CVE-2007-4572

Published: 16 November 2007

Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.

Priority

Low

Status

Package Release Status
samba
Launchpad, Ubuntu, Debian
Upstream
Released (3.0.27a)

Notes

AuthorNote
jdstrand
believed by upstream to be unexploitable
Debian 3.0.24-6etch8 should be regression free (check earlier
versions too)
suse has most complete fix

References