Gerald (Jerry) Carter
2007-May-14 14:55 UTC
[SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation
Spam detection software, running on the system "mail.montanhydraulik.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see postmaster for details. Content preview: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == = Subject: Local SID/Name translation bug can result == in user privilege elevation == CVE ID#: CVE-2007-2444 == == Versions: Samba 3.0.23d - 3.0.25pre2 (inclusive) == == Summary: A bug in the local SID/Name translation == routines may potentially result in a user == being able to issue SMB/CIFS protocol == operations as root. = ========================================================== [...] Content analysis details: (5.4 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.1 FORGED_RCVD_HELO Received: contains a forged HELO 1.2 DATE_IN_PAST_12_24 Date: is 12 to 24 hours before Received: date 2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address [68.117.186.136 listed in dnsbl.sorbs.net] 1.9 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP [68.117.186.136 listed in combined.njabl.org] -------------- next part -------------- An embedded message was scrubbed... From: "Gerald (Jerry) Carter" <jerry@samba.org> Subject: [SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation Date: Sun, 13 May 2007 17:52:25 -0500 Size: 5964 Url: http://lists.samba.org/archive/samba-announce/attachments/20070513/5cd01eb3/attachment.eml