CVE-2007-6015
HIGH severity · CVSS 9.3 · Memory corruption
9.3CVSS HIGH
Summary
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.
Impact & exploitability
Attack vectorNetwork
Attack complexity—
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)27%
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://secunia.com/advisories/27760Advisory
- http://bugs.gentoo.org/show_bug.cgi?id=200773
- http://docs.info.apple.com/article.html?artnum=307430
- http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html
- http://lists.vmware.com/pipermail/security-announce/2008/000005.html
- http://marc.info/?l=bugtraq&m=120524782005154&w=2
- http://secunia.com/advisories/27894
- http://secunia.com/advisories/27977