PRIOn knowledge basePRION:CVE-2007-2447Code injection
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the “username map script” smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
References
docs.info.apple.com/article.html?artnum=306172
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
labs.idefense.com/intelligence/vulnerabilities/display.php?id=534
lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
lists.suse.com/archive/suse-security-announce/2007-May/0006.html
secunia.com/advisories/25232
secunia.com/advisories/25241
secunia.com/advisories/25246
secunia.com/advisories/25251
secunia.com/advisories/25255
secunia.com/advisories/25256
secunia.com/advisories/25257
secunia.com/advisories/25259
secunia.com/advisories/25270
secunia.com/advisories/25289
secunia.com/advisories/25567
secunia.com/advisories/25675
secunia.com/advisories/25772
secunia.com/advisories/26083
secunia.com/advisories/26235
secunia.com/advisories/26909
secunia.com/advisories/27706
secunia.com/advisories/28292
security.gentoo.org/glsa/glsa-200705-15.xml
securityreason.com/securityalert/2700
slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
www.debian.org/security/2007/dsa-1291
www.kb.cert.org/vuls/id/268336
www.mandriva.com/security/advisories?name=MDKSA-2007:104
www.novell.com/linux/security/advisories/2007_14_sr.html
www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
www.osvdb.org/34700
www.redhat.com/support/errata/RHSA-2007-0354.html
www.securityfocus.com/archive/1/468565/100/0/threaded
www.securityfocus.com/archive/1/468670/100/0/threaded
www.securityfocus.com/bid/23972
www.securityfocus.com/bid/25159
www.securitytracker.com/id?1018051
www.trustix.org/errata/2007/0017/
www.ubuntu.com/usn/usn-460-1
www.vupen.com/english/advisories/2007/1805
www.vupen.com/english/advisories/2007/2079
www.vupen.com/english/advisories/2007/2210
www.vupen.com/english/advisories/2007/2281
www.vupen.com/english/advisories/2007/2732
www.vupen.com/english/advisories/2007/3229
www.vupen.com/english/advisories/2008/0050
www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf
issues.rpath.com/browse/RPL-1366
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062
www.samba.org/samba/security/CVE-2007-2447.html
Related
