NVD

CVE-2007-2446 Detail

Modified

This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.

Current Description

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).

View Analysis Description

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: 10.0 HIGH

Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink	Resource
http://docs.info.apple.com/article.html?artnum=306172
http://docs.info.apple.com/article.html?artnum=306172
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
http://osvdb.org/34699
http://osvdb.org/34699
http://osvdb.org/34731
http://osvdb.org/34731
http://osvdb.org/34733
http://osvdb.org/34733
http://secunia.com/advisories/25232	Vendor Advisory
http://secunia.com/advisories/25232	Vendor Advisory
http://secunia.com/advisories/25241	Vendor Advisory
http://secunia.com/advisories/25241	Vendor Advisory
http://secunia.com/advisories/25246	Vendor Advisory
http://secunia.com/advisories/25246	Vendor Advisory
http://secunia.com/advisories/25251	Vendor Advisory
http://secunia.com/advisories/25251	Vendor Advisory
http://secunia.com/advisories/25255	Vendor Advisory
http://secunia.com/advisories/25255	Vendor Advisory
http://secunia.com/advisories/25256	Vendor Advisory
http://secunia.com/advisories/25256	Vendor Advisory
http://secunia.com/advisories/25257	Vendor Advisory
http://secunia.com/advisories/25257	Vendor Advisory
http://secunia.com/advisories/25259	Vendor Advisory
http://secunia.com/advisories/25259	Vendor Advisory
http://secunia.com/advisories/25270	Vendor Advisory
http://secunia.com/advisories/25270	Vendor Advisory
http://secunia.com/advisories/25289
http://secunia.com/advisories/25289
http://secunia.com/advisories/25391/
http://secunia.com/advisories/25391/
http://secunia.com/advisories/25567
http://secunia.com/advisories/25567
http://secunia.com/advisories/25675
http://secunia.com/advisories/25675
http://secunia.com/advisories/25772
http://secunia.com/advisories/25772
http://secunia.com/advisories/26235
http://secunia.com/advisories/26235
http://secunia.com/advisories/26909
http://secunia.com/advisories/26909
http://secunia.com/advisories/27706
http://secunia.com/advisories/27706
http://secunia.com/advisories/28292
http://secunia.com/advisories/28292
http://security.gentoo.org/glsa/glsa-200705-15.xml
http://security.gentoo.org/glsa/glsa-200705-15.xml
http://securityreason.com/securityalert/2702
http://securityreason.com/securityalert/2702
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
http://www.debian.org/security/2007/dsa-1291
http://www.debian.org/security/2007/dsa-1291
http://www.kb.cert.org/vuls/id/773720	US Government Resource
http://www.kb.cert.org/vuls/id/773720	US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
http://www.osvdb.org/34732
http://www.osvdb.org/34732
http://www.redhat.com/support/errata/RHSA-2007-0354.html	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0354.html	Vendor Advisory
http://www.samba.org/samba/security/CVE-2007-2446.html	Patch Vendor Advisory
http://www.samba.org/samba/security/CVE-2007-2446.html	Patch Vendor Advisory
http://www.securityfocus.com/archive/1/468542/100/0/threaded
http://www.securityfocus.com/archive/1/468542/100/0/threaded
http://www.securityfocus.com/archive/1/468670/100/0/threaded
http://www.securityfocus.com/archive/1/468670/100/0/threaded
http://www.securityfocus.com/archive/1/468672/100/0/threaded
