Your submission was sent successfully! Close

CVE-2007-4138

Published: 14 September 2007

The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not defined.

Priority

Medium

Status

Package Release Status
samba
Launchpad, Ubuntu, Debian
dapper Not vulnerable

edgy Not vulnerable

feisty Not vulnerable

gutsy
Released (3.0.26a-1ubuntu1)
upstream
Released (3.0.26)