National Cyber-Alert System

Vulnerability Summary for CVE-2007-0454

Overview

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

Vendor Statments (disclaimer)

Official Statement from Red Hat (05/14/2007)

Not vulnerable. These issues affect the AFS ACL module which is not distributed with Samba in Red Hat Enterprise Linux 2.1, 3, 4, or 5.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Vulnerability Note: VU#649732

Name: VU#649732

Hyperlink:http://www.kb.cert.org/vuls/id/649732

External Source: BID

Name: 22403

Type: Patch Information

Hyperlink:http://www.securityfocus.com/bid/22403

External Source: CONFIRM

Name: https://issues.rpath.com/browse/RPL-1005

Hyperlink:https://issues.rpath.com/browse/RPL-1005

External Source: XF

Name: samba-afsacl-format-string(32304)

Hyperlink:http://xforce.iss.net/xforce/xfdb/32304

External Source: UBUNTU

Name: USN-419-1

Hyperlink:http://www.ubuntu.com/usn/usn-419-1

External Source: TRUSTIX

Name: 2007-0007

Hyperlink:http://www.trustix.org/errata/2007/0007

External Source: BUGTRAQ

Name: 20070207 rPSA-2007-0026-1 samba samba-swat

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/459365/100/0/threaded

External Source: BUGTRAQ

Name: 20070205 [SAMBA-SECURITY] CVE-2007-0454: Format string bug in afsacl.so VFS plugin

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/459179/100/0/threaded

External Source: GENTOO

Name: GLSA-200702-01

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml

External Source: VUPEN

Name: ADV-2007-0483

Hyperlink:http://www.frsirt.com/english/advisories/2007/0483

External Source: DEBIAN

Name: DSA-1257

Hyperlink:http://www.debian.org/security/2007/dsa-1257

External Source: CONFIRM

Name: http://us1.samba.org/samba/security/CVE-2007-0454.html

Hyperlink:http://us1.samba.org/samba/security/CVE-2007-0454.html

External Source: SLACKWARE

Name: SSA:2007-038-01

Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916

External Source: SECTRACK

Name: 1017588

Hyperlink:http://securitytracker.com/id?1017588

External Source: SECUNIA

Name: 24151

Hyperlink:http://secunia.com/advisories/24151

External Source: SECUNIA

Name: 24145

Hyperlink:http://secunia.com/advisories/24145

External Source: SECUNIA

Name: 24101

Hyperlink:http://secunia.com/advisories/24101

External Source: SECUNIA

Name: 24067

Hyperlink:http://secunia.com/advisories/24067

External Source: SECUNIA

Name: 24060

Hyperlink:http://secunia.com/advisories/24060

External Source: SECUNIA

Name: 24046

Hyperlink:http://secunia.com/advisories/24046

External Source: SECUNIA

Name: 24021

Hyperlink:http://secunia.com/advisories/24021

External Source: OSVDB

Name: 33101

Hyperlink:http://osvdb.org/33101

External Source: MANDRIVA

Name: MDKSA-2007:034

Hyperlink:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:034

External Source: OPENPKG

Name: OpenPKG-SA-2007.012

Hyperlink:http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html

External Source: MANDRIVA

Name: MDKSA-2007:034

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2007:034