Description
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.
References (34)
Core 34
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200705-15.xml
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25289
Permissions Required vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1805
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25772
Third Party Advisory vendor-advisory
x_refsource_openpkg
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25270
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/468670/100/0/threaded
Permissions Required vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2281
Permissions Required vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2210
Broken Link vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Broken Link vendor-advisory
x_refsource_trustix
http://www.trustix.org/errata/2007/0017/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018049
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-460-1
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/2701
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25241
Broken Link vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25256
Broken Link x_refsource_confirm
https://issues.rpath.com/browse/RPL-1366
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25259
Mailing List, Third Party Advisory vendor-advisory
x_refsource_slackware
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
Broken Link vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2007/dsa-1291
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/468548/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25232
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25251
Broken Link vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-460-2
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25246
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/34698
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25255
Patch, Vendor Advisory x_refsource_confirm
http://www.samba.org/samba/security/CVE-2007-2444.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/23974
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25675
Scores
EPSS
0.0105
EPSS Percentile
77.8%
Details
CWE
CWE-269
Status
published
Products (8)
canonical/ubuntu_linux
6.06
canonical/ubuntu_linux
6.10
canonical/ubuntu_linux
7.04
debian/debian_linux
4.0
debian/debian_linux
5.0
samba/samba
3.0.23d
samba/samba
3.0.24
samba/samba
3.0.25 pre2
Published
May 14, 2007
Tracked Since
Feb 18, 2026