Vulnerability Description
The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Mac Os X | 10.3.9 |
| Apple | Mac Os X Server | 10.3.9 |
| Samba | Samba Server | All versions |
References
- http://docs.info.apple.com/article.html?artnum=306172
- http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
- http://secunia.com/advisories/26235
- http://www.securityfocus.com/bid/25159Patch
- http://www.vupen.com/english/advisories/2007/2732
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35738
- http://docs.info.apple.com/article.html?artnum=306172
- http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
- http://secunia.com/advisories/26235
- http://www.securityfocus.com/bid/25159Patch
- http://www.vupen.com/english/advisories/2007/2732
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35738
FAQ
What is CVE-2007-2407?
CVE-2007-2407 is a vulnerability with a CVSS score of 4.0 (MEDIUM). The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk...
How severe is CVE-2007-2407?
CVE-2007-2407 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2407?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Mac Os X, Apple Mac Os X Server, Samba Samba Server.