CVE-2007-2447
published 2007-05-14CVE-2007-2447: The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the…
PriorityP266medium6CVSS 2.0
AVNACMAuSCPIPAP
EXPLOIT
EPSS
49.76%
98.8th percentile
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Affected
42 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | samba | < samba 3.0.25-1 (bookworm) | samba 3.0.25-1 (bookworm) |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2007-2447 is exploited via shell metacharacters injected through the MS-RPC SamrChangePassword function when the 'username map script' option is enabled in smb.conf. Detect by monitoring SMB/RPC traffic on ports 139/445 for shell metacharacter sequences in username fields. ↗
- →The Metasploit module 'exploit/multi/samba/usermap_script' (disclosure date 2007-05-14) is the canonical exploit for CVE-2007-2447. Detect its use by monitoring for the module's characteristic SMB authentication attempts with shell metacharacters in the username field. ↗
- →Exploitation also covers remote authenticated users via MS-RPC functions in remote printer and file share management — not limited to unauthenticated SamrChangePassword path. ↗
- →Successful exploitation of CVE-2007-2447 against Samba 3.0.20 yields a root shell. Correlate unexpected outbound connections from the Samba process (smbd) to attacker-controlled IPs immediately after SMB authentication events. ↗
- ·CVE-2007-2447 via SamrChangePassword is only exploitable (unauthenticated path) when the 'username map script' option is explicitly enabled in smb.conf. Without this option, the unauthenticated vector does not apply, though authenticated RPC vectors (printer/file share management) remain. ↗
- ·Affected Samba versions are 3.0.0 through 3.0.25rc3. Samba 3.0.20-Debian is confirmed vulnerable and exploitable to root. ↗
CVSS provenance
nvdv2.06.0MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:P
osv6.0MEDIUM
vendor_ubuntu7.2HIGH
vendor_debian6.0HIGH
vendor_redhat6.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xxqh-84mj-whcj: The MS-RPC functionality in smbd in Samba 3
ghsa_unreviewed·2022-05-01
CVE-2007-2447 [MEDIUM] GHSA-xxqh-84mj-whcj: The MS-RPC functionality in smbd in Samba 3
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
OSV
CVE-2007-2447: The MS-RPC functionality in smbd in Samba 3
osv·2007-05-14·CVSS 6.0
CVE-2007-2447 [MEDIUM] CVE-2007-2447: The MS-RPC functionality in smbd in Samba 3
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Ubuntu
Samba vulnerabilities
vendor_ubuntu·2007-05-16·CVSS 7.2
CVE-2007-2446 [HIGH] Samba vulnerabilities
Title: Samba vulnerabilities
Summary: Samba vulnerabilities
Paul Griffith and Andrew Hogue discovered that Samba did not fully drop
root privileges while translating SIDs. A remote authenticated user
could issue SMB operations during a small window of opportunity and gain
root privileges. (CVE-2007-2444)
Brian Schafer discovered that Samba did not handle NDR parsing
correctly. A remote attacker could send specially crafted MS-RPC
requests that could overwrite heap memory and execute arbitrary code.
(CVE-2007-2446)
It was discovered that Samba did not correctly escape input parameters
for external scripts defined in smb.conf. Remote authenticated users
could send specially crafted MS-RPC requests and execute arbitrary shell
commands. (CVE-2007-2447)
Instructions: In general, a standard
Red Hat
samba code injection
vendor_redhat·2007-05-14·CVSS 6.0
CVE-2007-2447 [MEDIUM] samba code injection
samba code injection
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Debian
CVE-2007-2447: samba - The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote ...
vendor_debian·2007·CVSS 6.0
CVE-2007-2447 [MEDIUM] CVE-2007-2447: samba - The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote ...
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Scope: local
bookworm: resolved (fixed in 3.0.25-1)
bullseye: resolved (fixed in 3.0.25-1)
forky: resolved (fixed in 3.0.25-1)
sid: resolved (fixed in 3.0.25-1)
trixie: resolved (fixed in 3.0.25-1)
Red Hat
'c' character missing from shell metacharacter whitelist
vendor_redhat·CVSS 6.0
CVE-2007-4044 [MEDIUM] 'c' character missing from shell metacharacter whitelist
'c' character missing from shell metacharacter whitelist
No description is available for this CVE.
