CVE-2007-2447

NameCVE-2007-2447
DescriptionThe MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, web search, more)
ReferencesDSA-1291-2, DTSA-41-1
NVD severitymedium (attack range: remote)
Debian/oldoldstablenot vulnerable.
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
samba (PTS)squeeze, squeeze (security)2:3.5.6~dfsg-3squeeze11fixed
squeeze (lts)2:3.5.6~dfsg-3squeeze13fixed
wheezy2:3.6.6-6+deb7u5fixed
wheezy (security)2:3.6.6-6+deb7u6fixed
jessie (security), jessie2:4.1.17+dfsg-2+deb8u1fixed
stretch2:4.1.17+dfsg-4fixed
sid2:4.3.3+dfsg-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sambasource(unstable)3.0.25-1high
sambasourceetch3.0.24-6etch2mediumDSA-1291-2
sambasourcelenny3.0.24-6+lenny3mediumDTSA-41-1
sambasourcesarge3.0.14a-3sarge6mediumDSA-1291-2

Search for package or bug name: Reporting problems