CVE-2007-4138

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.samba.org/samba/security/CVE-2007-4138.html", "name": "http://www.samba.org/samba/security/CVE-2007-4138.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/25636", "name": "25636", "tags": ["Patch"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/26764", "name": "26764", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "https://issues.rpath.com/browse/RPL-1705", "name": "https://issues.rpath.com/browse/RPL-1705", "tags": [], "refsource": "CONFIRM"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00201.html", "name": "FEDORA-2007-2145", "tags": [], "refsource": "FEDORA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-1016.html", "name": "RHSA-2007:1016", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-1017.html", "name": "RHSA-2007:1017", "tags": [], "refsource": "REDHAT"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.419439", "name": "SSA:2007-255-02", "tags": [], "refsource": "SLACKWARE"}, {"url": "http://www.securitytracker.com/id?1018681", "name": "1018681", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/26776", "name": "26776", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26795", "name": "26795", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26834", "name": "26834", "tags": [], "refsource": "SECUNIA"}, {"url": "http://securityreason.com/securityalert/3135", "name": "3135", "tags": [], "refsource": "SREASON"}, {"url": "http://docs.info.apple.com/article.html?artnum=307179", "name": "http://docs.info.apple.com/article.html?artnum=307179", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html", "name": "TA07-352A", "tags": ["US Government Resource"], "refsource": "CERT"}, {"url": "http://www.vupen.com/english/advisories/2007/3120", "name": "ADV-2007-3120", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36560", "name": "samba-smb-privilege-escalation(36560)", "tags": [], "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10375", "name": "oval:org.mitre.oval:def:10375", "tags": [], "refsource": "OVAL"}, {"url": "http://www.securityfocus.com/archive/1/479078/100/0/threaded", "name": "20070911 [SECURITY] Winbind's rfc2307 & SFU nss_info plugin in Samba 3.0.25[a-c] assigns users a primary gid of 0 by default", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the \"winbind nss info\" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not defined."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-4138", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "MEDIUM", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-09-14T01:17Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.25c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-15T21:33Z"}