CVE-2007-2446 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-2446
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2446

Description: Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/34312 http://xforce.iss.net/xforce/xfdb/34314 http://xforce.iss.net/xforce/xfdb/34311 http://xforce.iss.net/xforce/xfdb/34316 http://xforce.iss.net/xforce/xfdb/34309 UBUNTU http://www.ubuntu.com/usn/usn-460-1 TRUSTIX http://www.trustix.org/errata/2007/0017/ SUSE http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1 ST 1018050 SREASON http://securityreason.com/securityalert/2702 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906 SAID Secunia Advisory: SA28292 Secunia Advisory: SA27706 Secunia Advisory: SA26235 Secunia Advisory: SA26909 Secunia Advisory: SA25772 Secunia Advisory: SA25675 Secunia Advisory: SA25567 Secunia Advisory: SA25289 Secunia Advisory: SA25255 Secunia Advisory: SA25251 Secunia Advisory: SA25270 Secunia Advisory: SA25259 Secunia Advisory: SA25246 Secunia Advisory: SA25256 Secunia Advisory: SA25257 Secunia Advisory: SA25232 Secunia Advisory: SA25241 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0354.html OSVDB 34732 OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html MISC http://www.zerodayinitiative.com/advisories/ZDI-07-029.html http://www.zerodayinitiative.com/advisories/ZDI-07-030.html http://www.zerodayinitiative.com/advisories/ZDI-07-031.html http://www.zerodayinitiative.com/advisories/ZDI-07-032.html http://www.zerodayinitiative.com/advisories/ZDI-07-033.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:104 HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980 GENTOO http://security.gentoo.org/glsa/glsa-200705-15.xml FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html DEBIAN http://www.debian.org/security/2007/dsa-1291 CONFIRM http://www.samba.org/samba/security/CVE-2007-2446.html http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf http://docs.info.apple.com/article.html?artnum=306172 CERT-VN 773720 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/468680/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/468672/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/468675/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/468673/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/468674/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/468670/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/468542/100/0/threaded BID 23973 24195 24196 24198 24197 25159 APPLE http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

Return to the previous page.