CVE-2007-2447

NameCVE-2007-2447
DescriptionThe MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1291-2, DTSA-41-1
NVD severitymedium (attack range: remote)
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
samba (PTS)squeeze (security), squeeze2:3.5.6~dfsg-3squeeze11fixed
squeeze (lts)2:3.5.6~dfsg-3squeeze12fixed
wheezy2:3.6.6-6+deb7u4fixed
wheezy (security)2:3.6.6-6+deb7u5fixed
jessie, sid2:4.1.17+dfsg-1fixed

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sambasource(unstable)3.0.25-1high
sambasourceetch3.0.24-6etch2mediumDSA-1291-2
sambasourcelenny3.0.24-6+lenny3mediumDTSA-41-1
sambasourcesarge3.0.14a-3sarge6mediumDSA-1291-2

Search for package or bug name: Reporting problems