CVE-2007-2447

CVE Database · CVE-2007-2447

CVE-2007-2447

· N/AModified

CVSS v3.1

N/A

EPSS

49.76%

Published

May 14, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBSamba 3.0.20 < 3.0.25rc3 - 'Username' map script' Command Execution (Metasploit)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.

Affected Products (42)

samba · sambavulnerable

samba · samba

References (20)

http://docs.info.apple.com/article.html?artnum=306172

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534

http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html

http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html

http://secunia.com/advisories/25232

Vendor Advisory

http://secunia.com/advisories/25241

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs