CVE-2007-0453

Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://us1.samba.org/samba/security/CVE-2007-0453.html
https://issues.rpath.com/browse/RPL-1005
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
http://www.trustix.org/errata/2007/0007
http://www.securityfocus.com/bid/22410
http://securitytracker.com/id?1017589
http://secunia.com/advisories/24043
http://secunia.com/advisories/24101
http://secunia.com/advisories/24151
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://osvdb.org/33098
http://www.vupen.com/english/advisories/2007/0483
https://exchange.xforce.ibmcloud.com/vulnerabilities/32231
http://www.securityfocus.com/archive/1/459365/100/0/threaded
http://www.securityfocus.com/archive/1/459168/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:samba:samba:3.0.23a:::::::*
	cpe:2.3:a:samba:samba:3.0.23b:::::::*
	cpe:2.3:a:samba:samba:3.0.23c:::::::*
	cpe:2.3:a:samba:samba:3.0.22:::::::*
	cpe:2.3:a:samba:samba:3.0.23:::::::*
	cpe:2.3:a:samba:samba:3.0.21:::::::*
	cpe:2.3:a:samba:samba:3.0.21a:::::::*
	cpe:2.3:a:samba:samba:3.0.23d:::::::*
	cpe:2.3:a:samba:samba:3.0.21b:::::::*
	cpe:2.3:a:samba:samba:3.0.21c:::::::*

Information

Published : 2007-02-05 18:28

Updated : 2018-10-16 09:32

NVD link : CVE-2007-0453

Mitre link : CVE-2007-0453

JSON object : View

CWE

NVD-CWE-Other

Products Affected

samba

samba

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://us1.samba.org/samba/security/CVE-2007-0453.html", "name": "http://us1.samba.org/samba/security/CVE-2007-0453.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://issues.rpath.com/browse/RPL-1005", "name": "https://issues.rpath.com/browse/RPL-1005", "tags": [], "refsource": "CONFIRM"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916", "name": "SSA:2007-038-01", "tags": [], "refsource": "SLACKWARE"}, {"url": "http://www.trustix.org/errata/2007/0007", "name": "2007-0007", "tags": [], "refsource": "TRUSTIX"}, {"url": "http://www.securityfocus.com/bid/22410", "name": "22410", "tags": [], "refsource": "BID"}, {"url": "http://securitytracker.com/id?1017589", "name": "1017589", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/24043", "name": "24043", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24101", "name": "24101", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24151", "name": "24151", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html", "name": "OpenPKG-SA-2007.012", "tags": [], "refsource": "OPENPKG"}, {"url": "http://osvdb.org/33098", "name": "33098", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2007/0483", "name": "ADV-2007-0483", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32231", "name": "samba-winbind-bo(32231)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/459365/100/0/threaded", "name": "20070207 rPSA-2007-0026-1 samba samba-swat", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/459168/100/0/threaded", "name": "20070205 [SAMBA-SECURITY] CVE-2007-0453: Buffer overrun in nss_winbind.so.1 on Solaris", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-0453", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2007-02-06T02:28Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-16T16:32Z"}

4.6 /10