Vulnerability-Lookup

CVE-2007-4572 (GCVE-0-2007-4572)

Vulnerability from cvelistv5 – Published: 2007-11-16 23:00 – Updated: 2024-08-07 15:01

Summary

Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.ubuntu.com/usn/usn-544-2	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/27691	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-10…	vendor-advisoryx_refsource_REDHAT
	https://usn.ubuntu.com/544-1/	vendor-advisoryx_refsource_UBUNTU
	http://www.vupen.com/english/advisories/2007/4238	vdb-entryx_refsource_VUPEN
	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	third-party-advisoryx_refsource_CERT
	http://secunia.com/advisories/30835	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29341	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1018954	vdb-entryx_refsource_SECTRACK
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://marc.info/?l=bugtraq&m=120524782005154&w=2	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/28136	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/30736	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/3869	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/27679	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/27682	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/27701	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-10…	vendor-advisoryx_refsource_REDHAT
	http://www.vupen.com/english/advisories/2008/1908	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/27720	third-party-advisoryx_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=120524782005154&w=2	vendor-advisoryx_refsource_HP
	http://www11.itrc.hp.com/service/cki/docDisplay.d…	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/30484	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/485936/100…	mailing-listx_refsource_BUGTRAQ
	http://www.debian.org/security/2007/dsa-1409	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/27450	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/27731	third-party-advisoryx_refsource_SECUNIA
	http://lists.vmware.com/pipermail/security-announ…	mailing-listx_refsource_MLIST
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www11.itrc.hp.com/service/cki/docDisplay.d…	vendor-advisoryx_refsource_HP
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/27787	third-party-advisoryx_refsource_SECUNIA
	http://docs.info.apple.com/article.html?artnum=307179	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/28368	third-party-advisoryx_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-1894	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/26454	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20071…	vendor-advisoryx_refsource_GENTOO
	http://www.ubuntu.com/usn/usn-617-1	vendor-advisoryx_refsource_UBUNTU
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/27927	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/1712…	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2008/0859…	vdb-entryx_refsource_VUPEN
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
	http://us1.samba.org/samba/security/CVE-2007-4572.html	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2007-10…	vendor-advisoryx_refsource_REDHAT
	http://www.vupen.com/english/advisories/2008/0064	vdb-entryx_refsource_VUPEN
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://www.securityfocus.com/archive/1/486859/100…	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:01:09.547Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-544-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-544-2"
          },
          {
            "name": "27691",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27691"
          },
          {
            "name": "RHSA-2007:1016",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1016.html"
          },
          {
            "name": "USN-544-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/544-1/"
          },
          {
            "name": "ADV-2007-4238",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "TA07-352A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "30835",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30835"
          },
          {
            "name": "29341",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29341"
          },
          {
            "name": "1018954",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018954"
          },
          {
            "name": "SSA:2007-320-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.447739"
          },
          {
            "name": "HPSBUX02316",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120524782005154\u0026w=2"
          },
          {
            "name": "28136",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28136"
          },
          {
            "name": "30736",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30736"
          },
          {
            "name": "ADV-2007-3869",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3869"
          },
          {
            "name": "27679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27679"
          },
          {
            "name": "27682",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27682"
          },
          {
            "name": "27701",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27701"
          },
          {
            "name": "RHSA-2007:1013",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1013.html"
          },
          {
            "name": "ADV-2008-1908",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1908"
          },
          {
            "name": "samba-nmbd-bo(38501)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501"
          },
          {
            "name": "27720",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27720"
          },
          {
            "name": "SSRT071495",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120524782005154\u0026w=2"
          },
          {
            "name": "HPSBUX02341",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
          },
          {
            "name": "30484",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30484"
          },
          {
            "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
          },
          {
            "name": "DSA-1409",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1409"
          },
          {
            "name": "27450",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27450"
          },
          {
            "name": "27731",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27731"
          },
          {
            "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11132",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132"
          },
          {
            "name": "SSRT080075",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "MDKSA-2007:224",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224"
          },
          {
            "name": "27787",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27787"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "oval:org.mitre.oval:def:5643",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643"
          },
          {
            "name": "28368",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28368"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1894"
