Severity: Medium
ID: 27431
File Name: suse_samba-3827.nasl
Version: 1.15
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 10/17/2007
Updated: 1/14/2021
Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Factor: Medium
Score: 4.9
Risk Factor: Medium
Base Score: 6
Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P
CPE: p-cpe:/a:novell:opensuse:libsmbclient, p-cpe:/a:novell:opensuse:samba-python, p-cpe:/a:novell:opensuse:samba-32bit, p-cpe:/a:novell:opensuse:samba-winbind-32bit, cpe:/o:novell:opensuse:10.1, p-cpe:/a:novell:opensuse:libsmbclient-devel, p-cpe:/a:novell:opensuse:libmsrpc-devel, p-cpe:/a:novell:opensuse:cifs-mount, p-cpe:/a:novell:opensuse:libsmbclient-32bit, p-cpe:/a:novell:opensuse:samba-pdb, p-cpe:/a:novell:opensuse:samba, p-cpe:/a:novell:opensuse:samba-vscan, p-cpe:/a:novell:opensuse:samba-winbind, p-cpe:/a:novell:opensuse:samba-client-32bit, p-cpe:/a:novell:opensuse:ldapsmb, p-cpe:/a:novell:opensuse:samba-client, p-cpe:/a:novell:opensuse:libmsrpc
Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/29/2007
Core Impact
Metasploit (Samba "username map script" Command Execution)
CVE: CVE-2007-2447