CVE-2007-2407 - The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does no

CVE-2007-2407

Summary

The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota.

References

Vulnerable Configurations

cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba_server:*:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba_server:*:*:*:*:*:*:*:*

CVSS

Base:	4.0 (as of 29-07-2017 - 01:31)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:N/I:N/A:P

refmap via4

apple	APPLE-SA-2007-07-31
bid	25159
confirm	http://docs.info.apple.com/article.html?artnum=306172
secunia	26235
vupen	ADV-2007-2732
xf	samba-filesystem-security-bypass(35738)

statements via4

contributor	Joshua Bressers
lastmodified	2007-08-09
organization	Red Hat
statement	Not vulnerable. This flaw is specific to Mac OS X and does not affect any version of Red Hat Enterprise Linux.

Last major update

29-07-2017 - 01:31

Published

03-08-2007 - 10:17

Last modified

29-07-2017 - 01:31