          },
          {
            "name": "26454",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26454"
          },
          {
            "name": "GLSA-200711-29",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml"
          },
          {
            "name": "USN-617-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-617-1"
          },
          {
            "name": "FEDORA-2007-3402",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html"
          },
          {
            "name": "27927",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27927"
          },
          {
            "name": "ADV-2008-1712",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1712/references"
          },
          {
            "name": "ADV-2008-0859",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0859/references"
          },
          {
            "name": "237764",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://us1.samba.org/samba/security/CVE-2007-4572.html"
          },
          {
            "name": "RHSA-2007:1017",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1017.html"
          },
          {
            "name": "ADV-2008-0064",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0064"
          },
          {
            "name": "SUSE-SA:2007:065",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_65_samba.html"
          },
          {
            "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-15T05:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T00:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-544-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-544-2"
        },
        {
          "name": "27691",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27691"
        },
        {
          "name": "RHSA-2007:1016",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1016.html"
        },
        {
          "name": "USN-544-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/544-1/"
        },
        {
          "name": "ADV-2007-4238",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4238"
        },
        {
          "name": "TA07-352A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
        },
        {
          "name": "30835",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30835"
        },
        {
          "name": "29341",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29341"
        },
        {
          "name": "1018954",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018954"
        },
        {
          "name": "SSA:2007-320-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.447739"
        },
        {
          "name": "HPSBUX02316",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=120524782005154\u0026w=2"
        },
        {
          "name": "28136",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28136"
        },
        {
          "name": "30736",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30736"
        },
        {
          "name": "ADV-2007-3869",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3869"
        },
        {
          "name": "27679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27679"
        },
        {
          "name": "27682",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27682"
        },
        {
          "name": "27701",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27701"
        },
        {
          "name": "RHSA-2007:1013",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1013.html"
        },
        {
          "name": "ADV-2008-1908",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1908"
        },
        {
          "name": "samba-nmbd-bo(38501)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501"
        },
        {
          "name": "27720",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27720"
        },
        {
          "name": "SSRT071495",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=120524782005154\u0026w=2"
        },
        {
          "name": "HPSBUX02341",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
        },
        {
          "name": "30484",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30484"
        },
        {
          "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
        },
        {
          "name": "DSA-1409",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1409"
        },
        {
          "name": "27450",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27450"
        },
        {
          "name": "27731",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27731"
        },
        {
          "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11132",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132"
        },
        {
          "name": "SSRT080075",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
        },
        {
          "name": "APPLE-SA-2007-12-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
        },
        {
          "name": "MDKSA-2007:224",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224"
        },
        {
          "name": "27787",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27787"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307179"
        },
        {
          "name": "oval:org.mitre.oval:def:5643",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643"
        },
        {
          "name": "28368",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28368"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1894"
        },
        {
          "name": "26454",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26454"
        },
        {
          "name": "GLSA-200711-29",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml"
        },
        {
          "name": "USN-617-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-617-1"
        },
        {
          "name": "FEDORA-2007-3402",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html"
        },
        {
          "name": "27927",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27927"
        },
        {
          "name": "ADV-2008-1712",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1712/references"
        },
        {
          "name": "ADV-2008-0859",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0859/references"
        },
        {
          "name": "237764",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://us1.samba.org/samba/security/CVE-2007-4572.html"
        },
        {
          "name": "RHSA-2007:1017",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1017.html"
        },
        {
          "name": "ADV-2008-0064",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0064"
        },
        {
          "name": "SUSE-SA:2007:065",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_65_samba.html"
        },
        {
          "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-4572",
    "datePublished": "2007-11-16T23:00:00.000Z",
    "dateReserved": "2007-08-28T04:00:00.000Z",
    "dateUpdated": "2024-08-07T15:01:09.547Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2008-AVI-337

