4.6

CVE-2007-0453

Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SambaSamba Version3.0.21
SambaSamba Version3.0.21a
SambaSamba Version3.0.21b
SambaSamba Version3.0.21c
SambaSamba Version3.0.22
SambaSamba Version3.0.23
SambaSamba Version3.0.23a
SambaSamba Version3.0.23b
SambaSamba Version3.0.23c
SambaSamba Version3.0.23d
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.72% 0.49
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/24151
http://www.trustix.org/errata/2007/0007
http://secunia.com/advisories/24101
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
http://www.securityfocus.com/archive/1/459365/100/0/threaded
http://www.vupen.com/english/advisories/2007/0483
https://issues.rpath.com/browse/RPL-1005
http://osvdb.org/33098
http://secunia.com/advisories/24043
http://securitytracker.com/id?1017589
http://us1.samba.org/samba/security/CVE-2007-0453.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://www.securityfocus.com/archive/1/459168/100/0/threaded
http://www.securityfocus.com/bid/22410
https://exchange.xforce.ibmcloud.com/vulnerabilities/32231