Statement: The CVE description for this bug is incorrect. The backported patch for CVE-2007-2447 missed the character c in the shell escaping whitelist of allowed characters, therefore not allowing commands with a c in them to be executed. This is therefore a regression bug and not a security vulnerability.
No detection rules found.
Exploit-DB
Samba 3.0.20 < 3.0.25rc3 - 'Username' map script' Command Execution (Metasploit)
exploitdb·2010-08-18·CVSS 6.0
CVE-2007-2447 [MEDIUM] Samba 3.0.20 < 3.0.25rc3 - 'Username' map script' Command Execution (Metasploit)
Samba 3.0.20 'Samba "username map script" Command Execution',
'Description' => %q{
This module exploits a command execution vulerability in Samba
versions 3.0.20 through 3.0.25rc3 when using the non-default
"username map script" configuration option. By specifying a username
containing shell meta characters, attackers can execute arbitrary
commands.
No authentication is needed to exploit this vulnerability since
this option is used to map usernames prior to authentication!
},
'Author' => [ 'jduck' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 10040 $',
'References' =>
[
[ 'CVE', '2007-2447' ],
[ 'OSVDB', '34700' ],
[ 'BID', '23972' ],
[ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534' ],
[ 'URL', 'http://samba.org/samba/security/CVE-2007-2447.html'
Metasploit
Samba "username map script" Command Execution
metasploit
Samba "username map script" Command Execution
Samba "username map script" Command Execution
This module exploits a command execution vulnerability in Samba versions 3.0.20 through 3.0.25rc3 when using the non-default "username map script" configuration option. By specifying a username containing shell meta characters, attackers can execute arbitrary commands. No authentication is needed to exploit this vulnerability since this option is used to map usernames prior to authentication!
arXiv
Evaluation of Reinforcement Learning for Autonomous Penetration Testing using A3C, Q-learning and DQN
arxiv_fulltext·2024-07-22
Evaluation of Reinforcement Learning for Autonomous Penetration Testing using A3C, Q-learning and DQN
Evaluation of Reinforcement Learning for Autonomous Penetration Testing using A3C, Q-learning and DQN
Norman Becker
German Research Center for Artificial Intelligence (DFKI)
Kaiserslautern
Germany
[email protected]
0009-0008-5575-1393
Daniel Reti
German Research Center for Artificial Intelligence (DFKI)
Kaiserslautern
Germany
[email protected]
0000-0001-8071-6188
Evridiki V.Ntagiou
OPS-GDA, ESA-ESOC
Darmstadt
Germany
[email protected]
0000-0003-3403-2863
Marcus Wallum
OPS-GDA, ESA-ESOC
Darmstadt
Germany
[email protected]
0009-0004-3306-856X
Hans D. Schotten
Also with Department of Electrical and Computer Engineering, Technische Universität Kaiserslautern.
German Research Center for Artificial Intelligence (DFKI)
Kaiserslautern
Germany
[email protected]
arXiv
Autosploit: A Fully Automated Framework for Evaluating the Exploitability of Security Vulnerabilities
arxiv_fulltext·2020-06-30
Autosploit: A Fully Automated Framework for Evaluating the Exploitability of Security Vulnerabilities
: A Fully Automated Framework for Evaluating
the Exploitability of Security Vulnerabilities
Noam Moscovich [1], Ron Bitton [1], Yakov Mallah [1], Masaki Inokuchi [2], Tomohiko Yagyu [2], Yuval Elovici [1] and Asaf Shabtai [1]
[1]Dept. of Software and Information Systems Engineering, Ben-Gurion University of the Negev
[2]NEC Corporation
## Abstract
The existence of a security vulnerability in a system does not necessarily mean that it can be exploited.
In this research, we introduce an automated framework for evaluating the exploitability of vulnerabilities.
