CVE-2007-4572
samba - several vulnerabilities (update)
EPSS 21.5%
Description
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.
How to fix CVE-2007-4572
To remediate CVE-2007-4572, upgrade the affected package to a fixed version below.
- Debian/samba—upgrade to 3.0.27-1 or later
- Debian/samba—upgrade to 3.0.24-6etch5 or later
- Debian/samba—upgrade to 3.0.24-6etch7 or later
- —upgrade to 3.0.24-6etch8 or later
Is CVE-2007-4572 being exploited?
Moderate — EPSS is 21.5%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (4)
- from 0, < 3.0.27-1
- from 0, < 3.0.24-6etch5
- from 0, < 3.0.24-6etch7
- from 0, < 3.0.24-6etch8