Red Hat Customer Portal

Skip to main content

CVE-2007-6015

Impact:
Critical
Bugzilla:
396401: CVE-2007-6015 samba: send_mailslot() buffer overflow

The MITRE CVE dictionary describes this issue as:

Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.

Find out more about CVE-2007-6015 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (samba) RHSA-2007:1114 2007-12-10
Red Hat Enterprise Linux 4 (samba) RHSA-2007:1114 2007-12-10
Red Hat Enterprise Linux 2.1 (samba) RHSA-2007:1114 2007-12-10
Red Hat Enterprise Linux Extended Update Support 4.5 (samba) RHSA-2007:1117 2007-12-10
Red Hat Enterprise Linux 5 (samba) RHSA-2007:1114 2007-12-10

Acknowledgements

Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing this issue.