(HP Issues Fix for HP-UX) Samba 'smb.conf' Scripts Input Validation Flaw Lets Remote Users Inject Arbitrary Commands
|
|
SecurityTracker Alert ID: 1018197 |
|
SecurityTracker URL: http://securitytracker.com/id/1018197
|
|
CVE Reference:
CVE-2007-2447
(Links to External Site)
|
Date: Jun 5 2007
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3.0.0 - 3.0.25rc3
|
Description:
A vulnerability was reported in Samba. A remote user can execute arbitrary commands on the target system.
When several scripts defined in 'smb.conf' are invoked, user-supplied input is not properly validated before being passed to '/bin/sh'. A remote user or remote authenticated user can send specially crafted data to execute arbitrary commands on the target system. The code will run with the privileges of the target service.
The 'username map script' option (not a default option) is affected. Other functions are also affected.
The vendor was notified on May 7, 2007.
iDefense Labs reported this vulnerability.
|
Impact:
A remote user can execute arbitrary commands on the target system.
|
Solution:
HP has issued a fix for CIFS Server (revision A.02.03.02 or later) for HP-UX.
The HP advisory is available at:
http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01067768
|
Vendor URL: www.samba.org/samba/security/CVE-2007-2447.html (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
UNIX (HP/UX)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Tue, 5 Jun 2007 14:58:41 -0400
Subject: HPSBUX02218 SSRT071424 rev.1 - HP-UX running CIFS Server (Samba), Remote Arbitrary Code Execution
|
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01067768
CVE-2007-2446, CVE-2007-2447
|
|
