Remote Command Execution Vulnerability in Samba by The Samba Team
CVE-2007-2447

Currently unrated

Key Information:

Vendor

Samba

Status
Samba
Vendor
CVE Published:
14 May 2007

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐ŸŸฃ EPSS 77%

What is CVE-2007-2447?

The MS-RPC functionality within the Samba server allows attackers to execute arbitrary commands remotely due to improper handling of shell metacharacters. When the 'username map script' configuration option is enabled, a malicious user can exploit the SamrChangePassword function to inject commands. Additionally, this vulnerability extends to authenticated users, enabling them to execute commands via other MS-RPC functions related to remote printer and file share management. Security measures should be enforced to mitigate the risks associated with this vulnerability.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2007-2447
Created by amriunix

CVE-2007-2447
Created by H3xL00m

CVE-2007-2447
Created by xbufu

References

http://security.gentoo.org/glsa/glsa-200705-15.xml
vendor-advisoryx_refsource_GENTOO
http://secunia.com/advisories/25289
third-party-advisoryx_refsource_SECUNIA
http://lists.grok.org.uk/pipermail/full-disclosure/2007-S...
mailing-listx_refsource_FULLDISC

EPSS Score

77% chance of being exploited in the next 30 days.

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.