Intrusion Prevention

Samba.Arbitrary.Command.Injection

Description

This indicates an attempt to exploit an input validation error in in Samba server.
The MS-RPC functionality in smbd, part of Samba server, fails to properly validate user supplied parameters. This vulnerability can be exploited by remote attackers to inject and execute arbitrary shell commands. The vulnerable function is "_AddPrinterW" in Samba 3. It can be reached through an "AddPrinter" remote request.

Affected Products

Samba versions 3.0.0 through 3.0.25rc3.

Impact

System compromise: arbitrary command execution.

CVE References

CVE-2007-2447 CVE-2007-2444