Published: 14/05/2007 Updated: 29/08/2022

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d up to and including 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba 3.0.25
samba samba 3.0.24
samba samba 3.0.23d
debian debian linux 5.0
debian debian linux 4.0
canonical ubuntu linux 7.04
canonical ubuntu linux 6.10
canonical ubuntu linux 6.06

USN-460-1 fixed several vulnerabilities in Samba The upstream changes for CVE-2007-2444 had an unexpected side-effect in Feisty Shares configured with the “force group” option no longer behaved correctly This update corrects the problem We apologize for the inconvenience ...

Paul Griffith and Andrew Hogue discovered that Samba did not fully drop root privileges while translating SIDs A remote authenticated user could issue SMB operations during a small window of opportunity and gain root privileges (CVE-2007-2444) ...

Several issues have been identified in Samba, the SMB/CIFS file- and print-server implementation for GNU/Linux CVE-2007-2444 When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a transition to the root user id rather than the ...

CWE-269 http://www.samba.org/samba/security/CVE-2007-2444.html https://issues.rpath.com/browse/RPL-1366 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906 http://secunia.com/advisories/25241 http://secunia.com/advisories/25246 http://secunia.com/advisories/25256 http://security.gentoo.org/glsa/glsa-200705-15.xml http://www.trustix.org/errata/2007/0017/http://www.ubuntu.com/usn/usn-460-1 http://www.securityfocus.com/bid/23974 http://www.securitytracker.com/id?1018049 http://secunia.com/advisories/25232 http://secunia.com/advisories/25251 http://secunia.com/advisories/25270 http://secunia.com/advisories/25259 http://secunia.com/advisories/25255 http://www.mandriva.com/security/advisories?name=MDKSA-2007:104 http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1 http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html http://www.ubuntu.com/usn/usn-460-2 http://secunia.com/advisories/25289 http://secunia.com/advisories/25675 http://secunia.com/advisories/25772 http://securityreason.com/securityalert/2701 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1 http://www.vupen.com/english/advisories/2007/2281 http://www.vupen.com/english/advisories/2007/1805 http://www.vupen.com/english/advisories/2007/2210 http://osvdb.org/34698 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980 http://www.debian.org/security/2007/dsa-1291 http://www.securityfocus.com/archive/1/468670/100/0/threaded http://www.securityfocus.com/archive/1/468548/100/0/threaded https://nvd.nist.gov https://usn.ubuntu.com/460-2/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-2444

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect