Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-2447
Description:The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Test IDs: 1.3.6.1.4.1.25623.1.0.59535   1.3.6.1.4.1.25623.1.0.58343   1.3.6.1.4.1.25623.1.0.59534   1.3.6.1.4.1.25623.1.0.65428   1.3.6.1.4.1.25623.1.0.122706   1.3.6.1.4.1.25623.1.0.108012   1.3.6.1.4.1.25623.1.0.108011  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-2447
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
BugTraq ID: 23972
http://www.securityfocus.com/bid/23972
BugTraq ID: 25159
http://www.securityfocus.com/bid/25159
Bugtraq: 20070513 [SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/468565/100/0/threaded
Bugtraq: 20070515 FLEA-2007-0017-1: samba (Google Search)
http://www.securityfocus.com/archive/1/468670/100/0/threaded
CERT/CC vulnerability note: VU#268336
http://www.kb.cert.org/vuls/id/268336
Debian Security Information: DSA-1291 (Google Search)
http://www.debian.org/security/2007/dsa-1291
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
http://security.gentoo.org/glsa/glsa-200705-15.xml
HPdes Security Advisory: HPSBTU02218
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
HPdes Security Advisory: HPSBUX02218
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
HPdes Security Advisory: SSRT071424
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://www.osvdb.org/34700
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062
RedHat Security Advisories: RHSA-2007:0354
http://www.redhat.com/support/errata/RHSA-2007-0354.html
http://www.securitytracker.com/id?1018051
http://secunia.com/advisories/25232
http://secunia.com/advisories/25241
http://secunia.com/advisories/25246
http://secunia.com/advisories/25251
http://secunia.com/advisories/25255
http://secunia.com/advisories/25256
http://secunia.com/advisories/25257
http://secunia.com/advisories/25259
http://secunia.com/advisories/25270
http://secunia.com/advisories/25289
http://secunia.com/advisories/25567
http://secunia.com/advisories/25675
http://secunia.com/advisories/25772
http://secunia.com/advisories/26083
http://secunia.com/advisories/26235
http://secunia.com/advisories/26909
http://secunia.com/advisories/27706
http://secunia.com/advisories/28292
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
http://securityreason.com/securityalert/2700
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
SuSE Security Announcement: SUSE-SA:2007:031 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
SuSE Security Announcement: SUSE-SR:2007:014 (Google Search)
http://www.novell.com/linux/security/advisories/2007_14_sr.html
http://www.trustix.org/errata/2007/0017/
http://www.ubuntu.com/usn/usn-460-1
http://www.vupen.com/english/advisories/2007/1805
http://www.vupen.com/english/advisories/2007/2079
http://www.vupen.com/english/advisories/2007/2210
http://www.vupen.com/english/advisories/2007/2281
http://www.vupen.com/english/advisories/2007/2732
http://www.vupen.com/english/advisories/2007/3229
http://www.vupen.com/english/advisories/2008/0050




© 1998-2024 E-Soft Inc. All rights reserved.