6
CVE-2007-2447
- EPSS 49.76%
- Veröffentlicht 14.05.2007 21:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:37
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 49.76% | 0.987 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6 | 6.8 | 6.4 |
AV:N/AC:M/Au:S/C:P/I:P/A:P
|
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
http://secunia.com/advisories/26909
http://secunia.com/advisories/27706
http://www.vupen.com/english/advisories/2007/3229
http://docs.info.apple.com/article.html?artnum=306172
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://secunia.com/advisories/26235
http://www.securityfocus.com/bid/25159
http://www.vupen.com/english/advisories/2007/2732
http://secunia.com/advisories/26083
http://www.novell.com/linux/security/advisories/2007_14_sr.html
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://secunia.com/advisories/25255
http://www.trustix.org/errata/2007/0017/
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
http://secunia.com/advisories/25232
http://secunia.com/advisories/25241
http://secunia.com/advisories/25246
http://secunia.com/advisories/25251
http://secunia.com/advisories/25256
http://secunia.com/advisories/25259
http://secunia.com/advisories/25270
http://secunia.com/advisories/25289
http://secunia.com/advisories/25675
http://secunia.com/advisories/25772
http://security.gentoo.org/glsa/glsa-200705-15.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
http://www.debian.org/security/2007/dsa-1291
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
http://www.securityfocus.com/archive/1/468670/100/0/threaded
http://www.ubuntu.com/usn/usn-460-1
http://www.vupen.com/english/advisories/2007/1805
http://www.vupen.com/english/advisories/2007/2210
http://www.vupen.com/english/advisories/2007/2281
https://issues.rpath.com/browse/RPL-1366
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
http://secunia.com/advisories/25257
http://secunia.com/advisories/25567
http://secunia.com/advisories/28292
http://www.redhat.com/support/errata/RHSA-2007-0354.html
http://www.vupen.com/english/advisories/2007/2079
http://www.vupen.com/english/advisories/2008/0050
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534
http://securityreason.com/securityalert/2700
http://www.kb.cert.org/vuls/id/268336
http://www.osvdb.org/34700
http://www.samba.org/samba/security/CVE-2007-2447.html
http://www.securityfocus.com/archive/1/468565/100/0/threaded
http://www.securityfocus.com/bid/23972
http://www.securitytracker.com/id?1018051
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062
http://www.openwall.com/lists/oss-security/2025/10/16/2