Vulnerability from certfr_avis - Published: 2008-06-25 - Updated: 2008-06-25

Plusieurs vulnérabilités de HP-UX CIFS Server permettent d'exécuter du code arbitraire à distance.

Description

Deux vulnérabilités liées à Samba et détaillées dans les avis du CERTA CERTA-2007-AVI-502 et CERTA-2008-AVI-276 permettent à un individu malveillant d'exécuter à distance du code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	CIFS Server versions vA.02.03.x antérieures à vA.02.03.04.
N/A	N/A	CIFS Server versions vA.02.02.x ;
N/A	N/A	CIFS Server versions vA.02.01.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité HP-UX c01475657 du 23 juin 2008	None	vendor-advisory
Bulletin de sécurité HP c01475657 du 23 juin 2008 :	-	other
Document du CERTA CERTA-2007-AVI-502 du 16 novembre 2007 :	-	other
Document du CERTA CERTA-2008-AVI-276 du 29 mai 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "CIFS Server versions vA.02.03.x ant\u00e9rieures \u00e0 vA.02.03.04.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CIFS Server versions vA.02.02.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CIFS Server versions vA.02.01.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s li\u00e9es \u00e0 Samba et d\u00e9taill\u00e9es dans les avis du CERTA\nCERTA-2007-AVI-502 et CERTA-2008-AVI-276 permettent \u00e0 un individu\nmalveillant d\u0027ex\u00e9cuter \u00e0 distance du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-6015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6015"
    },
    {
      "name": "CVE-2008-1105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1105"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    }
  ],
  "initial_release_date": "2008-06-25T00:00:00",
  "last_revision_date": "2008-06-25T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP c01475657 du 23 juin 2008 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c01475657"
    },
    {
      "title": "Document du CERTA CERTA-2007-AVI-502 du 16 novembre 2007 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-AVI-502/index.html"
    },
    {
      "title": "Document du CERTA CERTA-2008-AVI-276 du 29 mai 2008 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2008-AVI-276/index.html"
    }
  ],
  "reference": "CERTA-2008-AVI-337",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-06-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s de \u003cspan class=\"textit\"\u003eHP-UX CIFS\nServer\u003c/span\u003e permettent d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s du serveur CIFS de HP-UX",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP-UX c01475657 du 23 juin 2008",
      "url": null
    }
  ]
}

CERTA-2007-AVI-551

Vulnerability from certfr_avis - Published: 2007-12-19 - Updated: 2007-12-19

None

Description

De multiples vulnérabilités ont été découvertes dans les systèmes d'exploitation Apple Mac OS X. L'exploitation de ces vulnérabilités permettent à une personne malveillante d'exécuter diverses actions dont l'exécution de code arbitraire à distance, l'atteinte à l'intégrité des données, l'élévation de privilèges ou le contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Mac OS X version 10.5.1 et antérieures.
	Apple	N/A	Mac OS X version 10.4.11 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 307179 du 12 décembre 2007

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X version 10.5.1 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X version 10.4.11 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les syst\u00e8mes\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s\npermettent \u00e0 une personne malveillante d\u0027ex\u00e9cuter diverses actions dont\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance, l\u0027atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es, l\u0027\u00e9l\u00e9vation de privil\u00e8ges ou le contournement de la politique\nde s\u00e9curit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4710"
    },
    {
      "name": "CVE-2007-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1661"
    },
    {
      "name": "CVE-2007-5857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5857"
    },
    {
      "name": "CVE-2007-4351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4351"
    },
    {
      "name": "CVE-2007-4768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4768"
    },
    {
      "name": "CVE-2007-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1660"
    },
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    },
    {
      "name": "CVE-2007-5851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5851"
    },
    {
      "name": "CVE-2007-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1659"
    },
    {
      "name": "CVE-2007-5476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5476"
    },
    {
      "name": "CVE-2007-3876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3876"
    },
    {
      "name": "CVE-2007-4708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4708"
    },
    {
      "name": "CVE-2007-5853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5853"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-1218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1218"
    },
    {
      "name": "CVE-2007-5848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5848"
    },
    {
      "name": "CVE-2007-5770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5770"
    },
    {
      "name": "CVE-2007-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1662"
    },
    {
      "name": "CVE-2007-4709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4709"
    },
    {
      "name": "CVE-2007-5863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5863"
    },
    {
      "name": "CVE-2007-3798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3798"
    },
    {
      "name": "CVE-2006-0024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
    },
    {
      "name": "CVE-2007-5849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5849"
    },
    {
      "name": "CVE-2007-5858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5858"
    },
    {
      "name": "CVE-2007-4131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4131"
    },
    {
      "name": "CVE-2007-6165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6165"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    },
    {
      "name": "CVE-2007-5855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5855"
    },
    {
      "name": "CVE-2007-5854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5854"
    },
    {
      "name": "CVE-2007-4965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4965"
    },
    {
      "name": "CVE-2007-5856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5856"
    },
    {
      "name": "CVE-2007-5850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5850"
    },
    {
      "name": "CVE-2007-5859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5859"
    },
    {
      "name": "CVE-2007-5861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5861"
    },
    {
      "name": "CVE-2007-5860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5860"
    },
    {
      "name": "CVE-2007-4767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4767"
    },
    {
      "name": "CVE-2007-4766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4766"
    },
    {
      "name": "CVE-2007-5847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5847"
    }
  ],
  "initial_release_date": "2007-12-19T00:00:00",
  "last_revision_date": "2007-12-19T00:00:00",
  "links": [],
  "reference": "CERTA-2007-AVI-551",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 307179 du 12 d\u00e9cembre 2007",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    }
  ]
}

CERTA-2008-AVI-008

Vulnerability from certfr_avis - Published: 2008-01-08 - Updated: 2008-01-08

De multiples vulnérabilités sur VMWare ESX Server et VirtualCenter Management Server permettent notamment à une personne malintentionnée distante d'exécuter du code arbitraire.

