Vulnerability Description
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samba | Samba | 2.0.1 |
Related Weaknesses (CWE)
References
- http://bugs.gentoo.org/show_bug.cgi?id=200773
- http://docs.info.apple.com/article.html?artnum=307430
- http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html
- http://lists.vmware.com/pipermail/security-announce/2008/000005.html
- http://marc.info/?l=bugtraq&m=120524782005154&w=2
- http://secunia.com/advisories/27760Vendor Advisory
- http://secunia.com/advisories/27894
- http://secunia.com/advisories/27977
- http://secunia.com/advisories/27993
- http://secunia.com/advisories/27999
- http://secunia.com/advisories/28003
- http://secunia.com/advisories/28028
- http://secunia.com/advisories/28029
- http://secunia.com/advisories/28037
- http://secunia.com/advisories/28067
FAQ
What is CVE-2007-6015?
CVE-2007-6015 is a vulnerability with a CVSS score of 9.3 (HIGH). Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GE...
How severe is CVE-2007-6015?
CVE-2007-6015 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6015?
Check the references section above for vendor advisories and patch information. Affected products include: Samba Samba.