Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-6015
Description:Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.
Test IDs: 1.3.6.1.4.1.25623.1.0.62814   1.3.6.1.4.1.25623.1.0.60018   1.3.6.1.4.1.25623.1.0.59981   1.3.6.1.4.1.25623.1.0.60006   1.3.6.1.4.1.25623.1.0.60023   1.3.6.1.4.1.25623.1.0.65069   1.3.6.1.4.1.25623.1.0.59993   1.3.6.1.4.1.25623.1.0.59992   1.3.6.1.4.1.25623.1.0.65409   1.3.6.1.4.1.25623.1.0.59989   1.3.6.1.4.1.25623.1.0.60050   1.3.6.1.4.1.25623.1.0.60013   1.3.6.1.4.1.25623.1.0.60014   1.3.6.1.4.1.25623.1.0.122626  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-6015
http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html
BugTraq ID: 26791
http://www.securityfocus.com/bid/26791
Bugtraq: 20071210 Secunia Research: Samba "send_mailslot()" Buffer OverflowVulnerability (Google Search)
http://www.securityfocus.com/archive/1/484818/100/0/threaded
Bugtraq: 20071210 [SECURITY] Buffer overrun in send_mailslot() (Google Search)
http://www.securityfocus.com/archive/1/484825/100/0/threaded
Bugtraq: 20071210 rPSA-2007-0261-1 samba samba-swat (Google Search)
http://www.securityfocus.com/archive/1/484827/100/0/threaded
Bugtraq: 20071214 POC for samba send_mailslot() (Google Search)
http://www.securityfocus.com/archive/1/485144/100/0/threaded
Bugtraq: 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates (Google Search)
http://www.securityfocus.com/archive/1/488457/100/0/threaded
Cert/CC Advisory: TA08-043B
http://www.us-cert.gov/cas/techalerts/TA08-043B.html
CERT/CC vulnerability note: VU#438395
http://www.kb.cert.org/vuls/id/438395
Debian Security Information: DSA-1427 (Google Search)
http://www.debian.org/security/2007/dsa-1427
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00304.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00308.html
http://security.gentoo.org/glsa/glsa-200712-10.xml
HPdes Security Advisory: HPSBUX02316
http://marc.info/?l=bugtraq&m=120524782005154&w=2
HPdes Security Advisory: HPSBUX02341
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
HPdes Security Advisory: SSRT071495
http://marc.info/?l=bugtraq&m=120524782005154&w=2
HPdes Security Advisory: SSRT080075
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
http://www.mandriva.com/security/advisories?name=MDKSA-2007:244
http://secunia.com/secunia_research/2007-99/advisory/
http://lists.vmware.com/pipermail/security-announce/2008/000005.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11572
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5605
RedHat Security Advisories: RHSA-2007:1114
http://www.redhat.com/support/errata/RHSA-2007-1114.html
RedHat Security Advisories: RHSA-2007:1117
http://www.redhat.com/support/errata/RHSA-2007-1117.html
http://www.securitytracker.com/id?1019065
http://secunia.com/advisories/27760
http://secunia.com/advisories/27894
http://secunia.com/advisories/27977
http://secunia.com/advisories/27993
http://secunia.com/advisories/27999
http://secunia.com/advisories/28003
http://secunia.com/advisories/28028
http://secunia.com/advisories/28029
http://secunia.com/advisories/28037
http://secunia.com/advisories/28067
http://secunia.com/advisories/28089
http://secunia.com/advisories/28891
http://secunia.com/advisories/29032
http://secunia.com/advisories/29341
http://secunia.com/advisories/30484
http://secunia.com/advisories/30835
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.451554
http://securityreason.com/securityalert/3438
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019295.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238251-1
SuSE Security Announcement: SUSE-SA:2007:068 (Google Search)
http://www.novell.com/linux/security/advisories/2007_68_samba.html
http://www.ubuntu.com/usn/usn-556-1
http://www.vupen.com/english/advisories/2007/4153
http://www.vupen.com/english/advisories/2008/0495/references
http://www.vupen.com/english/advisories/2008/0637
http://www.vupen.com/english/advisories/2008/0859/references
http://www.vupen.com/english/advisories/2008/1712/references
http://www.vupen.com/english/advisories/2008/1908
XForce ISS Database: samba-sendmailslot-bo(38965)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38965




© 1998-2024 E-Soft Inc. All rights reserved.