Description

De multiples vulnérabilités existent sur VMWare ESX Server. Celles-ci concernent des modules ou logiciels utilisés par le serveur et récemment mis à jour : OpenPegasus, Tomcat, Samba, OpenSSL, JRE, util-linux, et Perl. Certaines de ces failles permettent notamment à une personne malintentionnée distante d'exécuter du code arbitraire.

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VirtualCenter Management Server 2.
VMware	N/A	VMWare ESX Server 2.0.x ;
VMware	N/A	VMWare ESX Server 3.0.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité VMWare VMSA-2008-0001 du 07 janvier 2008	None	vendor-advisory
Bulletin de sécurité VMWare VMSA-2008-0002 du 07 janvier 2008	None	vendor-advisory
Bulletin de sécurité VMWare VMSA-2008-0002 du 07 janvier 2008 :	-	other
Bulletin de sécurité VMWare VMSA-2008-0001 du 07 janvier 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VirtualCenter Management Server 2.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMWare ESX Server 2.0.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMWare ESX Server 3.0.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s existent sur VMWare ESX Server. Celles-ci\nconcernent des modules ou logiciels utilis\u00e9s par le serveur et r\u00e9cemment\nmis \u00e0 jour : OpenPegasus, Tomcat, Samba, OpenSSL, JRE, util-linux, et\nPerl. Certaines de ces failles permettent notamment \u00e0 une personne\nmalintentionn\u00e9e distante d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5360"
    },
    {
      "name": "CVE-2007-0450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0450"
    },
    {
      "name": "CVE-2007-5135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5135"
    },
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    },
    {
      "name": "CVE-2007-3004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3004"
    },
    {
      "name": "CVE-2005-2090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2090"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-3108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3108"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    },
    {
      "name": "CVE-2006-7195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7195"
    },
    {
      "name": "CVE-2007-5191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5191"
    }
  ],
  "initial_release_date": "2008-01-08T00:00:00",
  "last_revision_date": "2008-01-08T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0002 du 07 janvier    2008 :",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0001 du 07 janvier    2008 :",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    }
  ],
  "reference": "CERTA-2008-AVI-008",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-01-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s sur \u003cspan class=\"textit\"\u003eVMWare ESX\nServer\u003c/span\u003e et \u003cspan class=\"textit\"\u003eVirtualCenter Management\nServer\u003c/span\u003e permettent notamment \u00e0 une personne malintentionn\u00e9e\ndistante d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0001 du 07 janvier 2008",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0002 du 07 janvier 2008",
      "url": null
    }
  ]
}

