This CVE name corresponds to:
Entered | Topic |
---|---|
2007-09-21 | samba -- nss_info plugin privilege escalation vulnerability |
The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.
Type | Candidate |
Name | CVE-2007-4138 |
Phase | Assigned(20070802) |
The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not defined.
Copyright © 2005 The MITRE Corporation.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright
information.