Given a vulnerable environment and relevant exploits, will automatically test the exploits on different configurations of the environment in order to identify the specific properties necessary for successful exploitation of the exi
CTF
vulnlabs / metasploitable2
ctf_writeups
vulnlabs / metasploitable2
# ULTIMATE METASPLOITABLE2 HACKING WRITEUP
`Metasploitable2` `Penetration Testing` `Educational` `22 Services` `Root Access`
**By: jusot99**
**💀 Shadow Brotherhood Collective**
**Educational Purpose | Tested Commands | 22 Services Exploited**
## 🧠 MINDSET
>**They build walls. We find the cracks. They write rules. We ignore them. They sleep. We own their systems. Scan like you're curious, exploit like you're angry, persist like you're immortal. The machine should never know you were there, but should always be ready for your return.**
This isn't just another vulnerable VM this is a **time capsule of classic exploits** where every service screams "hack me!" Metasploitable2 is where legends are born, where you learn that sometimes the oldest vulnerabilities are the deadliest.
---
## 🧰
CTF
attack-paths
ctf_writeups·CVSS 6.0
[MEDIUM] attack-paths
---
layout: default
title: Attack Paths
nav_order: 8
description: "Visual attack path flowcharts for popular HTB machines - from reconnaissance to root"
permalink: /attack-paths/
---
# Attack Path Diagrams
{: .fs-9 }
Visual flowcharts mapping the complete attack chain for 30 popular Hack The Box machines, from initial reconnaissance to root/SYSTEM.
{: .fs-6 .fw-300 }
---
## How to Read These Diagrams
Each diagram traces the full exploitation path for a machine using a top-down flowchart. The color coding indicates the phase of the attack:
- **Green nodes** - Reconnaissance and enumeration
- **Orange nodes** - Initial access / foothold
- **Blue nodes** - Post-exploitation and lateral movement
- **Red nodes** - Privilege escalation
- **Purple nodes** - Root or SYSTEM achieved
Nodes in
CTF
easy / README
ctf_writeups·CVSS 6.0
[MEDIUM] easy / README
---
layout: default
title: Easy Machines
parent: Machines
nav_order: 1
description: "120+ Easy HTB machine writeups with walkthroughs"
permalink: /machines/easy/
---
# HackTheBox Easy Machines - Comprehensive Reference
> Complete catalog of retired HTB Easy machines with OS, key vulnerability, attack path summary, and quality writeup links.
**Total: 100+ Easy Machines** | Updated: April 2026
---
## Quick Navigation
- [Classic / Legacy Machines (2017-2019)](#classic--legacy-machines-2017-2019)
- [2019-2020 Machines](#2019-2020-machines)
- [2021 Machines](#2021-machines)
- [2022 Machines](#2022-machines)
- [2023 Machines](#2023-machines)
- [2024 Machines (Season 4 & 5)](#2024-machines-season-4--5)
- [2025-2026 Machines (Season 6+)](#2025-2026-machines-season-6)
---
## Classic / Legac
CTF
htb.lame
ctf_writeups
htb.lame
---
lang: "en"
classoption: oneside
code-block-font-size: \scriptsize
geometry: "a4paper"
geometry: "margin=2cm"
header-includes:
- \usepackage{float}
- \floatplacement{figure}{H}
- \usepackage{xcolor}
- \hypersetup{breaklinks=true,
bookmarks=true,
pdftitle="Lame",
pdfauthor="svachal (@7h3rAm)",
pdfsubject='Writeup for HackTheBox VM Lame',
pdfkeywords="oscp htb linux",
colorlinks=true,
linkcolor=cyan,
urlcolor=blue}
- \usepackage{fvextra}
- \DefineVerbatimEnvironment{Highlighting}{Verbatim}{breaklines,breakanywhere=true,commandchars=\\\{\}}
- \usepackage{mathtools}
---
# [[HackTheBox] Lame](https://www.hackthebox.eu/home/machines/profile/1)
**Date**: 01/Nov/2019
**Categories**: [oscp](https://github.com/7h3rAm/writeups/search?q=oscp&unscoped_q=oscp), [htb](https://github.com/7h3rAm/write
CTF
Lame / walkthrough
ctf_writeups·CVSS 6.0
[MEDIUM] Lame / walkthrough
# Lame
Linux · Easy
# Task 1:
## How many of the nmap top 1000 TCP ports are open on the remote host?
```
4
```
# Task 2:
## What version of VSFTPd is running on Lame?
```
2.3.4
```
# Task 3:
## There is a famous backdoor in VSFTPd version 2.3.4, and a Metasploit module to exploit it. Does that exploit work here?