CERTA-2007-AVI-502

Vulnerability from certfr_avis - Published: 2007-11-16 - Updated: 2008-03-13

None

Description

Une vulnérabilité dans la construction de réponses d'un serveur Samba à des requêtes Netbios permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Une autre vulnérabilité, exploitable uniquement si le serveur Samba sert de contrôleur de domaine primaire ou secondaire, permet également à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Samba, versions 3.0.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité de Samba du 15 novembre 2007	None	vendor-advisory
Bulletin de sécurité Gentoo GLSA 200711-29 du 20 novembre 2007 :	-	other
Bulletin de sécurité Fedora 3402 du 15 novembre 2007 :	-	other
Bulletin de sécurité Debian DSA-1409 du 29 novembre 2007 :	-	other
Bulletin du projet Samba du 15 novembre 2007 :	-	other
Bulletin de sécurité RedHat RHSA-2007:1013 du 15 novembre 2007 :	-	other
Bulletin de sécurité HP-UX HPSBUX02316 du 10 mars 2008 :	-	other
Bulletin de sécurité Mandriva MDKSA-2007:224-1 du 21 novembre 2007 :	-	other
Bulletin de sécurité Ubuntu USN-544-1 du 15 novembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eSamba, versions 3.0.x.\u003c/p\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans la construction de r\u00e9ponses d\u0027un serveur Samba \u00e0\ndes requ\u00eates Netbios permet \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter du\ncode arbitraire \u00e0 distance.\n\nUne autre vuln\u00e9rabilit\u00e9, exploitable uniquement si le serveur Samba sert\nde contr\u00f4leur de domaine primaire ou secondaire, permet \u00e9galement \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-6015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6015"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    }
  ],
  "initial_release_date": "2007-11-16T00:00:00",
  "last_revision_date": "2008-03-13T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200711-29 du 20 novembre    2007 :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Fedora 3402 du 15 novembre 2007 :",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1409 du 29 novembre 2007 :",
      "url": "http://www.debian.org/security/2007/dsa-1409"
    },
    {
      "title": "Bulletin du projet Samba du 15 novembre 2007 :",
      "url": "http://us1.samba.org/samba/history/security.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2007:1013 du 15 novembre    2007 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-1013.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP-UX HPSBUX02316 du 10 mars 2008 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c01377687"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:224-1 du 21    novembre 2007 :",
      "url": "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:224-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-544-1 du 15 novembre 2007 :",
      "url": "http://www.ubuntulinux.org/usn/usn-544-1"
    }
  ],
  "reference": "CERTA-2007-AVI-502",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-11-16T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Mandriva, Gentoo et Debian.",
      "revision_date": "2007-11-30T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 HP-UX.",
      "revision_date": "2008-03-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9s dans Samba",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 de Samba du 15 novembre 2007",
      "url": null
    }
  ]
}

FKIE_CVE-2007-4572

Vulnerability from fkie_nvd - Published: 2007-11-16 18:46 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://docs.info.apple.com/article.html?artnum=307179
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
secalert@redhat.com	http://lists.vmware.com/pipermail/security-announce/2008/000002.html
secalert@redhat.com	http://marc.info/?l=bugtraq&m=120524782005154&w=2
secalert@redhat.com	http://secunia.com/advisories/27450	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27679	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27682	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27691	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27701	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27720	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27731	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27787	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27927	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28136	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28368	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29341
secalert@redhat.com	http://secunia.com/advisories/30484
secalert@redhat.com	http://secunia.com/advisories/30736
secalert@redhat.com	http://secunia.com/advisories/30835
secalert@redhat.com	http://securitytracker.com/id?1018954
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1
secalert@redhat.com	http://us1.samba.org/samba/security/CVE-2007-4572.html	Patch
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1409
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:224
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_65_samba.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-1013.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-1016.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-1017.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/485936/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/486859/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/26454
secalert@redhat.com	http://www.ubuntu.com/usn/usn-544-2
secalert@redhat.com	http://www.ubuntu.com/usn/usn-617-1
secalert@redhat.com	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
secalert@redhat.com	http://www.vmware.com/security/advisories/VMSA-2008-0001.html
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/3869
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/4238
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0064
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0859/references
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/1712/references
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/1908
secalert@redhat.com	http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/38501
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1894
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643
secalert@redhat.com	https://usn.ubuntu.com/544-1/
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307179
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2008/000002.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120524782005154&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27450	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27679	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27682	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27691	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27701	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27720	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27731	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27787	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27927	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28136	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28368	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29341
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30484
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30736
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30835
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018954
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1
af854a3a-2127-422b-91ae-364da2661108	http://us1.samba.org/samba/security/CVE-2007-4572.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1409
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:224
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_65_samba.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1013.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1016.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1017.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/485936/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/486859/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26454
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-544-2
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-617-1
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2008-0001.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3869
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4238
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0064
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0859/references
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1712/references
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1908
af854a3a-2127-422b-91ae-364da2661108	http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38501
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1894
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/544-1/
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html

