Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2007-4138

Published: 14 September 2007

The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not defined.

Notes

AuthorNote
jdstrand
affects only Samba 3.0.25 - 3.0.25c (inclusive)

Priority

Medium

Status

Package Release Status
samba
Launchpad, Ubuntu, Debian
upstream
Released (3.0.26)
dapper Not vulnerable

edgy Not vulnerable

feisty Not vulnerable