CVE-2007-2447
Description
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the username map script smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
57.571
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Ctdb update (ELSA-2018-3056) ctdb-4.8.3-4.el7.x86_64.rpm | Linux |
| Ctdb-tests update (ELSA-2018-3056) ctdb-tests-4.8.3-4.el7.x86_64.rpm | Linux |
| Libsmbclient update (ELSA-2018-3056) libsmbclient-4.8.3-4.el7.x86_64.rpm | Linux |
| Libsmbclient-devel update (ELSA-2018-3056) libsmbclient-devel-4.8.3-4.el7.x86_64.rpm | Linux |
| Libwbclient update (ELSA-2018-3056) libwbclient-4.8.3-4.el7.x86_64.rpm | Linux |
| Libwbclient-devel update (ELSA-2018-3056) libwbclient-devel-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba update (ELSA-2018-3056) samba-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-client update (ELSA-2018-3056) samba-client-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-client-libs update (ELSA-2018-3056) samba-client-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-common-libs update (ELSA-2018-3056) samba-common-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-common-tools update (ELSA-2018-3056) samba-common-tools-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-dc update (ELSA-2018-3056) samba-dc-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-dc-libs update (ELSA-2018-3056) samba-dc-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-devel update (ELSA-2018-3056) samba-devel-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-krb5-printing update (ELSA-2018-3056) samba-krb5-printing-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-libs update (ELSA-2018-3056) samba-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-python update (ELSA-2018-3056) samba-python-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-python-test update (ELSA-2018-3056) samba-python-test-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-test update (ELSA-2018-3056) samba-test-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-test-libs update (ELSA-2018-3056) samba-test-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-vfs-glusterfs update (ELSA-2018-3056) samba-vfs-glusterfs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind update (ELSA-2018-3056) samba-winbind-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind-clients update (ELSA-2018-3056) samba-winbind-clients-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind-krb5-locator update (ELSA-2018-3056) samba-winbind-krb5-locator-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind-modules update (ELSA-2018-3056) samba-winbind-modules-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-common update (ELSA-2018-3056) samba-common-4.8.3-4.el7.noarch.rpm | Linux |
| Samba-pidl update (ELSA-2018-3056) samba-pidl-4.8.3-4.el7.noarch.rpm | Linux |
| Libsmbclient update (ELSA-2018-3056) libsmbclient-4.8.3-4.el7.i686.rpm | Linux |
| Libsmbclient-devel update (ELSA-2018-3056) libsmbclient-devel-4.8.3-4.el7.i686.rpm | Linux |
| Libwbclient update (ELSA-2018-3056) libwbclient-4.8.3-4.el7.i686.rpm | Linux |
| Libwbclient-devel update (ELSA-2018-3056) libwbclient-devel-4.8.3-4.el7.i686.rpm | Linux |
| Samba-client-libs update (ELSA-2018-3056) samba-client-libs-4.8.3-4.el7.i686.rpm | Linux |
| Samba-devel update (ELSA-2018-3056) samba-devel-4.8.3-4.el7.i686.rpm | Linux |
| Samba-libs update (ELSA-2018-3056) samba-libs-4.8.3-4.el7.i686.rpm | Linux |
| Samba-test-libs update (ELSA-2018-3056) samba-test-libs-4.8.3-4.el7.i686.rpm | Linux |
| Samba-winbind-modules update (ELSA-2018-3056) samba-winbind-modules-4.8.3-4.el7.i686.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234