CVE-2007-2447

NONECVSS 0.0

0.0

The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.

🔗 References (111)

secalert@redhathttp://docs.info.apple.com/article.html?artnum=306172
secalert@redhathttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
secalert@redhathttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
secalert@redhathttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534
secalert@redhathttp://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
secalert@redhathttp://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
secalert@redhathttp://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
secalert@redhathttp://secunia.com/advisories/25232
secalert@redhathttp://secunia.com/advisories/25241
secalert@redhathttp://secunia.com/advisories/25246
secalert@redhathttp://secunia.com/advisories/25251
secalert@redhathttp://secunia.com/advisories/25255
secalert@redhathttp://secunia.com/advisories/25256
secalert@redhathttp://secunia.com/advisories/25257
secalert@redhathttp://secunia.com/advisories/25259

Is Your Infrastructure Affected by CVE-2007-2447?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-2447

📅 Published

🔄 Last Modified

🔗 References (111)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-2447?