```
no
```
# Task 4:
## What version of Samba is running on Lame? Give the numbers up to but not including "-Debian".
```
3.0.20
```
# Task 5:
## What 2007 CVE allows for remote code execution in this version of Samba via shell metacharacters involving the SamrChangePassword function when the "username map script" option is enabled in smb.conf?
```
CVE-2007-2447
```
# Task 6:
## Exploiting CVE-2007-2447 returns a shell as which user?
```
root
```
# Task 7:
## Submit the flag
CTF
cert-prep / README
ctf_writeups·CVSS 6.0
[MEDIUM] cert-prep / README
---
layout: default
title: Cert Prep
parent: Resources
nav_order: 3
description: "OSCP, CPTS, CRTO, CRTE, eWPT certification preparation with HTB"
permalink: /resources/cert-prep/
---
# Certification Preparation with HTB
Map your HTB journey to professional security certifications.
## Certification Paths
### OSCP (Offensive Security Certified Professional)
The gold standard for penetration testing. Focus on manual exploitation, no automated tools.
**Recommended Easy Machines:**
| Machine | OS | Key Skills | Writeup |
|---------|-----|-----------|----------|
| [Lame](https://0xdf.gitlab.io/2020/04/07/htb-lame.html) | Linux | Samba RCE (CVE-2007-2447) | [0xdf](https://0xdf.gitlab.io/2020/04/07/htb-lame.html) |
| [Legacy](https://0xdf.gitlab.io/2019/02/21/htb-legacy.html) | Windows | M
Bugzilla
CVE-2007-4044 'c' character missing from shell metacharacter whitelist
bugzilla·2007-08-17·CVSS 6.0
CVE-2007-4044 [MEDIUM] CVE-2007-4044 'c' character missing from shell metacharacter whitelist
CVE-2007-4044 'c' character missing from shell metacharacter whitelist
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4044
to the following vulnerability:
Incomplete blacklist vulnerability in the MS-RPC functionality in smbd in Samba 3 on SUSE Linux before 20070720 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors, due to an incomplete fix for CVE-2007-2447 that
"
missed one character in the shell escape handling.
"
References:
http://www.novell.com/linux/security/advisories/2007_14_sr.html
Discussion:
The CVE description is wrong. This does not have any security implications, it
only causes 'c' characters passed to shell to be escaped.
---
This is NOT a security problem (and not even a "bug"), we have alrea
Bugzilla
Missing character bug in latest security patches
bugzilla·2007-06-05·CVSS 6.0
CVE-2007-2447 [MEDIUM] Missing character bug in latest security patches
Missing character bug in latest security patches
+++ This bug was initially created as a clone of Bug #242744 +++
Description of problem:
Upstream was notified that the security patch for CVE-2007-2447 is missing one
character in the allowed set for the escape shell security functions
This may cause the code to reject any script that contains the 'c' character in
the path or parameters not passed in double quotes
Version-Release number of selected component (if applicable):
All RHEL products
Discussion:
patch committed
Bugzilla
Missing character bug in latest security patches
bugzilla·2007-06-05·CVSS 6.0
CVE-2007-2447 [MEDIUM] Missing character bug in latest security patches
Missing character bug in latest security patches
+++ This bug was initially created as a clone of Bug #242744 +++
Description of problem:
Upstream was notified that the security patch for CVE-2007-2447 is missing one
character in the allowed set for the escape shell security functions
This may cause the code to reject any script that contains the 'c' character in
the path or parameters not passed in double quotes
Version-Release number of selected component (if applicable):
All RHEL products
Discussion:
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release. Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for cur
Bugzilla
CVE-2007-2447 samba code injection
bugzilla·2007-05-11·CVSS 6.0
CVE-2007-2447 [MEDIUM] CVE-2007-2447 samba code injection
CVE-2007-2447 samba code injection
According to Samba:
"Unescaped user input parameters are passed as arguments to /bin/sh allowing for
remote command execution."
This could be triggered by a remote user if the server uses the non-default
"username map script" smb.conf option, or via remote file and printer management
scripts with an authenticated user.