Impacted products

Vendor	Product	Version
samba	samba	3.0.0
samba	samba	3.0.1
samba	samba	3.0.2
samba	samba	3.0.2a
samba	samba	3.0.3
samba	samba	3.0.4
samba	samba	3.0.4
samba	samba	3.0.5
samba	samba	3.0.6
samba	samba	3.0.7
samba	samba	3.0.8
samba	samba	3.0.9
samba	samba	3.0.10
samba	samba	3.0.11
samba	samba	3.0.12
samba	samba	3.0.13
samba	samba	3.0.14
samba	samba	3.0.14a
samba	samba	3.0.15
samba	samba	3.0.16
samba	samba	3.0.17
samba	samba	3.0.18
samba	samba	3.0.19
samba	samba	3.0.20
samba	samba	3.0.20a
samba	samba	3.0.20b
samba	samba	3.0.21
samba	samba	3.0.21a
samba	samba	3.0.21b
samba	samba	3.0.21c
samba	samba	3.0.22
samba	samba	3.0.23
samba	samba	3.0.23a
samba	samba	3.0.23b
samba	samba	3.0.23c
samba	samba	3.0.23d
samba	samba	3.0.24
samba	samba	3.0.25
samba	samba	3.0.25
samba	samba	3.0.25
samba	samba	3.0.25
samba	samba	3.0.25
samba	samba	3.0.25
samba	samba	3.0.25a
samba	samba	3.0.25b
samba	samba	3.0.25c
samba	samba	3.0.26
samba	samba	3.0.26a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84FB25B-5EA5-48DC-B528-E8CCF714C919",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "216145B7-4716-42F7-90DC-03884ECB2271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "898968E5-577E-4B86-A804-EBEC67157A61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "920EF846-41D1-429D-AF0F-3D7950F93069",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8016DC4F-F410-4401-BDCC-91BE0D44D028",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC94A2CF-85DF-4BB5-8F78-470A3454C3CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "632D2489-3B5E-466E-A6DF-1EF00303869B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FC116E5-B739-4E18-AA51-FFF59EBCA08F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D40F682-9F2E-465F-98F7-23E1036C74A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9478CC84-802F-4960-ACAB-3700154E813F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3806-E33A-49A6-99A4-095B4E543C43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA7D08FB-30B9-4E42-B831-21A0C095062C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6C8A4-FA17-44EF-A447-C73108540B59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D5EA00-CC2E-4E56-8297-A3C1CEDBBE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "50E05AD3-C7F0-421D-8C9B-604E553332E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A53517C-F12D-4D74-A722-5AE23598CEC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BF4A0A7-E176-4009-BAA2-E23B330D91A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*",
              "matchCriteriaId": "42EB6115-CC45-4464-8400-D7E3A9402803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B06DAF-869F-481B-965D-70353581A6E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF1A1D4-39DE-4227-A6E0-7E7817BDCCE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F0E277-09BD-4FA8-B2A3-7E83AD1656BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F260B05-3963-49BF-9D96-EB06722C5483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A7E91B-7B13-47E5-B8E6-CE7D6DC490F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002F105-A911-4E56-8630-C287DC527E05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1936E19-9887-4E53-AA0C-738ABD4B97EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2206C09-6A4B-4EC4-A206-E48EDF966913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B918306-8743-404D-A035-CC3997ADCC3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*",
              "matchCriteriaId": "43684906-D3AA-40FB-A75D-ED65C1DC9BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*",
              "matchCriteriaId": "62E39538-4811-49DB-97CF-1F018C58BAE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*",
              "matchCriteriaId": "C85D69FE-AF43-4B0E-A7A9-2D2C16426180",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "86347948-C08F-4F02-89A0-4F4A55CD4BA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "A908DA9D-A8BD-46BA-A71F-BFDEC0A1341E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA7905C-51A0-4A56-A6A5-330288613055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AE85033-0658-4D60-8C7A-6E2BD63AFDCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*",
              "matchCriteriaId": "4600AAA4-834D-4F63-8E9A-88CB555C029E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*",
              "matchCriteriaId": "54FE8D2E-AF0D-4C84-A5BC-2CE6759B534C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BFA3B82-9440-49E1-8088-FA22C0B7DD88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "0762B1DA-7232-478D-805F-5E2A50F8BEAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.25:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "9F22FC74-5999-4158-A253-674BF1C21E2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "0EEB31C4-5352-4905-8D9E-BD754991F07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.25:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B0BE2AEC-6ACD-422C-AD20-6C034D68C891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.25:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "101163D7-D440-43CC-8704-A9614CD8CEE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.25:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "F0E4811D-3387-4838-94A0-1BD7F3C9C3D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.25a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B69EA9CF-627C-4600-B4EC-10E91DB07E1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.25b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF740A1-0BEC-4E29-9C74-F1F906EF3EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.25c:*:*:*:*:*:*:*",
              "matchCriteriaId": "99A8D6D8-A207-498F-8DB2-EB7ED842CE1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "70BB5BA1-F499-40FC-80F6-B3CD2F1BB074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.26a:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A973443-C497-41FB-AF47-529AA2906CCF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en el nmbd del Samba 3.0.0 hasta el 3.0.26a, cuando est\u00e1 configurado como controlador Primario (\"Primary \") o Dominio de Seguridad (\"Backup Domain\"), permite a atacantes remotos tener un impacto desconocido a trav\u00e9s de peticiones modificadas GETDC mailslot, relacionada con el manejo de las peticiones de autenticaci\u00f3n de servidor GETDC."
    }
  ],
  "id": "CVE-2007-4572",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-16T18:46:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=120524782005154\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27450"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27679"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27682"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27691"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27701"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27720"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27731"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27787"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27927"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28368"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/29341"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30484"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30736"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30835"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1018954"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.447739"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://us1.samba.org/samba/security/CVE-2007-4572.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1409"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_65_samba.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1013.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1016.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1017.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/26454"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-544-2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-617-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/3869"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0064"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0859/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/1712/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/1908"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1894"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/544-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=120524782005154\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27682"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27701"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27720"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27731"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28368"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29341"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30484"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30736"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30835"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.447739"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://us1.samba.org/samba/security/CVE-2007-4572.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1409"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_65_samba.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1013.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-544-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-617-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3869"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0859/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1712/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/544-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2007-4572

