CVE-2007-6015
samba - buffer overflow
EPSS 48.9%
Description
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.
How to fix CVE-2007-6015
To remediate CVE-2007-6015, upgrade the affected package to a fixed version below.
- Debian/samba—upgrade to 3.0.28-1 or later
- Debian/samba—upgrade to 3.0.24-6etch9 or later
- —upgrade to 3.0.28-1~lenny1 or later
Is CVE-2007-6015 being exploited?
Moderate — EPSS is 48.9%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 3.0.28-1
- from 0, < 3.0.24-6etch9
- from 0, < 3.0.28-1~lenny1