Vulnerability Details : CVE-2007-0454

Exploit prediction scoring system (EPSS) score for CVE-2007-0454

CVSS scores for CVE-2007-0454

CWE ids for CVE-2007-0454

• CWE-134 Use of Externally-Controlled Format String
  The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
  Assigned by: [email protected] (Primary)

Vendor statements for CVE-2007-0454

• Red Hat 2007-05-14
  Not vulnerable. These issues affect the AFS ACL module which is not distributed with Samba in Red Hat Enterprise Linux 2.1, 3, 4, or 5.

References for CVE-2007-0454

• http://www.ubuntu.com/usn/usn-419-1
  CVEs referencing this url
• http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
  CVEs referencing this url
• http://us1.samba.org/samba/security/CVE-2007-0454.html
• http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
  CVEs referencing this url
• http://www.vupen.com/english/advisories/2007/0483
  Vendor Advisory

  CVEs referencing this url
• http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml
  CVEs referencing this url
• https://exchange.xforce.ibmcloud.com/vulnerabilities/32304
• http://www.securityfocus.com/archive/1/459179/100/0/threaded
• http://www.mandriva.com/security/advisories?name=MDKSA-2007:034
  CVEs referencing this url
• http://www.kb.cert.org/vuls/id/649732
  US Government Resource
• http://www.debian.org/security/2007/dsa-1257
  CVEs referencing this url
• http://www.securityfocus.com/bid/22403
  Patch
• http://www.securityfocus.com/archive/1/459365/100/0/threaded
  CVEs referencing this url
• http://securitytracker.com/id?1017588
• http://www.trustix.org/errata/2007/0007
  CVEs referencing this url
• https://issues.rpath.com/browse/RPL-1005
  CVEs referencing this url

Products affected by CVE-2007-0454

• Debian » Debian Linux » Version: 3.0
  cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 PPC Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 S-390 Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 Mips Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 Mipsel Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 Alpha Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 ARM Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 Hppa Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 Sparc Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 Ia-64 Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 M68k Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.0 Ia-32 Edition
  cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 ARM Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 Hppa Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 Ia-32 Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 Ia-64 Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 Alpha Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 Mips Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 PPC Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1
  cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 Amd64 Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 M68k Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 Mipsel Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 S-390 Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*

  Matching versions
• Debian » Debian Linux » Version: 3.1 Sparc Edition
  cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*

  Matching versions
• Mandrakesoft » Mandrake Linux » Version: 2006
  cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*

  Matching versions
• Mandrakesoft » Mandrake Linux » Version: 2006 X86 64 Edition
  cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86_64:*:*:*:*:*

  Matching versions
• Mandrakesoft » Mandrake Linux Corporate Server » Version: 3.0
  cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

  Matching versions
• Mandrakesoft » Mandrake Linux Corporate Server » Version: 3.0 X86 64 Edition
  cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*

  Matching versions
• Mandrakesoft » Mandrake Linux Corporate Server » Version: 4.0
  cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

  Matching versions
• Mandrakesoft » Mandrake Linux Corporate Server » Version: 4.0 X86 64 Edition
  cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*

  Matching versions
• Mandrakesoft » Mandrake Linuxsoft 2007 » X86 64 Edition
  cpe:2.3:o:mandrakesoft:mandrake_linuxsoft_2007:*:*:x86_64:*:*:*:*:*

  Matching versions
• Mandrakesoft » Mandrake Linuxsoft 2007
  cpe:2.3:o:mandrakesoft:mandrake_linuxsoft_2007:*:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.6
  cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.7
  cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.8
  cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.9
  cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.21a
  cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.21b
  cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.21c
  cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.21
  cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.13
  cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.14
  cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.20a
  cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.10
  cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.14a
  cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.20b
  cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.11
  cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.12
  cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.22
  cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.20
  cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*

  Matching versions
• Samba » Samba » Version: 3.0.23d
  cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*

  Matching versions