CVE-2007-6015— Samba Send_MailSlot函数远程栈溢出漏洞

EPSS 48.86% · P98 更新于 2026-02-27

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2007-6015 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.

来源: 美国国家漏洞数据库 NVD

CVSS Information

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

Samba Send_MailSlot函数远程栈溢出漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

Samba是Samba团队开发的一套可使UNIX系列的操作系统与微软Windows操作系统的SMB/CIFS网络协议做连结的自由软件。该软件支持共享打印机、互相传输资料文件等。 Samba的send_mailslot()函数中存在安全漏洞，远程攻击者可能利用此漏洞控制服务器。如果远程攻击者所发送的特制SAMLOGON域登录报文中在奇数偏移包含有用户名字符串，然后跟随有超长GETDC字符串的话，就可能用全0的字节覆盖栈缓冲区。成功攻击允许执行任意代码，但要求打开了domain logons选项。

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE	订阅
-	n/a	n/a	-

二、漏洞 CVE-2007-6015 的公开POC

#	POC 描述	源链接	神龙链接

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2007-6015 的情报信息

Please 登录 to view more intelligence information

http://www.samba.org/samba/security/CVE-2007-6015.htmlx_refsource_CONFIRM
http://secunia.com/secunia_research/2007-99/advisory/x_refsource_MISC
http://bugs.gentoo.org/show_bug.cgi?id=200773x_refsource_CONFIRM
http://support.avaya.com/elmodocs2/security/ASA-2007-520.htmx_refsource_CONFIRM
http://docs.info.apple.com/article.html?artnum=307430x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-1976x_refsource_CONFIRM
http://securityreason.com/securityalert/3438third-party-advisoryx_refsource_SREASON
http://secunia.com/advisories/28037third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28029third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29341third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/26791vdb-entryx_refsource_BID
http://secunia.com/advisories/28089third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29032third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27999third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28891third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28067third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30835third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30484third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27993third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27894third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27760third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28003third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28028third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27977third-party-advisoryx_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238251-1vendor-advisoryx_refsource_SUNALERT
http://www.securitytracker.com/id?1019065vdb-entryx_refsource_SECTRACK
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019295.1-1vendor-advisoryx_refsource_SUNALERT
http://www.ubuntu.com/usn/usn-556-1vendor-advisoryx_refsource_UBUNTU
http://www.us-cert.gov/cas/techalerts/TA08-043B.htmlthird-party-advisoryx_refsource_CERT
http://www.kb.cert.org/vuls/id/438395third-party-advisoryx_refsource_CERT-VN
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=120524782005154&w=2vendor-advisoryx_refsource_HP
http://www.vupen.com/english/advisories/2008/1908vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/1712/referencesvdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/4153vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/0495/referencesvdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/0637vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/0859/referencesvdb-entryx_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2007-1117.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2007-1114.htmlvendor-advisoryx_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-200712-10.xmlvendor-advisoryx_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDKSA-2007:244vendor-advisoryx_refsource_MANDRIVA
The Slackware Linux Project: Slackware Security Advisoriesvendor-advisoryx_refsource_SLACKWARE
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00308.htmlvendor-advisoryx_refsource_FEDORA
http://www.novell.com/linux/security/advisories/2007_68_samba.htmlvendor-advisoryx_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00304.htmlvendor-advisoryx_refsource_FEDORA
http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.htmlvendor-advisoryx_refsource_APPLE
https://exchange.xforce.ibmcloud.com/vulnerabilities/38965vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/485144/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/484827/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/484825/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/484818/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/488457/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://lists.vmware.com/pipermail/security-announce/2008/000005.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2007-6015

同批安全公告 · n/a · 2007-12-13 · 共 23 条

CVE-2007-6325		Fastpublish Fastpublish Fastpublish CMS 代码注入漏洞
CVE-2007-5964		Red Hat Enterprise Linux autofs 本地特权提升漏洞
CVE-2007-5000		Apache 跨站脚本漏洞
CVE-2007-6333		HPInfoDLL.dll ActiveX控件访问控制漏洞
CVE-2007-6332		HPInfoDLL.dll ActiveX控件注册表访问控制漏洞
CVE-2007-6331		HPInfoDLL.dll ActiveX控件绝对路径遍历漏洞
CVE-2007-6330		Meridian Prolog Manager 加密强度漏洞
CVE-2007-6329		Microsoft Office不安全文档签名漏洞
CVE-2007-6328		DOSBox 授权与访问控制漏洞
CVE-2007-6327		AVS Media AVSMJPEGFILE.DLL ActiveX Remote 缓冲区溢出拒绝服务漏洞
CVE-2007-6326		Simple HTTPD Aux 远程拒绝服务漏洞
CVE-2007-6343		HP OpenView Network Node Manager 未明跨站脚本攻击漏洞
CVE-2007-6324		Fastpublish CMS Designconfig.PHP 远程文件包含漏洞
CVE-2007-6323		MMS Gallery PHP 多个目录遍历漏洞
CVE-2007-6322		xml2owl 'filedownload.php' 目录遍历漏洞
CVE-2007-6342		Apache::AuthCAS Cookie远程SQL注入漏洞
CVE-2007-6204		HP OpenView CGI栈溢出漏洞
CVE-2007-5989		Skype skype4com URI处理器远程堆溢出漏洞
CVE-2007-6347		ViArt Shop/CMS/Helpdesk Products Block_site_map.PHP 远程文件包含漏洞
CVE-2007-6346		Rainboard 跨站脚本攻击漏洞

显示前 20 条，共 23 条。查看全部 → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-6015

暂无评论

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

CVE-2007-6015— Samba Send_MailSlot函数远程栈溢出漏洞

一、漏洞 CVE-2007-6015 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2007-6015 的公开POC

三、漏洞 CVE-2007-6015 的情报信息

同批安全公告 · n/a · 2007-12-13 · 共 23 条

IV. Related Vulnerabilities

V. Comments for CVE-2007-6015

发表评论

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

CVE-2007-6015— Samba Send_MailSlot函数远程栈溢出漏洞

一、 漏洞 CVE-2007-6015 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2007-6015 的公开POC

三、漏洞 CVE-2007-6015 的情报信息

同批安全公告 · n/a · 2007-12-13 · 共 23 条

IV. Related Vulnerabilities

V. Comments for CVE-2007-6015

发表评论

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

一、漏洞 CVE-2007-6015 基础信息