CVE-2007-4572 - Vulnerability Details

Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.21484.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:samba:samba:3.0.0:::::::*
	cpe:2.3:a:samba:samba:3.0.1:::::::*
	cpe:2.3:a:samba:samba:3.0.2:::::::*
	cpe:2.3:a:samba:samba:3.0.2a:::::::*
	cpe:2.3:a:samba:samba:3.0.3:::::::*
	cpe:2.3:a:samba:samba:3.0.4:::::::*
	cpe:2.3:a:samba:samba:3.0.4:rc1::::::
	cpe:2.3:a:samba:samba:3.0.5:::::::*
	cpe:2.3:a:samba:samba:3.0.6:::::::*
	cpe:2.3:a:samba:samba:3.0.7:::::::*
	cpe:2.3:a:samba:samba:3.0.8:::::::*
	cpe:2.3:a:samba:samba:3.0.9:::::::*
	cpe:2.3:a:samba:samba:3.0.10:::::::*
	cpe:2.3:a:samba:samba:3.0.11:::::::*
	cpe:2.3:a:samba:samba:3.0.12:::::::*
	cpe:2.3:a:samba:samba:3.0.13:::::::*
	cpe:2.3:a:samba:samba:3.0.14:::::::*
	cpe:2.3:a:samba:samba:3.0.14a:::::::*
	cpe:2.3:a:samba:samba:3.0.15:::::::*
	cpe:2.3:a:samba:samba:3.0.16:::::::*
	cpe:2.3:a:samba:samba:3.0.17:::::::*
	cpe:2.3:a:samba:samba:3.0.18:::::::*
	cpe:2.3:a:samba:samba:3.0.19:::::::*
	cpe:2.3:a:samba:samba:3.0.20:::::::*
	cpe:2.3:a:samba:samba:3.0.20a:::::::*
	cpe:2.3:a:samba:samba:3.0.20b:::::::*
	cpe:2.3:a:samba:samba:3.0.21:::::::*
	cpe:2.3:a:samba:samba:3.0.21a:::::::*
	cpe:2.3:a:samba:samba:3.0.21b:::::::*
	cpe:2.3:a:samba:samba:3.0.21c:::::::*
	cpe:2.3:a:samba:samba:3.0.22:::::::*
	cpe:2.3:a:samba:samba:3.0.23:::::::*
	cpe:2.3:a:samba:samba:3.0.23a:::::::*
	cpe:2.3:a:samba:samba:3.0.23b:::::::*
	cpe:2.3:a:samba:samba:3.0.23c:::::::*
	cpe:2.3:a:samba:samba:3.0.23d:::::::*
	cpe:2.3:a:samba:samba:3.0.24:::::::*
	cpe:2.3:a:samba:samba:3.0.25:::::::*
	cpe:2.3:a:samba:samba:3.0.25:pre1::::::
	cpe:2.3:a:samba:samba:3.0.25:pre2::::::
	cpe:2.3:a:samba:samba:3.0.25:rc1::::::
	cpe:2.3:a:samba:samba:3.0.25:rc2::::::
	cpe:2.3:a:samba:samba:3.0.25:rc3::::::
	cpe:2.3:a:samba:samba:3.0.25a:::::::*
	cpe:2.3:a:samba:samba:3.0.25b:::::::*
	cpe:2.3:a:samba:samba:3.0.25c:::::::*
	cpe:2.3:a:samba:samba:3.0.26:::::::*
	cpe:2.3:a:samba:samba:3.0.26a:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 2.1
samba-0:2.2.12-1.21as.8.1	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2007:1013	2007-11-15T00:00:00Z
Red Hat Enterprise Linux 3
samba-0:3.0.9-1.3E.14.1	cpe:/o:redhat:enterprise_linux:3	RHSA-2007:1013	2007-11-15T00:00:00Z
Red Hat Enterprise Linux 4
samba-0:3.0.25b-1.el4_6.2	cpe:/o:redhat:enterprise_linux:4	RHSA-2007:1016	2007-11-15T00:00:00Z
Red Hat Enterprise Linux 5
samba-0:3.0.25b-1.el5_1.2	cpe:/o:redhat:enterprise_linux:5	RHSA-2007:1017	2007-11-15T00:00:00Z

No data.

Subscriptions

Vendors	Products
Redhat Subscribe	Enterprise Linux Subscribe
Samba Subscribe	Samba Subscribe

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DSA	DSA-1409-1	New samba packages fix several vulnerabilities
Debian DSA	DSA-1409-2	New samba packages fix several vulnerabilities
Debian DSA	DSA-1409-3	New samba packages fix several vulnerabilities
Ubuntu USN	USN-544-1	Samba vulnerabilities
Ubuntu USN	USN-544-2	Samba regression
Ubuntu USN	USN-617-1	Samba vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://docs.info.apple.com/article.html?artnum=307179
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
http://lists.vmware.com/pipermail/security-announce/2008/000002.html
http://marc.info/?l=bugtraq&m=120524782005154&w=2
http://secunia.com/advisories/27450
http://secunia.com/advisories/27679
http://secunia.com/advisories/27682
http://secunia.com/advisories/27691
http://secunia.com/advisories/27701
http://secunia.com/advisories/27720
http://secunia.com/advisories/27731
http://secunia.com/advisories/27787
http://secunia.com/advisories/27927
http://secunia.com/advisories/28136
http://secunia.com/advisories/28368
http://secunia.com/advisories/29341
http://secunia.com/advisories/30484
http://secunia.com/advisories/30736
http://secunia.com/advisories/30835
http://securitytracker.com/id?1018954
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739
http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1
http://us1.samba.org/samba/security/CVE-2007-4572.html
http://www.debian.org/security/2007/dsa-1409
http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:224
http://www.novell.com/linux/security/advisories/2007_65_samba.html
http://www.redhat.com/support/errata/RHSA-2007-1013.html
http://www.redhat.com/support/errata/RHSA-2007-1016.html
http://www.redhat.com/support/errata/RHSA-2007-1017.html
http://www.securityfocus.com/archive/1/485936/100/0/threaded
http://www.securityfocus.com/archive/1/486859/100/0/threaded
http://www.securityfocus.com/bid/26454
http://www.ubuntu.com/usn/usn-544-2
http://www.ubuntu.com/usn/usn-617-1
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
http://www.vmware.com/security/advisories/VMSA-2008-0001.html
http://www.vupen.com/english/advisories/2007/3869
http://www.vupen.com/english/advisories/2007/4238
http://www.vupen.com/english/advisories/2008/0064
http://www.vupen.com/english/advisories/2008/0859/references
http://www.vupen.com/english/advisories/2008/1712/references
http://www.vupen.com/english/advisories/2008/1908
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
https://exchange.xforce.ibmcloud.com/vulnerabilities/38501
https://issues.rpath.com/browse/RPL-1894
https://nvd.nist.gov/vuln/detail/CVE-2007-4572
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643
https://usn.ubuntu.com/544-1/
https://www.cve.org/CVERecord?id=CVE-2007-4572
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2007-11-16T18:00:00.000Z

Updated: 2024-08-07T15:01:09.547Z

Reserved: 2007-08-28T00:00:00.000Z

Link: CVE-2007-4572

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-11-16T18:46:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-4572

Redhat

Severity : Moderate

Publid Date: 2007-11-15T14:00:00Z

Links: CVE-2007-4572 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-119

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Subscriptions

Tracking

JSON object

JSON object

JSON object

JSON object

JSON object