CVE-2007-4572
HIGH severity · CVSS 9.3 · Memory corruption
9.3CVSS HIGH
Summary
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.
Impact & exploitability
Attack vectorNetwork
Attack complexity—
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)6%
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Official patch: http://secunia.com/advisories/27450 ↗
Additional information
- NVD record
- http://secunia.com/advisories/27450Patch
- http://secunia.com/advisories/27679Advisory
- http://secunia.com/advisories/27682Advisory
- http://secunia.com/advisories/27691Advisory
- http://docs.info.apple.com/article.html?artnum=307179
- http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
- http://lists.vmware.com/pipermail/security-announce/2008/000002.html
- http://marc.info/?l=bugtraq&m=120524782005154&w=2