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-4572

Aliases

CVE-2007-4572

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-4572",
    "description": "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.",
    "id": "GSD-2007-4572",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-4572.html",
      "https://www.debian.org/security/2007/dsa-1409",
      "https://access.redhat.com/errata/RHSA-2007:1017",
      "https://access.redhat.com/errata/RHSA-2007:1016",
      "https://access.redhat.com/errata/RHSA-2007:1013",
      "https://linux.oracle.com/cve/CVE-2007-4572.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-4572"
      ],
      "details": "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.",
      "id": "GSD-2007-4572",
      "modified": "2023-12-13T01:21:36.951208Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2007-4572",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html",
            "refsource": "MISC",
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
          },
          {
            "name": "http://secunia.com/advisories/28368",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28368"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/485936/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/486859/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
          },
          {
            "name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html",
            "refsource": "MISC",
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/0064",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/0064"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=307179",
            "refsource": "MISC",
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "http://secunia.com/advisories/28136",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28136"
          },
          {
            "name": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html",
            "refsource": "MISC",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/4238",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-1016.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1016.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-1017.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1017.html"
          },
          {
            "name": "http://marc.info/?l=bugtraq\u0026m=120524782005154\u0026w=2",
            "refsource": "MISC",
            "url": "http://marc.info/?l=bugtraq\u0026m=120524782005154\u0026w=2"
          },
          {
            "name": "http://secunia.com/advisories/27450",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27450"
          },
          {
            "name": "http://secunia.com/advisories/27679",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27679"
          },
          {
            "name": "http://secunia.com/advisories/27682",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27682"
          },
          {
            "name": "http://secunia.com/advisories/27691",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27691"
          },
          {
            "name": "http://secunia.com/advisories/27701",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27701"
          },
          {
            "name": "http://secunia.com/advisories/27720",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27720"
          },
          {
            "name": "http://secunia.com/advisories/27731",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27731"
          },
          {
            "name": "http://secunia.com/advisories/27787",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27787"
          },
          {
            "name": "http://secunia.com/advisories/27927",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27927"
          },
          {
            "name": "http://secunia.com/advisories/29341",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29341"
          },
          {
            "name": "http://secunia.com/advisories/30484",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/30484"
          },
          {
            "name": "http://secunia.com/advisories/30736",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/30736"
          },
          {
            "name": "http://secunia.com/advisories/30835",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/30835"
          },
          {
            "name": "http://securitytracker.com/id?1018954",
            "refsource": "MISC",
            "url": "http://securitytracker.com/id?1018954"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.447739",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.447739"
          },
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1"
          },
          {
            "name": "http://us1.samba.org/samba/security/CVE-2007-4572.html",
            "refsource": "MISC",
            "url": "http://us1.samba.org/samba/security/CVE-2007-4572.html"
          },
          {
            "name": "http://www.debian.org/security/2007/dsa-1409",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2007/dsa-1409"
          },
          {
            "name": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml",
            "refsource": "MISC",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2007_65_samba.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2007_65_samba.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-1013.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1013.html"
          },
          {
            "name": "http://www.securityfocus.com/bid/26454",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/26454"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-544-2",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-544-2"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-617-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-617-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/3869",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/3869"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/0859/references",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/0859/references"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/1712/references",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/1712/references"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/1908",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/1908"
          },
          {
            "name": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657",
            "refsource": "MISC",
            "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1894",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-1894"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643"
          },
          {
            "name": "https://usn.ubuntu.com/544-1/",
            "refsource": "MISC",
            "url": "https://usn.ubuntu.com/544-1/"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25:pre1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.26a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25:rc3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-4572"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://us1.samba.org/samba/security/CVE-2007-4572.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://us1.samba.org/samba/security/CVE-2007-4572.html"
            },
            {
              "name": "27450",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27450"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1894",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-1894"
            },
            {
              "name": "DSA-1409",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1409"
            },
            {
              "name": "FEDORA-2007-3402",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html"
            },
            {
              "name": "GLSA-200711-29",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml"
            },
            {
              "name": "MDKSA-2007:224",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224"
            },
            {
              "name": "RHSA-2007:1013",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1013.html"
            },
            {
              "name": "RHSA-2007:1016",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1016.html"
            },
            {
              "name": "RHSA-2007:1017",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1017.html"
            },
            {
              "name": "SSA:2007-320-01",
              "refsource": "SLACKWARE",
              "tags": [],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.447739"
            },
            {
              "name": "SUSE-SA:2007:065",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2007_65_samba.html"
            },
            {
              "name": "USN-544-2",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-544-2"
            },
            {
              "name": "26454",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/26454"
            },
            {
              "name": "1018954",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1018954"
            },
            {
              "name": "27679",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27679"
            },
            {
              "name": "27682",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27682"
            },
            {
              "name": "27691",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27691"
            },
            {
              "name": "27701",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27701"
            },
            {
              "name": "27720",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27720"
            },
            {
              "name": "27731",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27731"
            },
            {
              "name": "27787",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27787"
            },
            {
              "name": "27927",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27927"
            },
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "28136",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28136"
            },
            {
              "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
            },
            {
              "name": "28368",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28368"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
            },
            {
              "name": "29341",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29341"
            },
            {
              "name": "30484",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30484"
            },
            {
              "name": "HPSBUX02341",
              "refsource": "HP",
              "tags": [],
              "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
            },
            {
              "name": "30736",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30736"
            },
            {
              "name": "USN-617-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-617-1"
            },
            {
              "name": "30835",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30835"
            },
            {
              "name": "237764",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "ADV-2008-0859",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0859/references"
            },
            {
              "name": "ADV-2008-0064",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0064"
            },
            {
              "name": "HPSBUX02316",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=120524782005154\u0026w=2"
            },
            {
              "name": "ADV-2008-1908",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1908"
            },
            {
              "name": "ADV-2007-3869",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/3869"
            },
            {
              "name": "ADV-2008-1712",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1712/references"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "samba-nmbd-bo(38501)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501"
            },
            {
              "name": "oval:org.mitre.oval:def:5643",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643"
            },
            {
              "name": "oval:org.mitre.oval:def:11132",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132"
            },
            {
              "name": "USN-544-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "https://usn.ubuntu.com/544-1/"
            },
            {
              "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
            },
            {
              "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:25Z",
      "publishedDate": "2007-11-16T18:46Z"
    }
  }
}

