CVE - CVE-2007-4572

CVE-ID
CVE-2007-4572	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1018954 URL:http://securitytracker.com/id?1018954 MISC:20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages URL:http://www.securityfocus.com/archive/1/485936/100/0/threaded MISC:20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages URL:http://www.securityfocus.com/archive/1/486859/100/0/threaded MISC:237764 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1~~ (Obsolete source) MISC:26454 URL:http://www.securityfocus.com/bid/26454 MISC:27450 URL:http://secunia.com/advisories/27450 MISC:27679 URL:http://secunia.com/advisories/27679 MISC:27682 URL:http://secunia.com/advisories/27682 MISC:27691 URL:http://secunia.com/advisories/27691 MISC:27701 URL:http://secunia.com/advisories/27701 MISC:27720 URL:http://secunia.com/advisories/27720 MISC:27731 URL:http://secunia.com/advisories/27731 MISC:27787 URL:http://secunia.com/advisories/27787 MISC:27927 URL:http://secunia.com/advisories/27927 MISC:28136 URL:http://secunia.com/advisories/28136 MISC:28368 URL:http://secunia.com/advisories/28368 MISC:29341 URL:http://secunia.com/advisories/29341 MISC:30484 URL:http://secunia.com/advisories/30484 MISC:30736 URL:http://secunia.com/advisories/30736 MISC:30835 URL:http://secunia.com/advisories/30835 MISC:ADV-2007-3869 URL:~~http://www.vupen.com/english/advisories/2007/3869~~ (Obsolete source) MISC:ADV-2007-4238 URL:~~http://www.vupen.com/english/advisories/2007/4238~~ (Obsolete source) MISC:ADV-2008-0064 URL:~~http://www.vupen.com/english/advisories/2008/0064~~ (Obsolete source) MISC:ADV-2008-0859 URL:~~http://www.vupen.com/english/advisories/2008/0859/references~~ (Obsolete source) MISC:ADV-2008-1712 URL:~~http://www.vupen.com/english/advisories/2008/1712/references~~ (Obsolete source) MISC:ADV-2008-1908 URL:~~http://www.vupen.com/english/advisories/2008/1908~~ (Obsolete source) MISC:APPLE-SA-2007-12-17 URL:http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html MISC:DSA-1409 URL:http://www.debian.org/security/2007/dsa-1409 MISC:FEDORA-2007-3402 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html MISC:GLSA-200711-29 URL:http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml MISC:HPSBUX02316 URL:http://marc.info/?l=bugtraq&m=120524782005154&w=2 MISC:HPSBUX02341 URL:http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657 MISC:MDKSA-2007:224 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:224~~ (Obsolete source) MISC:RHSA-2007:1013 URL:http://www.redhat.com/support/errata/RHSA-2007-1013.html MISC:RHSA-2007:1016 URL:http://www.redhat.com/support/errata/RHSA-2007-1016.html MISC:RHSA-2007:1017 URL:http://www.redhat.com/support/errata/RHSA-2007-1017.html MISC:SSA:2007-320-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739 MISC:SSRT071495 URL:http://marc.info/?l=bugtraq&m=120524782005154&w=2 MISC:SSRT080075 URL:http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657 MISC:SUSE-SA:2007:065 URL:http://www.novell.com/linux/security/advisories/2007_65_samba.html MISC:TA07-352A URL:http://www.us-cert.gov/cas/techalerts/TA07-352A.html MISC:USN-544-1 URL:https://usn.ubuntu.com/544-1/ MISC:USN-544-2 URL:http://www.ubuntu.com/usn/usn-544-2 MISC:USN-617-1 URL:http://www.ubuntu.com/usn/usn-617-1 MISC:[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages URL:http://lists.vmware.com/pipermail/security-announce/2008/000002.html MISC:http://docs.info.apple.com/article.html?artnum=307179 URL:http://docs.info.apple.com/article.html?artnum=307179 MISC:http://us1.samba.org/samba/security/CVE-2007-4572.html URL:http://us1.samba.org/samba/security/CVE-2007-4572.html MISC:http://www.vmware.com/security/advisories/VMSA-2008-0001.html URL:http://www.vmware.com/security/advisories/VMSA-2008-0001.html MISC:https://issues.rpath.com/browse/RPL-1894 URL:https://issues.rpath.com/browse/RPL-1894 MISC:oval:org.mitre.oval:def:11132 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132 MISC:oval:org.mitre.oval:def:5643 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643 MISC:samba-nmbd-bo(38501) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38501
Assigning CNA
Red Hat, Inc.
Date Record Created
20070828	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070828)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)