CVE-2007-2447

NameCVE-2007-2447
DescriptionThe MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1291-2, DTSA-41-1
NVD severitymedium (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
samba (PTS)jessie (security), jessie2:4.2.14+dfsg-0+deb8u9fixed
stretch (security), stretch2:4.5.12+dfsg-2+deb9u2fixed
buster, sid2:4.8.2+dfsg-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sambasource(unstable)3.0.25-1high
sambasourceetch3.0.24-6etch2mediumDSA-1291-2
sambasourcelenny3.0.24-6+lenny3mediumDTSA-41-1
sambasourcesarge3.0.14a-3sarge6mediumDSA-1291-2

Search for package or bug name: Reporting problems