CVE - CVE-2007-2447

CVE-ID
CVE-2007-2447	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
IDEFENSE:20070514 Samba SAMR Change Password Remote Command Injection Vulnerability URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534 BUGTRAQ:20070513 [SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability URL:http://www.securityfocus.com/archive/1/468565/100/0/threaded BUGTRAQ:20070515 FLEA-2007-0017-1: samba URL:http://www.securityfocus.com/archive/1/468670/100/0/threaded FULLDISC:20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player URL:http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html CONFIRM:http://www.samba.org/samba/security/CVE-2007-2447.html CONFIRM:https://issues.rpath.com/browse/RPL-1366 CONFIRM:http://docs.info.apple.com/article.html?artnum=306172 CONFIRM:http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf APPLE:APPLE-SA-2007-07-31 URL:http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html DEBIAN:DSA-1291 URL:http://www.debian.org/security/2007/dsa-1291 GENTOO:GLSA-200705-15 URL:http://security.gentoo.org/glsa/glsa-200705-15.xml HP:HPSBUX02218 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768 HP:SSRT071424 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768 HP:HPSBTU02218 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980 MANDRIVA:MDKSA-2007:104 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:104 OPENPKG:OpenPKG-SA-2007.012 URL:http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html REDHAT:RHSA-2007:0354 URL:http://www.redhat.com/support/errata/RHSA-2007-0354.html SLACKWARE:SSA:2007-134-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906 SUNALERT:102964 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1 SUNALERT:200588 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1 SUSE:SUSE-SA:2007:031 URL:http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html SUSE:SUSE-SR:2007:014 URL:http://www.novell.com/linux/security/advisories/2007_14_sr.html TRUSTIX:2007-0017 URL:http://www.trustix.org/errata/2007/0017/ UBUNTU:USN-460-1 URL:http://www.ubuntu.com/usn/usn-460-1 CERT-VN:VU#268336 URL:http://www.kb.cert.org/vuls/id/268336 BID:23972 URL:http://www.securityfocus.com/bid/23972 BID:25159 URL:http://www.securityfocus.com/bid/25159 OVAL:oval:org.mitre.oval:def:10062 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062 VUPEN:ADV-2007-1805 URL:http://www.vupen.com/english/advisories/2007/1805 VUPEN:ADV-2007-2079 URL:http://www.vupen.com/english/advisories/2007/2079 VUPEN:ADV-2007-2210 URL:http://www.vupen.com/english/advisories/2007/2210 VUPEN:ADV-2007-2281 URL:http://www.vupen.com/english/advisories/2007/2281 VUPEN:ADV-2007-2732 URL:http://www.vupen.com/english/advisories/2007/2732 VUPEN:ADV-2007-3229 URL:http://www.vupen.com/english/advisories/2007/3229 VUPEN:ADV-2008-0050 URL:http://www.vupen.com/english/advisories/2008/0050 OSVDB:34700 URL:http://www.osvdb.org/34700 SECTRACK:1018051 URL:http://www.securitytracker.com/id?1018051 SECUNIA:25241 URL:http://secunia.com/advisories/25241 SECUNIA:25246 URL:http://secunia.com/advisories/25246 SECUNIA:25256 URL:http://secunia.com/advisories/25256 SECUNIA:25257 URL:http://secunia.com/advisories/25257 SECUNIA:25232 URL:http://secunia.com/advisories/25232 SECUNIA:25251 URL:http://secunia.com/advisories/25251 SECUNIA:25270 URL:http://secunia.com/advisories/25270 SECUNIA:25259 URL:http://secunia.com/advisories/25259 SECUNIA:25255 URL:http://secunia.com/advisories/25255 SECUNIA:25289 URL:http://secunia.com/advisories/25289 SECUNIA:25567 URL:http://secunia.com/advisories/25567 SECUNIA:25675 URL:http://secunia.com/advisories/25675 SECUNIA:25772 URL:http://secunia.com/advisories/25772 SECUNIA:26083 URL:http://secunia.com/advisories/26083 SECUNIA:26235 URL:http://secunia.com/advisories/26235 SECUNIA:26909 URL:http://secunia.com/advisories/26909 SECUNIA:27706 URL:http://secunia.com/advisories/27706 SECUNIA:28292 URL:http://secunia.com/advisories/28292 SREASON:2700 URL:http://securityreason.com/securityalert/2700
Assigning CNA
N/A
Date Entry Created
20070502	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070502)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org