CVE-2007-4044

Name: CVE-2007-4044
Creator: NVD / NIST
Published: 2007-07-27T22:30:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

Unknown

Last modified Nov 7, 2023

CVE-2007-4044 is a vulnerability of currently unknown severity. Rejected reason: The MS-RPC functionality in smbd in Samba 3 on SUSE Linux before 20070720 does not include "one character in the shell escape handling." NOTE: this issue was originally characterized as a shell metacharacter issue due to an incomplete fix for CVE-2007-2447, which was interpreted by CVE to be security relevant. However, SUSE and Red Hat have disputed the problem, stating that the only impact is that scripts will not be executed if they have a "c" in their name, but even this limitation might not exist.

Description

Rejected reason: The MS-RPC functionality in smbd in Samba 3 on SUSE Linux before 20070720 does not include "one character in the shell escape handling." NOTE: this issue was originally characterized as a shell metacharacter issue due to an incomplete fix for CVE-2007-2447, which was interpreted by CVE to be security relevant. However, SUSE and Red Hat have disputed the problem, stating that the only impact is that scripts will not be executed if they have a "c" in their name, but even this limitation might not exist. This does not have security implications, so should not be included in CVE

Timeline

Published: Jul 27, 2007
Last Modified: Nov 7, 2023
Status: Rejected

Frequently Asked Questions

What is CVE-2007-4044?

How severe is CVE-2007-4044?

Severity scoring for CVE-2007-4044 is pending analysis.

How do I fix CVE-2007-4044?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-4044?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST