CVE-2007-0454

Published: Feb 6, 2007Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.

Affected (52)

Products: Samba: Samba · Debian: Debian Linux · Mandrakesoft: Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Linuxsoft 2007

1 product

1 product

3 products

Mandrake Linux Corporate Server

Mandrake Linuxsoft 2007

Configuration A

19 vulnerable

Vulnerable Software	Affected Versions
Samba Samba	Version 3.0.10
Samba Samba	Version 3.0.11
Samba Samba	Version 3.0.12
Samba Samba	Version 3.0.13
Samba Samba	Version 3.0.14
Samba Samba	Version 3.0.14a
Samba Samba	Version 3.0.20
Samba Samba	Version 3.0.20a
Samba Samba	Version 3.0.20b
Samba Samba	Version 3.0.21
Samba Samba	Version 3.0.21a
Samba Samba	Version 3.0.21b
Samba Samba	Version 3.0.21c
Samba Samba	Version 3.0.22
Samba Samba	Version 3.0.23d
Samba Samba	Version 3.0.6
Samba Samba	Version 3.0.7
Samba Samba	Version 3.0.8
Samba Samba	Version 3.0.9

Configuration B

33 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Mandrakesoft Mandrake Linux	Version 2006
Mandrakesoft Mandrake Linux	Version 2006
Mandrakesoft Mandrake Linux Corporate Server	Version 3.0
Mandrakesoft Mandrake Linux Corporate Server	Version 3.0
Mandrakesoft Mandrake Linux Corporate Server	Version 4.0
Mandrakesoft Mandrake Linux Corporate Server	Version 4.0
Mandrakesoft Mandrake Linuxsoft 2007	All versions
Mandrakesoft Mandrake Linuxsoft 2007	All versions

Related CWEs

CWE-134

Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

References (48)

http://osvdb.org/33101

Source: secalert@redhat.com

http://secunia.com/advisories/24021

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24046

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24060

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24067

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24101

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24145

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24151

Source: secalert@redhat.com

Vendor Advisory

http://securitytracker.com/id?1017588

Source: secalert@redhat.com

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916

Source: secalert@redhat.com

http://us1.samba.org/samba/security/CVE-2007-0454.html

Source: secalert@redhat.com

http://www.debian.org/security/2007/dsa-1257

Source: secalert@redhat.com

http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml

Source: secalert@redhat.com

http://www.kb.cert.org/vuls/id/649732

Source: secalert@redhat.com

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2007:034

Source: secalert@redhat.com

http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/459179/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/459365/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/22403

Source: secalert@redhat.com

Patch

http://www.trustix.org/errata/2007/0007

Source: secalert@redhat.com

http://www.ubuntu.com/usn/usn-419-1

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2007/0483

Source: secalert@redhat.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/32304

Source: secalert@redhat.com

https://issues.rpath.com/browse/RPL-1005

Source: secalert@redhat.com

http://osvdb.org/33101