Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Redhat
  • Enterprise Linux
  • Rhel Eus
Samba
  • Samba

Configuration 1 [-]

OR cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.12:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:pre1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:rc1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:rc2:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25:rc3:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.25c:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.26:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.26a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.27:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 2.1
samba-0:2.2.12-1.21as.8.2 cpe:/o:redhat:enterprise_linux:2.1 RHSA-2007:1114 2007-12-10T00:00:00Z
Red Hat Enterprise Linux 3
samba-0:3.0.9-1.3E.14.3 cpe:/o:redhat:enterprise_linux:3 RHSA-2007:1114 2007-12-10T00:00:00Z
Red Hat Enterprise Linux 4
samba-0:3.0.25b-1.el4_6.4 cpe:/o:redhat:enterprise_linux:4 RHSA-2007:1114 2007-12-10T00:00:00Z
Red Hat Enterprise Linux 4.5 Z Stream
samba-0:3.0.10-2.el4_5.2 cpe:/o:redhat:rhel_eus:4.5 RHSA-2007:1114 2007-12-10T00:00:00Z
samba-0:3.0.10-2.el4_5.2 cpe:/o:redhat:rhel_eus:4.5 RHSA-2007:1117 2007-12-10T00:00:00Z
Red Hat Enterprise Linux 5
samba-0:3.0.25b-1.el5_1.4 cpe:/o:redhat:enterprise_linux:5 RHSA-2007:1114 2007-12-10T00:00:00Z
References
Link Providers
http://bugs.gentoo.org/show_bug.cgi?id=200773 cve-icon cve-icon
http://docs.info.apple.com/article.html?artnum=307430 cve-icon cve-icon
http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html cve-icon cve-icon
http://lists.vmware.com/pipermail/security-announce/2008/000005.html cve-icon cve-icon
http://marc.info/?l=bugtraq&m=120524782005154&w=2 cve-icon cve-icon
http://secunia.com/advisories/27760 cve-icon cve-icon
http://secunia.com/advisories/27894 cve-icon cve-icon
http://secunia.com/advisories/27977 cve-icon cve-icon
http://secunia.com/advisories/27993 cve-icon cve-icon
http://secunia.com/advisories/27999 cve-icon cve-icon
http://secunia.com/advisories/28003 cve-icon cve-icon
http://secunia.com/advisories/28028 cve-icon cve-icon
http://secunia.com/advisories/28029 cve-icon cve-icon
http://secunia.com/advisories/28037 cve-icon cve-icon
http://secunia.com/advisories/28067 cve-icon cve-icon
http://secunia.com/advisories/28089 cve-icon cve-icon
http://secunia.com/advisories/28891 cve-icon cve-icon
http://secunia.com/advisories/29032 cve-icon cve-icon
http://secunia.com/advisories/29341 cve-icon cve-icon
http://secunia.com/advisories/30484 cve-icon cve-icon
http://secunia.com/advisories/30835 cve-icon cve-icon
http://secunia.com/secunia_research/2007-99/advisory/ cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-200712-10.xml cve-icon cve-icon
http://securityreason.com/securityalert/3438 cve-icon cve-icon
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.451554 cve-icon cve-icon
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238251-1 cve-icon cve-icon
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019295.1-1 cve-icon cve-icon
http://support.avaya.com/elmodocs2/security/ASA-2007-520.htm cve-icon cve-icon
http://www.debian.org/security/2007/dsa-1427 cve-icon cve-icon
http://www.kb.cert.org/vuls/id/438395 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2007:244 cve-icon cve-icon
http://www.novell.com/linux/security/advisories/2007_68_samba.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2007-1114.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2007-1117.html cve-icon cve-icon
http://www.samba.org/samba/security/CVE-2007-6015.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/484818/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/484825/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/484827/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/485144/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/488457/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/26791 cve-icon cve-icon
http://www.securitytracker.com/id?1019065 cve-icon cve-icon
http://www.ubuntu.com/usn/usn-556-1 cve-icon cve-icon
http://www.us-cert.gov/cas/techalerts/TA08-043B.html cve-icon cve-icon
http://www.vupen.com/english/advisories/2007/4153 cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/0495/references cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/0637 cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/0859/references cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/1712/references cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/1908 cve-icon cve-icon
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/38965 cve-icon cve-icon
https://issues.rpath.com/browse/RPL-1976 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2007-6015 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11572 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5605 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2007-6015 cve-icon
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00304.html cve-icon cve-icon
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00308.html cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: flexera

Published: 2007-12-13T21:00:00

Updated: 2024-08-07T15:54:25.651Z

Reserved: 2007-11-19T00:00:00

Link: CVE-2007-6015

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-12-13T21:46:00.000

Modified: 2018-10-30T16:25:11.107

Link: CVE-2007-6015

cve-icon Redhat

Severity : Critical

Publid Date: 2007-12-10T15:00:00Z

Links: CVE-2007-6015 - Bugzilla