cvelistv5 - cve-2007-4572

CVE-2007-4572 (GCVE-0-2007-4572)

Vulnerability from cvelistv5 – Published: 2007-11-16 18:00 – Updated: 2024-08-07 15:01

Summary

Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.ubuntu.com/usn/usn-544-2	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/27691	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-10…	vendor-advisoryx_refsource_REDHAT
	https://usn.ubuntu.com/544-1/	vendor-advisoryx_refsource_UBUNTU
	http://www.vupen.com/english/advisories/2007/4238	vdb-entryx_refsource_VUPEN
	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	third-party-advisoryx_refsource_CERT
	http://secunia.com/advisories/30835	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29341	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1018954	vdb-entryx_refsource_SECTRACK
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://marc.info/?l=bugtraq&m=120524782005154&w=2	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/28136	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/30736	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/3869	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/27679	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/27682	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/27701	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-10…	vendor-advisoryx_refsource_REDHAT
	http://www.vupen.com/english/advisories/2008/1908	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/27720	third-party-advisoryx_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=120524782005154&w=2	vendor-advisoryx_refsource_HP
	http://www11.itrc.hp.com/service/cki/docDisplay.d…	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/30484	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/485936/100…	mailing-listx_refsource_BUGTRAQ
	http://www.debian.org/security/2007/dsa-1409	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/27450	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/27731	third-party-advisoryx_refsource_SECUNIA
	http://lists.vmware.com/pipermail/security-announ…	mailing-listx_refsource_MLIST
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www11.itrc.hp.com/service/cki/docDisplay.d…	vendor-advisoryx_refsource_HP
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/27787	third-party-advisoryx_refsource_SECUNIA
	http://docs.info.apple.com/article.html?artnum=307179	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/28368	third-party-advisoryx_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-1894	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/26454	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20071…	vendor-advisoryx_refsource_GENTOO
	http://www.ubuntu.com/usn/usn-617-1	vendor-advisoryx_refsource_UBUNTU
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/27927	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/1712…	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2008/0859…	vdb-entryx_refsource_VUPEN
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
	http://us1.samba.org/samba/security/CVE-2007-4572.html	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2007-10…	vendor-advisoryx_refsource_REDHAT
	http://www.vupen.com/english/advisories/2008/0064	vdb-entryx_refsource_VUPEN
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://www.securityfocus.com/archive/1/486859/100…	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

URL	Tags
secalert@redhat.com	http://docs.info.apple.com/article.html?artnum=307179
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
secalert@redhat.com	http://lists.vmware.com/pipermail/security-announce/2008/000002.html
secalert@redhat.com	http://marc.info/?l=bugtraq&m=120524782005154&w=2
secalert@redhat.com	http://secunia.com/advisories/27450	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27679	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27682	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27691	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27701	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27720	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27731	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27787	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27927	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28136	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28368	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29341
secalert@redhat.com	http://secunia.com/advisories/30484
secalert@redhat.com	http://secunia.com/advisories/30736
secalert@redhat.com	http://secunia.com/advisories/30835
secalert@redhat.com	http://securitytracker.com/id?1018954
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1
secalert@redhat.com	http://us1.samba.org/samba/security/CVE-2007-4572.html	Patch
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1409
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:224
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_65_samba.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-1013.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-1016.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-1017.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/485936/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/486859/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/26454
secalert@redhat.com	http://www.ubuntu.com/usn/usn-544-2
secalert@redhat.com	http://www.ubuntu.com/usn/usn-617-1
secalert@redhat.com	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
secalert@redhat.com	http://www.vmware.com/security/advisories/VMSA-2008-0001.html
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/3869
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/4238
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0064
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0859/references
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/1712/references
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/1908
secalert@redhat.com	http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/38501
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1894
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643
secalert@redhat.com	https://usn.ubuntu.com/544-1/
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307179
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2008/000002.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120524782005154&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27450	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27679	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27682	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27691	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27701	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27720	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27731	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27787	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27927	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28136	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28368	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29341
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30484
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30736
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30835
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018954
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1
af854a3a-2127-422b-91ae-364da2661108	http://us1.samba.org/samba/security/CVE-2007-4572.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1409
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:224
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_65_samba.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1013.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1016.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1017.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/485936/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/486859/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26454
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-544-2
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-617-1
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2008-0001.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3869
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4238
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0064
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0859/references
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1712/references
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1908
af854a3a-2127-422b-91ae-364da2661108	http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38501
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1894
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/544-1/
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html

Vendor	Product	Version
samba	samba	3.0.0
samba	samba	3.0.1
samba	samba	3.0.2
samba	samba	3.0.2a
samba	samba	3.0.3
samba	samba	3.0.4
samba	samba	3.0.4
samba	samba	3.0.5
samba	samba	3.0.6
samba	samba	3.0.7
samba	samba	3.0.8
samba	samba	3.0.9
samba	samba	3.0.10
samba	samba	3.0.11
samba	samba	3.0.12
samba	samba	3.0.13
samba	samba	3.0.14
samba	samba	3.0.14a
samba	samba	3.0.15
samba	samba	3.0.16
samba	samba	3.0.17
samba	samba	3.0.18
samba	samba	3.0.19
samba	samba	3.0.20
samba	samba	3.0.20a
samba	samba	3.0.20b
samba	samba	3.0.21
samba	samba	3.0.21a
samba	samba	3.0.21b
samba	samba	3.0.21c
samba	samba	3.0.22
samba	samba	3.0.23
samba	samba	3.0.23a
samba	samba	3.0.23b
samba	samba	3.0.23c
samba	samba	3.0.23d
samba	samba	3.0.24
samba	samba	3.0.25
samba	samba	3.0.25
samba	samba	3.0.25
samba	samba	3.0.25
samba	samba	3.0.25
samba	samba	3.0.25
samba	samba	3.0.25a
samba	samba	3.0.25b
samba	samba	3.0.25c
samba	samba	3.0.26
samba	samba	3.0.26a

	Vendor	Product	Description
	Apple	N/A	Mac OS X version 10.5.1 et antérieures.
	Apple	N/A	Mac OS X version 10.4.11 et antérieures ;

Vendor	Product	Description
VMware	N/A	VirtualCenter Management Server 2.
VMware	N/A	VMWare ESX Server 2.0.x ;
VMware	N/A	VMWare ESX Server 3.0.x ;

Vendor	Product	Description
N/A	N/A	CIFS Server versions vA.02.03.x antérieures à vA.02.03.04.
N/A	N/A	CIFS Server versions vA.02.02.x ;
N/A	N/A	CIFS Server versions vA.02.01.x ;

Action not permitted

CVE-2007-4572 (GCVE-0-2007-4572)

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Tags

Sightings

Nomenclature