CVE-2007-0454
EPSS 4.4%
Description
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.
How to fix CVE-2007-0454
To remediate CVE-2007-0454, upgrade the affected package to a fixed version below.
- Debian/samba—upgrade to 3.0.23d-5 or later
Is CVE-2007-0454 being exploited?
Low — EPSS is 4.4%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 3.0.23d-5