HOME > ADVISORIES


   ADVISORIES

CERT-In Advisory CIAD-2007-07
Multiple vulnerabilities have been reported in phpBB++ and samba server

Original issue date: February 07, 2007

Severity Rating: High

Systems Affected

  • phpBB++
  • Samba versions 3.0.6 through 3.0.23d

Overview

Multiple vulnerabilities have been reported in phpBB++ and samba server which could be exploited by remote attackers to compromise a vulnerable system or to crash the sever.

Description

1 .PhpBB++ File Inclusion Vulnerability ( CVE-2007-0762 )

A file inclusion vulnerability has been reported in phpBB++ due to an improper input validation error in "phpbb_root_path" parameter of includes/functions.php file. An remote attacker could exploit this vulnerability to include a malicious file to the vulnerable server remotely and compromise the system.

2. Samba Deferred CIFS File Open Denial of Service
Vulnerability ( CVE-2007-0452 )

A vulnerability has been reported in the handling of deferred file open calls. This may lead to an infinite loop, and hence a denial of service.

3. Samba format string Vulnerability ( CVE-2007-0454 )

A vulnerability has been reported in the AFS ACL mapping VFS plugin of samba. A remote attacker may execute arbitrary code on the vulnerable system by creating a specially crafted file name on the server's share.

Solution

Apply patches provided by the appropriate vendor.

Vendor Information

Sourceforge
http://sourceforge.net/project/showfiles.php?group_id=86688&
package_id=90098

Samba
http://us1.samba.org/samba/security/CVE-2007-0454.html
http://us1.samba.org/samba/security/CVE-2007-0453.html
http://us1.samba.org/samba/security/CVE-2007-0452.html

References

FrSIRT
http://www.frsirt.com/english/advisories/2007/0483

Secunia
http://secunia.com/advisories/24034/
http://secunia.com/advisories/24043/

SecurityTracker
http://securitytracker.com/alerts/2007/Feb/1017587.html
http://securitytracker.com/alerts/2007/Feb/1017588.html
http://securitytracker.com/alerts/2007/Feb/1017589.html

Securityfocus
http://www.securityfocus.com/bid/22376/info

CVE Name
CVE-2007-0762
CVE-2007-0452
CVE-2007-0454



Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003