CVE - CVE-2007-2444

CVE-ID
CVE-2007-2444	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1018049 URL:http://www.securitytracker.com/id?1018049 MISC:102964 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1~~ (Obsolete source) MISC:200588 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1~~ (Obsolete source) MISC:2007-0017 URL:~~http://www.trustix.org/errata/2007/0017/~~ (Obsolete source - check if archived by the Wayback Machine) MISC:20070513 [SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation URL:http://www.securityfocus.com/archive/1/468548/100/0/threaded MISC:20070515 FLEA-2007-0017-1: samba URL:http://www.securityfocus.com/archive/1/468670/100/0/threaded MISC:23974 URL:http://www.securityfocus.com/bid/23974 MISC:25232 URL:http://secunia.com/advisories/25232 MISC:25241 URL:http://secunia.com/advisories/25241 MISC:25246 URL:http://secunia.com/advisories/25246 MISC:25251 URL:http://secunia.com/advisories/25251 MISC:25255 URL:http://secunia.com/advisories/25255 MISC:25256 URL:http://secunia.com/advisories/25256 MISC:25259 URL:http://secunia.com/advisories/25259 MISC:25270 URL:http://secunia.com/advisories/25270 MISC:25289 URL:http://secunia.com/advisories/25289 MISC:25675 URL:http://secunia.com/advisories/25675 MISC:25772 URL:http://secunia.com/advisories/25772 MISC:2701 URL:http://securityreason.com/securityalert/2701 MISC:34698 URL:~~http://osvdb.org/34698~~ (Obsolete source) MISC:ADV-2007-1805 URL:~~http://www.vupen.com/english/advisories/2007/1805~~ (Obsolete source) MISC:ADV-2007-2210 URL:~~http://www.vupen.com/english/advisories/2007/2210~~ (Obsolete source) MISC:ADV-2007-2281 URL:~~http://www.vupen.com/english/advisories/2007/2281~~ (Obsolete source) MISC:DSA-1291 URL:http://www.debian.org/security/2007/dsa-1291 MISC:GLSA-200705-15 URL:http://security.gentoo.org/glsa/glsa-200705-15.xml MISC:HPSBTU02218 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980 MISC:MDKSA-2007:104 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:104~~ (Obsolete source) MISC:OpenPKG-SA-2007.012 URL:http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html MISC:SSA:2007-134-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906 MISC:SSRT071424 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980 MISC:SUSE-SA:2007:031 URL:http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html MISC:USN-460-1 URL:http://www.ubuntu.com/usn/usn-460-1 MISC:USN-460-2 URL:http://www.ubuntu.com/usn/usn-460-2 MISC:http://www.samba.org/samba/security/CVE-2007-2444.html URL:http://www.samba.org/samba/security/CVE-2007-2444.html MISC:https://issues.rpath.com/browse/RPL-1366 URL:https://issues.rpath.com/browse/RPL-1366
Assigning CNA
Red Hat, Inc.
Date Record Created
20070502	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070502)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)