CVE-2007-0453

Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://osvdb.org/33098
http://secunia.com/advisories/24043
http://secunia.com/advisories/24101
http://secunia.com/advisories/24151
http://securitytracker.com/id?1017589
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
http://us1.samba.org/samba/security/CVE-2007-0453.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://www.securityfocus.com/archive/1/459168/100/0/threaded
http://www.securityfocus.com/archive/1/459365/100/0/threaded
http://www.securityfocus.com/bid/22410
http://www.trustix.org/errata/2007/0007
http://www.vupen.com/english/advisories/2007/0483
https://exchange.xforce.ibmcloud.com/vulnerabilities/32231
https://issues.rpath.com/browse/RPL-1005
http://osvdb.org/33098
http://secunia.com/advisories/24043
http://secunia.com/advisories/24101
http://secunia.com/advisories/24151
http://securitytracker.com/id?1017589
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
http://us1.samba.org/samba/security/CVE-2007-0453.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://www.securityfocus.com/archive/1/459168/100/0/threaded
http://www.securityfocus.com/archive/1/459365/100/0/threaded
http://www.securityfocus.com/bid/22410
http://www.trustix.org/errata/2007/0007
http://www.vupen.com/english/advisories/2007/0483
https://exchange.xforce.ibmcloud.com/vulnerabilities/32231
https://issues.rpath.com/browse/RPL-1005

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:samba:samba:3.0.21:::::::*
	cpe:2.3:a:samba:samba:3.0.21a:::::::*
	cpe:2.3:a:samba:samba:3.0.21b:::::::*
	cpe:2.3:a:samba:samba:3.0.21c:::::::*
	cpe:2.3:a:samba:samba:3.0.22:::::::*
	cpe:2.3:a:samba:samba:3.0.23:::::::*
	cpe:2.3:a:samba:samba:3.0.23a:::::::*
	cpe:2.3:a:samba:samba:3.0.23b:::::::*
	cpe:2.3:a:samba:samba:3.0.23c:::::::*
	cpe:2.3:a:samba:samba:3.0.23d:::::::*

History

21 Nov 2024, 00:25

Information

Published : 2007-02-06 02:28

Updated : 2024-11-21 00:25

NVD link : CVE-2007-0453

Mitre link : CVE-2007-0453

CVE.ORG link : CVE-2007-0453

JSON object : View

Products Affected

samba

samba

CWE

NVD-CWE-Other

4.6 /10