86347948-C08F-4F02-89A0-4F4A55CD4BA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "A908DA9D-A8BD-46BA-A71F-BFDEC0A1341E", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*", "matchCriteriaId": "7CA7905C-51A0-4A56-A6A5-330288613055", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*", "matchCriteriaId": "4AE85033-0658-4D60-8C7A-6E2BD63AFDCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*", "matchCriteriaId": "4600AAA4-834D-4F63-8E9A-88CB555C029E", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*", "matchCriteriaId": "54FE8D2E-AF0D-4C84-A5BC-2CE6759B534C", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*", "matchCriteriaId": "8BFA3B82-9440-49E1-8088-FA22C0B7DD88", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.25:pre1:*:*:*:*:*:*", "matchCriteriaId": "9F22FC74-5999-4158-A253-674BF1C21E2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*", "matchCriteriaId": "0EEB31C4-5352-4905-8D9E-BD754991F07E", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.25:rc1:*:*:*:*:*:*", "matchCriteriaId": "B0BE2AEC-6ACD-422C-AD20-6C034D68C891", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.25:rc2:*:*:*:*:*:*", "matchCriteriaId": "101163D7-D440-43CC-8704-A9614CD8CEE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.25:rc3:*:*:*:*:*:*", "matchCriteriaId": "F0E4811D-3387-4838-94A0-1BD7F3C9C3D5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the \"username map script\" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management."}, {"lang": "es", "value": "La funcionalidad MS-RPC en mbd en Samba 3.0.0 hasta la 3.0.25rc3 permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s del int\u00e9rprete de comandos (shell) de metacaracteres afectando a la (1) funci\u00f3n SamrChangePassword, cuando la opci\u00f3n \"secuencia de comandos del mapa del nombre de usuario\" smb.conf est\u00e1 activada, y permite a usuarios remotos validados ejecutar comandos a trav\u00e9s del int\u00e9rprete de comandos (shell) de metacaracteres afectando a otras funciones MS-RPC en la (2)impresora remota y (3)gesti\u00f3n de ficheros compartidos."}], "id": "CVE-2007-2447", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-05-14T21:19:00.000", "references": [{"source": "secalert@redhat.com", "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"source": "secalert@redhat.com", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768"}, {"source": "secalert@redhat.com", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768"}, {"source": "secalert@redhat.com", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980"}, {"source": "secalert@redhat.com", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534"}, {"source": "secalert@redhat.com", "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"source": "secalert@redhat.com", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"source": "secalert@redhat.com", "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25232"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25241"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25246"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25251"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25255"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25256"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25257"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25259"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25270"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25289"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25567"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25675"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25772"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26083"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26235"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26909"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/27706"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28292"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200705-15.xml"}, {"source": "secalert@redhat.com", "url": "http://securityreason.com/securityalert/2700"}, {"source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906"}, {"source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1"}, {"source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2007/dsa-1291"}, {"source": "secalert@redhat.com", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/268336"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:104"}, {"source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"}, {"source": "secalert@redhat.com", "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"}, {"source": "secalert@redhat.com", "url": "http://www.osvdb.org/34700"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-0354.html"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.samba.org/samba/security/CVE-2007-2447.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/468565/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/468670/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/23972"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/25159"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1018051"}, {"source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2007/0017/"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-460-1"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/1805"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2079"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2210"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2281"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/0050"}, {"source": "secalert@redhat.com", "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf"}, {"source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-1366"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25232"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25241"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25246"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25251"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25255"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25256"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25257"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25259"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25270"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25289"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25567"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25675"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25772"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26083"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26235"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26909"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27706"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28292"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200705-15.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/2700"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2007/dsa-1291"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/268336"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:104"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/34700"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0354.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.samba.org/samba/security/CVE-2007-2447.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/468565/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/468670/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/23972"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25159"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018051"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2007/0017/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-460-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1805"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2079"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2210"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2281"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0050"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1366"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Samba, TippingPoint, and iDefense for reporting this issue.", "affected_release": [{"advisory": "RHSA-2007:0354", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "package": "samba-0:2.2.12-1.21as.6", "product_name": "Red Hat Enterprise Linux 2.1", "release_date": "2007-05-14T00:00:00Z"}, {"advisory": "RHSA-2007:0354", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "samba-0:3.0.9-1.3E.13.2", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2007-05-14T00:00:00Z"}, {"advisory": "RHSA-2007:0354", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "samba-0:3.0.10-1.4E.12.2", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2007-05-14T00:00:00Z"}, {"advisory": "RHSA-2007:0354", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "samba-0:3.0.23c-2.el5.2.0.2", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2007-05-14T00:00:00Z"}], "bugzilla": {"description": "samba code injection", "id": "239774", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=239774"}, "csaw": false, "details": ["The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the \"username map script\" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management."], "name": "CVE-2007-2447", "public_date": "2007-05-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-2447\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-2447"], "threat_severity": "Important"}

Metrics

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object