http://www.securityfocus.com/archive/1/468672/100/0/threaded
http://www.securityfocus.com/archive/1/468673/100/0/threaded
http://www.securityfocus.com/archive/1/468673/100/0/threaded
http://www.securityfocus.com/archive/1/468674/100/0/threaded
http://www.securityfocus.com/archive/1/468674/100/0/threaded
http://www.securityfocus.com/archive/1/468675/100/0/threaded
http://www.securityfocus.com/archive/1/468675/100/0/threaded
http://www.securityfocus.com/archive/1/468680/100/0/threaded
http://www.securityfocus.com/archive/1/468680/100/0/threaded
http://www.securityfocus.com/bid/23973
http://www.securityfocus.com/bid/23973
http://www.securityfocus.com/bid/24195
http://www.securityfocus.com/bid/24195
http://www.securityfocus.com/bid/24196
http://www.securityfocus.com/bid/24196
http://www.securityfocus.com/bid/24197
http://www.securityfocus.com/bid/24197
http://www.securityfocus.com/bid/24198
http://www.securityfocus.com/bid/24198
http://www.securityfocus.com/bid/25159
http://www.securityfocus.com/bid/25159
http://www.securitytracker.com/id?1018050
http://www.securitytracker.com/id?1018050
http://www.trustix.org/errata/2007/0017/
http://www.trustix.org/errata/2007/0017/
http://www.ubuntu.com/usn/usn-460-1
http://www.ubuntu.com/usn/usn-460-1
http://www.vupen.com/english/advisories/2007/1805
http://www.vupen.com/english/advisories/2007/1805
http://www.vupen.com/english/advisories/2007/2079
http://www.vupen.com/english/advisories/2007/2079
http://www.vupen.com/english/advisories/2007/2210
http://www.vupen.com/english/advisories/2007/2210
http://www.vupen.com/english/advisories/2007/2281
http://www.vupen.com/english/advisories/2007/2281
http://www.vupen.com/english/advisories/2007/2732
http://www.vupen.com/english/advisories/2007/2732
http://www.vupen.com/english/advisories/2007/3229
http://www.vupen.com/english/advisories/2007/3229
http://www.vupen.com/english/advisories/2008/0050
http://www.vupen.com/english/advisories/2008/0050
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf
http://www.zerodayinitiative.com/advisories/ZDI-07-029.html
http://www.zerodayinitiative.com/advisories/ZDI-07-029.html
http://www.zerodayinitiative.com/advisories/ZDI-07-030.html
http://www.zerodayinitiative.com/advisories/ZDI-07-030.html
http://www.zerodayinitiative.com/advisories/ZDI-07-031.html
http://www.zerodayinitiative.com/advisories/ZDI-07-031.html
http://www.zerodayinitiative.com/advisories/ZDI-07-032.html
http://www.zerodayinitiative.com/advisories/ZDI-07-032.html
http://www.zerodayinitiative.com/advisories/ZDI-07-033.html
http://www.zerodayinitiative.com/advisories/ZDI-07-033.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/34309
https://exchange.xforce.ibmcloud.com/vulnerabilities/34309
https://exchange.xforce.ibmcloud.com/vulnerabilities/34311
https://exchange.xforce.ibmcloud.com/vulnerabilities/34311
https://exchange.xforce.ibmcloud.com/vulnerabilities/34312
https://exchange.xforce.ibmcloud.com/vulnerabilities/34312
https://exchange.xforce.ibmcloud.com/vulnerabilities/34314
https://exchange.xforce.ibmcloud.com/vulnerabilities/34314
https://exchange.xforce.ibmcloud.com/vulnerabilities/34316
https://exchange.xforce.ibmcloud.com/vulnerabilities/34316
https://issues.rpath.com/browse/RPL-1366
https://issues.rpath.com/browse/RPL-1366
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11415
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11415

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-119	Improper Restriction of Operations within the Bounds of a Memory Buffer	NIST

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

6 change records found show changes

CVE Modified by CVE 11/20/2024 7:30:48 PM

Action	Type	New Value
Added	Reference	http://docs.info.apple.com/article.html?artnum=306172
Added	Reference	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
Added	Reference	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768
Added	Reference	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Added	Reference	http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Added	Reference	http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
Added	Reference	http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
Added	Reference	http://osvdb.org/34699
Added	Reference	http://osvdb.org/34731
Added	Reference	http://osvdb.org/34733
Added	Reference	http://secunia.com/advisories/25232
Added	Reference	http://secunia.com/advisories/25241
Added	Reference	http://secunia.com/advisories/25246
Added	Reference	http://secunia.com/advisories/25251
Added	Reference	http://secunia.com/advisories/25255
Added	Reference	http://secunia.com/advisories/25256
Added	Reference	http://secunia.com/advisories/25257
Added	Reference	http://secunia.com/advisories/25259
Added	Reference	http://secunia.com/advisories/25270
Added	Reference	http://secunia.com/advisories/25289
Added	Reference	http://secunia.com/advisories/25391/
Added	Reference	http://secunia.com/advisories/25567
Added	Reference	http://secunia.com/advisories/25675
Added	Reference	http://secunia.com/advisories/25772
Added	Reference	http://secunia.com/advisories/26235
Added	Reference	http://secunia.com/advisories/26909
Added	Reference	http://secunia.com/advisories/27706
Added	Reference	http://secunia.com/advisories/28292
Added	Reference	http://security.gentoo.org/glsa/glsa-200705-15.xml
Added	Reference	http://securityreason.com/securityalert/2702
Added	Reference	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
Added	Reference	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
Added	Reference	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
Added	Reference	http://www.debian.org/security/2007/dsa-1291
Added	Reference	http://www.kb.cert.org/vuls/id/773720
Added	Reference	http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
Added	Reference	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
Added	Reference	http://www.osvdb.org/34732
Added	Reference	http://www.redhat.com/support/errata/RHSA-2007-0354.html
Added	Reference	http://www.samba.org/samba/security/CVE-2007-2446.html
Added	Reference	http://www.securityfocus.com/archive/1/468542/100/0/threaded
Added	Reference	http://www.securityfocus.com/archive/1/468670/100/0/threaded
Added	Reference	http://www.securityfocus.com/archive/1/468672/100/0/threaded
Added	Reference	http://www.securityfocus.com/archive/1/468673/100/0/threaded
Added	Reference	http://www.securityfocus.com/archive/1/468674/100/0/threaded
Added	Reference	http://www.securityfocus.com/archive/1/468675/100/0/threaded
Added	Reference	http://www.securityfocus.com/archive/1/468680/100/0/threaded
Added	Reference	http://www.securityfocus.com/bid/23973
Added	Reference	http://www.securityfocus.com/bid/24195
Added	Reference	http://www.securityfocus.com/bid/24196
Added	Reference	http://www.securityfocus.com/bid/24197
Added	Reference	http://www.securityfocus.com/bid/24198
Added	Reference	http://www.securityfocus.com/bid/25159
Added	Reference	http://www.securitytracker.com/id?1018050
Added	Reference	http://www.trustix.org/errata/2007/0017/
Added	Reference	http://www.ubuntu.com/usn/usn-460-1
Added	Reference	http://www.vupen.com/english/advisories/2007/1805
Added	Reference	http://www.vupen.com/english/advisories/2007/2079
Added	Reference	http://www.vupen.com/english/advisories/2007/2210
Added	Reference	http://www.vupen.com/english/advisories/2007/2281
Added	Reference	http://www.vupen.com/english/advisories/2007/2732
Added	Reference	http://www.vupen.com/english/advisories/2007/3229
Added	Reference	http://www.vupen.com/english/advisories/2008/0050
Added	Reference	http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf
Added	Reference	http://www.zerodayinitiative.com/advisories/ZDI-07-029.html
Added	Reference	http://www.zerodayinitiative.com/advisories/ZDI-07-030.html
Added	Reference	http://www.zerodayinitiative.com/advisories/ZDI-07-031.html
Added	Reference	http://www.zerodayinitiative.com/advisories/ZDI-07-032.html
Added	Reference	http://www.zerodayinitiative.com/advisories/ZDI-07-033.html
Added	Reference	https://exchange.xforce.ibmcloud.com/vulnerabilities/34309
Added	Reference	https://exchange.xforce.ibmcloud.com/vulnerabilities/34311
Added	Reference	https://exchange.xforce.ibmcloud.com/vulnerabilities/34312
Added	Reference	https://exchange.xforce.ibmcloud.com/vulnerabilities/34314
Added	Reference	https://exchange.xforce.ibmcloud.com/vulnerabilities/34316
Added	Reference	https://issues.rpath.com/browse/RPL-1366
Added	Reference	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11415

CVE Modified by Red Hat, Inc. 10/16/2018 12:43:41 PM

Action	Type	Old Value	New Value
Added	Reference		http://www.securityfocus.com/archive/1/468542/100/0/threaded [No Types Assigned]
Added	Reference		http://www.securityfocus.com/archive/1/468670/100/0/threaded [No Types Assigned]
Added	Reference		http://www.securityfocus.com/archive/1/468672/100/0/threaded [No Types Assigned]
Added	Reference		http://www.securityfocus.com/archive/1/468673/100/0/threaded [No Types Assigned]
Added	Reference		http://www.securityfocus.com/archive/1/468674/100/0/threaded [No Types Assigned]
Added	Reference		http://www.securityfocus.com/archive/1/468675/100/0/threaded [No Types Assigned]
Added	Reference		http://www.securityfocus.com/archive/1/468680/100/0/threaded [No Types Assigned]
Removed	Reference	http://www.securityfocus.com/archive/1/archive/1/468542/100/0/threaded [Patch]
Removed	Reference	http://www.securityfocus.com/archive/1/archive/1/468670/100/0/threaded [No Types Assigned]
Removed	Reference	http://www.securityfocus.com/archive/1/archive/1/468672/100/0/threaded [No Types Assigned]
Removed	Reference	http://www.securityfocus.com/archive/1/archive/1/468673/100/0/threaded [No Types Assigned]
Removed	Reference	http://www.securityfocus.com/archive/1/archive/1/468674/100/0/threaded [No Types Assigned]
Removed	Reference	http://www.securityfocus.com/archive/1/archive/1/468675/100/0/threaded [No Types Assigned]
Removed	Reference	http://www.securityfocus.com/archive/1/archive/1/468680/100/0/threaded [No Types Assigned]

CVE Modified by Red Hat, Inc. 7/28/2017 9:31:27 PM

Action	Type	Old Value	New Value
Added	Reference		https://exchange.xforce.ibmcloud.com/vulnerabilities/34309 [No Types Assigned]
Added	Reference		https://exchange.xforce.ibmcloud.com/vulnerabilities/34311 [No Types Assigned]
Added	Reference		https://exchange.xforce.ibmcloud.com/vulnerabilities/34312 [No Types Assigned]
Added	Reference		https://exchange.xforce.ibmcloud.com/vulnerabilities/34314 [No Types Assigned]
Added	Reference		https://exchange.xforce.ibmcloud.com/vulnerabilities/34316 [No Types Assigned]
Removed	Reference	http://xforce.iss.net/xforce/xfdb/34309 [No Types Assigned]
Removed	Reference	http://xforce.iss.net/xforce/xfdb/34311 [No Types Assigned]
Removed	Reference	http://xforce.iss.net/xforce/xfdb/34312 [No Types Assigned]
Removed	Reference	http://xforce.iss.net/xforce/xfdb/34314 [No Types Assigned]
Removed	Reference	http://xforce.iss.net/xforce/xfdb/34316 [No Types Assigned]

Quick Info

CVE Dictionary Entry:
CVE-2007-2446
NVD Published Date:
05/14/2007
NVD Last Modified:
11/20/2024
Source:
Red Hat, Inc.

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2007-2446 Detail

Current Description

Analysis Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

CVE Modified by CVE 11/20/2024 7:30:48 PM

CVE Modified by Red Hat, Inc. 5/13/2024 9:45:00 PM

CVE Modified by Red Hat, Inc. 10/16/2018 12:43:41 PM

CVE Modified by Red Hat, Inc. 10/10/2017 9:32:13 PM

CVE Modified by Red Hat, Inc. 7/28/2017 9:31:27 PM

Initial CVE Analysis 5/16/2007 12:33:00 PM

Quick Info