CVSS: 10.0EPSS: 81%CPEs: 34EXPL: 5CVE-2007-2446 – Samba lsa_io_trans_names Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-2446
14 May 2007 — Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names). Múltiples desbordamientos de búfer en la región heap de la memoria en el análisis NDR en ... • https://packetstorm.news/files/id/180539 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 8%CPEs: 8EXPL: 0CVE-2007-2444
https://notcve.org/view.php?id=CVE-2007-2444
14 May 2007 — Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user. Error lógico en la funcionalidad de traducción SID/Name en smbd en Samba 3.0.23d hasta 3.0.25pre2 permite a usuarios locales ganar privilegios de forma temporal y ejecutar operaciones del protocolo SMB/CIFS a través de vectores no especificados qu... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980 • CWE-269: Improper Privilege Management •