CVE-2007-2444 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-2444
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2444

Description: Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-460-2 http://www.ubuntu.com/usn/usn-460-1 TRUSTIX http://www.trustix.org/errata/2007/0017/ SUSE http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1 ST 1018049 SREASON http://securityreason.com/securityalert/2701 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906 SAID Secunia Advisory: SA25675 Secunia Advisory: SA25289 Secunia Advisory: SA25255 Secunia Advisory: SA25259 Secunia Advisory: SA25270 Secunia Advisory: SA25251 Secunia Advisory: SA25232 Secunia Advisory: SA25246 Secunia Advisory: SA25256 Secunia Advisory: SA25241 Secunia Advisory: SA25772 OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:104 HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980 GENTOO http://security.gentoo.org/glsa/glsa-200705-15.xml DEBIAN http://www.debian.org/security/2007/dsa-1291 CONFIRM http://www.samba.org/samba/security/CVE-2007-2444.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/468670/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/468548/100/0/threaded BID 23974

Return to the previous page.