GHSA-C889-7VH4-J454

Vulnerability from github – Published: 2022-05-01 18:25 – Updated: 2025-04-09 03:48

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-4572"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-11-16T18:46:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.",
  "id": "GHSA-c889-7vh4-j454",
  "modified": "2025-04-09T03:48:31Z",
  "published": "2022-05-01T18:25:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4572"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1894"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/544-1"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=120524782005154\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27450"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27679"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27682"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27691"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27701"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27720"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27731"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27787"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27927"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28368"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29341"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30484"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30736"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30835"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1018954"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.447739"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1"
    },
    {
      "type": "WEB",
      "url": "http://us1.samba.org/samba/security/CVE-2007-4572.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1409"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_65_samba.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1013.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1016.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1017.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26454"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-544-2"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-617-1"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/3869"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0064"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0859/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1712/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1908"
    },
    {
      "type": "WEB",
      "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-4572 (GCVE-0-2007-4572)

CERTA-2008-AVI-337

Description

Solution

CERTA-2007-AVI-551

Description

Solution

CERTA-2008-AVI-008

Description

Solution

CERTA-2007-AVI-502

Description

Solution

FKIE_CVE-2007-4572

GSD-2007-4572

GHSA-C889-7VH4-J454

Tags

Sightings

Nomenclature