Russian Vulnerability Scanner Database

Back to List

CVE-2007-2446

Scores

EPSS

0.777medium77.7%
0%20%40%60%80%100%

Percentile: 77.7%

CVSS

10.0critical2.0
0246810

CVSS Score: 10.0/10

All CVSS Scores

CVSS 2.0
10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Description

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

debiannvdredhat

CWEs

CWE-119

Related Vulnerabilities

BDU:2015-06505BDU:2015-06510BDU:2015-06515BDU:2015-06523BDU:2015-09575

Exploits

Exploit ID: 16329

Source: exploitdb

URL: https://www.exploit-db.com/exploits/16329

Exploit ID: 16859

Source: exploitdb

URL: https://www.exploit-db.com/exploits/16859

Exploit ID: 16875

Source: exploitdb

URL: https://www.exploit-db.com/exploits/16875

Exploit ID: 9950

Source: exploitdb

URL: https://www.exploit-db.com/exploits/9950

Vulnerable Software (6)

Type: Configuration

Product: samba

Operating System: rhel 2.1

Trait: 
{  "fixed": "2.2.12-1.21as.6"}

Source: redhat

Type: Configuration

Product: samba

Operating System: rhel 3

Trait: 
{  "fixed": "3.0.9-1.3E.13.2"}

Source: redhat

Type: Configuration

Product: samba

Operating System: rhel 4

Trait: 
{  "fixed": "3.0.10-1.4E.12.2"}

Source: redhat

Type: Configuration

Product: samba

Operating System: rhel 5

Trait: 
{  "fixed": "3.0.23c-2.el5.2.0.2"}

Source: redhat

Type: Configuration

Product: samba

Operating System: debian

Trait: 
{  "fixed": "3.0.25-1"}

Source: debian

Type: Configuration

Vendor: samba

Product: samba

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*",      "vuln...

Source: nvd