cpe:/a:samba:samba:3.0.0 cpe:/a:samba:samba:3.0.1 cpe:/a:samba:samba:3.0.2 cpe:/a:samba:samba:3.0.2a cpe:/a:samba:samba:3.0.10 cpe:/a:samba:samba:3.0.11 cpe:/a:samba:samba:3.0.12 cpe:/a:samba:samba:3.0.13 cpe:/a:samba:samba:3.0.14 cpe:/a:samba:samba:3.0.14a cpe:/a:samba:samba:3.0.15 cpe:/a:samba:samba:3.0.16 cpe:/a:samba:samba:3.0.17 cpe:/a:samba:samba:3.0.18 cpe:/a:samba:samba:3.0.19 cpe:/a:samba:samba:3.0.20 cpe:/a:samba:samba:3.0.20a cpe:/a:samba:samba:3.0.20b cpe:/a:samba:samba:3.0.21 cpe:/a:samba:samba:3.0.21a cpe:/a:samba:samba:3.0.21b cpe:/a:samba:samba:3.0.21c cpe:/a:samba:samba:3.0.22 cpe:/a:samba:samba:3.0.23 cpe:/a:samba:samba:3.0.23a cpe:/a:samba:samba:3.0.23b cpe:/a:samba:samba:3.0.23c cpe:/a:samba:samba:3.0.23d cpe:/a:samba:samba:3.0.24 cpe:/a:samba:samba:3.0.25:pre1 cpe:/a:samba:samba:3.0.25:pre2 cpe:/a:samba:samba:3.0.25:rc1 cpe:/a:samba:samba:3.0.25:rc2 cpe:/a:samba:samba:3.0.25:rc3 CVE-2007-2446 2007-05-14T17:19:00.000-04:00 2017-10-10T21:32:13.317-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-05-16T12:33:00.000-04:00 ALLOWS_ADMIN_ACCESS SECTRACK 1018050 SUNALERT 102964 SUNALERT 200588 TRUSTIX 2007-0017 BUGTRAQ 20070513 [SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution BUGTRAQ 20070515 FLEA-2007-0017-1: samba BUGTRAQ 20070515 ZDI-07-029: Samba lsa_io_privilege_set Heap Overflow Vulnerability BUGTRAQ 20070515 ZDI-07-030: Samba netdfs_io_dfs_EnumInfo_d Heap Overflow Vulnerability BUGTRAQ 20070515 ZDI-07-031: Samba smb_io_notify_option_type_data Heap Overflow Vulnerability BUGTRAQ 20070515 ZDI-07-032: Samba sec_io_acl Heap Overflow Vulnerability BUGTRAQ 20070515 ZDI-07-033: Samba lsa_io_trans_names Heap Overflow Vulnerability FULLDISC 20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player BID 23973 BID 24195 BID 24196 BID 24197 BID 24198 BID 25159 SECUNIA 25232 SECUNIA 25241 SECUNIA 25246 SECUNIA 25251 SECUNIA 25255 SECUNIA 25256 SECUNIA 25257 SECUNIA 25259 SECUNIA 25270 SECUNIA 25289 SECUNIA 25391 SECUNIA 25567 SECUNIA 25675 SECUNIA 25772 SECUNIA 26235 SECUNIA 26909 SREASON 2702 SECUNIA 27706 SECUNIA 28292 OSVDB 34699 OSVDB 34731 OSVDB 34732 OSVDB 34733 VUPEN ADV-2007-1805 VUPEN ADV-2007-2079 VUPEN ADV-2007-2210 VUPEN ADV-2007-2281 VUPEN ADV-2007-2732 VUPEN ADV-2007-3229 VUPEN ADV-2008-0050 APPLE APPLE-SA-2007-07-31 DEBIAN DSA-1291 GENTOO GLSA-200705-15 HP HPSBTU02218 HP HPSBUX02218 MANDRIVA MDKSA-2007:104 OPENPKG OpenPKG-SA-2007.012 REDHAT RHSA-2007:0354 SLACKWARE SSA:2007-134-01 HP SSRT071424 SUSE SUSE-SA:2007:031 UBUNTU USN-460-1 CERT-VN VU#773720 CONFIRM http://docs.info.apple.com/article.html?artnum=306172 CONFIRM http://www.samba.org/samba/security/CVE-2007-2446.html CONFIRM http://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf MISC http://www.zerodayinitiative.com/advisories/ZDI-07-029.html MISC http://www.zerodayinitiative.com/advisories/ZDI-07-030.html MISC http://www.zerodayinitiative.com/advisories/ZDI-07-031.html MISC http://www.zerodayinitiative.com/advisories/ZDI-07-032.html MISC http://www.zerodayinitiative.com/advisories/ZDI-07-033.html CONFIRM https://issues.rpath.com/browse/RPL-1366 XF samba-lsaioprivilegeset-bo(34309) XF samba-lsaiotransnames-bo(34316) XF samba-netdfsiodfsenuminfod-bo(34311) XF samba-secioacl-bo(34314) XF samba-smbionotifyoptiontypedata-bo(34312) Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).