Samba NSS_Info Plugin Local Privilege Escalation Vulnerability

Bugtraq ID: 25636
Class: Design Error
CVE: CVE-2007-4138
Remote: No
Local: Yes
Published: Sep 11 2007 12:00AM
Updated: Dec 18 2007 08:05PM
Credit: Rick King discovered this issue and reported it to the vendor.
Vulnerable: Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 12.0
Slackware Linux 11.0
Samba Samba 3.0.25 c
Samba Samba 3.0.25 b
Samba Samba 3.0.25 a
Samba Samba 3.0.25
rPath rPath Linux 1
Redhat Fedora Core7
Redhat Enterprise Linux WS 4
Redhat Enterprise Linux ES 4
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux AS 4
Redhat Enterprise Linux 5 Server
Redhat Desktop 4.0
Avaya Messaging Storage Server MSS 3.0
Avaya Messaging Storage Server MM3.0
Avaya Messaging Storage Server 3.1
Avaya Message Networking MN 3.1
Avaya Message Networking 3.1
Apple Mac OS X Server 10.5.1
Apple Mac OS X 10.5.1
Not Vulnerable: Samba Samba 3.0.26


Privacy Statement
Copyright 2010, SecurityFocus