CVE-2007-0454
published 2007-02-06CVE-2007-0454: Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
6.41%
92.8th percentile
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.
Affected
29 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | samba | < samba 3.0.23d-5 (bookworm) | samba 3.0.23d-5 (bookworm) |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux_corporate_server | — | — |
| mandrakesoft | mandrake_linux_corporate_server | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5MEDIUM
vendor_redhat7.5HIGH
vendor_ubuntu6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Samba vulnerabilities
vendor_ubuntu·2007-02-06·CVSS 6.8
CVE-2007-0452 [MEDIUM] Samba vulnerabilities
Title: Samba vulnerabilities
Summary: Samba vulnerabilities
A flaw was discovered in Samba's file opening code, which in certain
situations could lead to an endless loop, resulting in a denial of
service. (CVE-2007-0452)
A format string overflow was discovered in Samba's ACL handling on AFS
shares. Remote users with access to an AFS share could create crafted
filenames and execute arbitrary code with root privileges.
(CVE-2007-0454)
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Debian
CVE-2007-0454: samba - Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3...
vendor_debian·2007·CVSS 7.5
CVE-2007-0454 [HIGH] CVE-2007-0454: samba - Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3...
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.
Scope: local
bookworm: resolved (fixed in 3.0.23d-5)
bullseye: resolved (fixed in 3.0.23d-5)
forky: resolved (fixed in 3.0.23d-5)
sid: resolved (fixed in 3.0.23d-5)
trixie: resolved (fixed in 3.0.23d-5)
Red Hat
CVE-2007-0454: Format string vulnerability in the afsacl
vendor_redhat·CVSS 7.5
CVE-2007-0454 [HIGH] CVE-2007-0454: Format string vulnerability in the afsacl
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.
Statement: Not vulnerable. These issues affect the AFS ACL module which is not distributed with Samba in Red Hat Enterprise Linux 2.1, 3, 4, or 5.
GHSA
GHSA-mq9f-755p-rg7c: Format string vulnerability in the afsacl
ghsa_unreviewed·2022-05-01
CVE-2007-0454 [HIGH] CWE-134 GHSA-mq9f-755p-rg7c: Format string vulnerability in the afsacl
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.
OSV
CVE-2007-0454: Format string vulnerability in the afsacl
osv·2007-02-06·CVSS 7.5
CVE-2007-0454 [HIGH] CVE-2007-0454: Format string vulnerability in the afsacl
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/33101http://secunia.com/advisories/24021http://secunia.com/advisories/24046http://secunia.com/advisories/24060http://secunia.com/advisories/24067http://secunia.com/advisories/24101http://secunia.com/advisories/24145http://secunia.com/advisories/24151http://securitytracker.com/id?1017588http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916http://us1.samba.org/samba/security/CVE-2007-0454.htmlhttp://www.debian.org/security/2007/dsa-1257http://www.gentoo.org/security/en/glsa/glsa-200702-01.xmlhttp://www.kb.cert.org/vuls/id/649732http://www.mandriva.com/security/advisories?name=MDKSA-2007:034http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.htmlhttp://www.securityfocus.com/archive/1/459179/100/0/threadedhttp://www.securityfocus.com/archive/1/459365/100/0/threadedhttp://www.securityfocus.com/bid/22403http://www.trustix.org/errata/2007/0007http://www.ubuntu.com/usn/usn-419-1http://www.vupen.com/english/advisories/2007/0483https://exchange.xforce.ibmcloud.com/vulnerabilities/32304https://issues.rpath.com/browse/RPL-1005http://osvdb.org/33101http://secunia.com/advisories/24021http://secunia.com/advisories/24046http://secunia.com/advisories/24060http://secunia.com/advisories/24067http://secunia.com/advisories/24101http://secunia.com/advisories/24145http://secunia.com/advisories/24151http://securitytracker.com/id?1017588http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916http://us1.samba.org/samba/security/CVE-2007-0454.htmlhttp://www.debian.org/security/2007/dsa-1257http://www.gentoo.org/security/en/glsa/glsa-200702-01.xmlhttp://www.kb.cert.org/vuls/id/649732http://www.mandriva.com/security/advisories?name=MDKSA-2007:034http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.htmlhttp://www.securityfocus.com/archive/1/459179/100/0/threadedhttp://www.securityfocus.com/archive/1/459365/100/0/threadedhttp://www.securityfocus.com/bid/22403http://www.trustix.org/errata/2007/0007http://www.ubuntu.com/usn/usn-419-1http://www.vupen.com/english/advisories/2007/0483https://exchange.xforce.ibmcloud.com/vulnerabilities/32304https://issues.rpath.com/browse/RPL-1005
2007-02-06
Published