These will affect Samba as shipped in Red Hat Enterprise Linux 2.1, 3, 4, 5.
Discussion:
Note the non-default "username map script" option only exists on Enterprise Linux 5
---
removing embargo, now public
---
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated
http://docs.info.apple.com/article.html?artnum=306172http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.htmlhttp://lists.suse.com/archive/suse-security-announce/2007-May/0006.htmlhttp://secunia.com/advisories/25232http://secunia.com/advisories/25241http://secunia.com/advisories/25246http://secunia.com/advisories/25251http://secunia.com/advisories/25255http://secunia.com/advisories/25256http://secunia.com/advisories/25257http://secunia.com/advisories/25259http://secunia.com/advisories/25270http://secunia.com/advisories/25289http://secunia.com/advisories/25567http://secunia.com/advisories/25675http://secunia.com/advisories/25772http://secunia.com/advisories/26083http://secunia.com/advisories/26235http://secunia.com/advisories/26909http://secunia.com/advisories/27706http://secunia.com/advisories/28292http://security.gentoo.org/glsa/glsa-200705-15.xmlhttp://securityreason.com/securityalert/2700http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1http://www.debian.org/security/2007/dsa-1291http://www.kb.cert.org/vuls/id/268336http://www.mandriva.com/security/advisories?name=MDKSA-2007:104http://www.novell.com/linux/security/advisories/2007_14_sr.htmlhttp://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.htmlhttp://www.osvdb.org/34700http://www.redhat.com/support/errata/RHSA-2007-0354.htmlhttp://www.samba.org/samba/security/CVE-2007-2447.htmlhttp://www.securityfocus.com/archive/1/468565/100/0/threadedhttp://www.securityfocus.com/archive/1/468670/100/0/threadedhttp://www.securityfocus.com/bid/23972http://www.securityfocus.com/bid/25159http://www.securitytracker.com/id?1018051http://www.trustix.org/errata/2007/0017/http://www.ubuntu.com/usn/usn-460-1http://www.vupen.com/english/advisories/2007/1805http://www.vupen.com/english/advisories/2007/2079http://www.vupen.com/english/advisories/2007/2210http://www.vupen.com/english/advisories/2007/2281http://www.vupen.com/english/advisories/2007/2732http://www.vupen.com/english/advisories/2007/3229http://www.vupen.com/english/advisories/2008/0050http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdfhttps://issues.rpath.com/browse/RPL-1366https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062http://docs.info.apple.com/article.html?artnum=306172http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.htmlhttp://lists.suse.com/archive/suse-security-announce/2007-May/0006.htmlhttp://secunia.com/advisories/25232http://secunia.com/advisories/25241http://secunia.com/advisories/25246http://secunia.com/advisories/25251http://secunia.com/advisories/25255http://secunia.com/advisories/25256http://secunia.com/advisories/25257http://secunia.com/advisories/25259http://secunia.com/advisories/25270http://secunia.com/advisories/25289http://secunia.com/advisories/25567http://secunia.com/advisories/25675http://secunia.com/advisories/25772http://secunia.com/advisories/26083http://secunia.com/advisories/26235http://secunia.com/advisories/26909http://secunia.com/advisories/27706http://secunia.com/advisories/28292http://security.gentoo.org/glsa/glsa-200705-15.xmlhttp://securityreason.com/securityalert/2700http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1http://www.debian.org/security/2007/dsa-1291http://www.kb.cert.org/vuls/id/268336http://www.mandriva.com/security/advisories?name=MDKSA-2007:104http://www.novell.com/linux/security/advisories/2007_14_sr.htmlhttp://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.htmlhttp://www.openwall.com/lists/oss-security/2025/10/16/2http://www.osvdb.org/34700http://www.redhat.com/support/errata/RHSA-2007-0354.htmlhttp://www.samba.org/samba/security/CVE-2007-2447.htmlhttp://www.securityfocus.com/archive/1/468565/100/0/threadedhttp://www.securityfocus.com/archive/1/468670/100/0/threadedhttp://www.securityfocus.com/bid/23972http://www.securityfocus.com/bid/25159http://www.securitytracker.com/id?1018051http://www.trustix.org/errata/2007/0017/
+ 11 more references
2007-05-14
Published