CVE-2007-0453

Published Feb 6, 2007

Last updated 6 years ago

CVSS info 4.6

Overview

Description: Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Vendor comments

Red HatNot vulnerable. These issues did not affect Linux versions of Samba.

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B918306-8743-404D-A035-CC3997ADCC3C"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43684906-D3AA-40FB-A75D-ED65C1DC9BB4"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62E39538-4811-49DB-97CF-1F018C58BAE4"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C85D69FE-AF43-4B0E-A7A9-2D2C16426180"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86347948-C08F-4F02-89A0-4F4A55CD4BA7"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A908DA9D-A8BD-46BA-A71F-BFDEC0A1341E"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CA7905C-51A0-4A56-A6A5-330288613055"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AE85033-0658-4D60-8C7A-6E2BD63AFDCF"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4600AAA4-834D-4F63-8E9A-88CB555C029E"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54FE8D2E-AF0D-4C84-A5BC-2CE6759B534C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References