Home > Vulnerability Database > CVE-2007-0453

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2007-0453

Date: February 5, 2007

Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions.

Severity Score

5.9

Related Resources (18)

Url: http://www.securityfocus.com/bid/22410

Url: http://www.trustix.org/errata/2007/0007

Url: http://us1.samba.org/samba/security/CVE-2007-0453.html

Url: http://www.securityfocus.com/archive/1/459168/100/0/threaded

Url: http://secunia.com/advisories/24151

Url: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html

Url: http://www.vupen.com/english/advisories/2007/0483

Url: http://securitytracker.com/id?1017589

Url: https://issues.rpath.com/browse/RPL-1005

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-0453

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-0453

Url: http://osvdb.org/33098

Url: http://www.securityfocus.com/archive/1/459365/100/0/threaded

Url: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/32231

Url: http://secunia.com/advisories/24043

Url: http://secunia.com/advisories/24101

Url: https://www.mend.io/vulnerability-database/CVE-2007-0453

Severity Score

5.9

CVSS v3.1

Base Score:	5.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	4.6
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us