Skip to navigation

CVE Database

CVE-2007-2446

Impact: Critical
Public: 2007-05-14
Bugzilla: 239429: CVE-2007-2446 samba heap overflows

Details

The MITRE CVE dictionary describes this issue as:

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).

Find out more about CVE-2007-2446 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (samba) RHSA-2007:0354 May 14, 2007
Red Hat Enterprise Linux version 3 (samba) RHSA-2007:0354 May 14, 2007
Red Hat Enterprise Linux version 4 (samba) RHSA-2007:0354 May 14, 2007
Red Hat Enterprise Linux version 5 (samba) RHSA-2007:0354 May 14, 2007

External References

Acknowledgements

Red Hat would like to thank the Samba developers, TippingPoint, and iDefense for reporting these issues.

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.