HomeSambaCVE-2007-0454

CVE-2007-0454

UNKNOWN
7.5CVSS
Published: 2007-02-06
Updated: 2025-04-09
AI Analysis

Description

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.

CVSS Metrics

Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector
network
Access Cmplx
low
Auth
none
Confidentiality
partial
Integrity
partial
Availability
partial
Weaknesses
CWE-134

Metadata

Primary Vendor
SAMBA
Published
2/6/2007
Last Modified
4/9/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

samba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambasamba : sambadebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxmandrakesoft : mandrake_linuxmandrakesoft : mandrake_linuxmandrakesoft : mandrake_linux_corporate_servermandrakesoft : mandrake_linux_corporate_servermandrakesoft : mandrake_linux_corporate_servermandrakesoft : mandrake_linux_corporate_servermandrakesoft : mandrake_linuxsoft_2007mandrakesoft : mandrake_linuxsoft_2007

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD