Unrated severityNVD Advisory· Published Nov 16, 2007· Updated Apr 23, 2026
CVE-2007-4572
CVE-2007-4572
Description
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.
Affected products
50cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*+ 47 more
- cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25b:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25c:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:pre1:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:rc1:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:rc2:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:rc3:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.26:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.26a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*
- osv-coords2 versionspkg:rpm/opensuse/cifs-utils&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweed
< 6.13-1.3+ 1 more
- (no CPE)range: < 6.13-1.3
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
50- secunia.com/advisories/27450nvdPatchVendor Advisory
- us1.samba.org/samba/security/CVE-2007-4572.htmlnvdPatch
- secunia.com/advisories/27679nvdVendor Advisory
- secunia.com/advisories/27682nvdVendor Advisory
- secunia.com/advisories/27691nvdVendor Advisory
- secunia.com/advisories/27701nvdVendor Advisory
- secunia.com/advisories/27720nvdVendor Advisory
- secunia.com/advisories/27731nvdVendor Advisory
- secunia.com/advisories/27787nvdVendor Advisory
- secunia.com/advisories/27927nvdVendor Advisory
- secunia.com/advisories/28136nvdVendor Advisory
- secunia.com/advisories/28368nvdVendor Advisory
- www.us-cert.gov/cas/techalerts/TA07-352A.htmlnvdUS Government Resource
- docs.info.apple.com/article.htmlnvd
- lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlnvd
- lists.vmware.com/pipermail/security-announce/2008/000002.htmlnvd
- marc.infonvd
- secunia.com/advisories/29341nvd
- secunia.com/advisories/30484nvd
- secunia.com/advisories/30736nvd
- secunia.com/advisories/30835nvd
- securitytracker.com/idnvd
- slackware.com/security/viewer.phpnvd
- sunsolve.sun.com/search/document.donvd
- www.debian.org/security/2007/dsa-1409nvd
- www.gentoo.org/security/en/glsa/glsa-200711-29.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2007_65_samba.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-1013.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-1016.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-1017.htmlnvd
- www.securityfocus.com/archive/1/485936/100/0/threadednvd
- www.securityfocus.com/archive/1/486859/100/0/threadednvd
- www.securityfocus.com/bid/26454nvd
- www.ubuntu.com/usn/usn-544-2nvd
- www.ubuntu.com/usn/usn-617-1nvd
- www.vmware.com/security/advisories/VMSA-2008-0001.htmlnvd
- www.vupen.com/english/advisories/2007/3869nvd
- www.vupen.com/english/advisories/2007/4238nvd
- www.vupen.com/english/advisories/2008/0064nvd
- www.vupen.com/english/advisories/2008/0859/referencesnvd
- www.vupen.com/english/advisories/2008/1712/referencesnvd
- www.vupen.com/english/advisories/2008/1908nvd
- www11.itrc.hp.com/service/cki/docDisplay.donvd
- exchange.xforce.ibmcloud.com/vulnerabilities/38501nvd
- issues.rpath.com/browse/RPL-1894nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643nvd
- usn.ubuntu.com/544-1/nvd
- www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.htmlnvd
News mentions
0No linked articles in our index yet.