Home > Vulnerability Database > CVE-2007-0080

Mend.io Vulnerability Database

CVE-2007-0080

Date: January 5, 2007

Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited "only to local administrators who have write access to the server configuration files." CVE concurs with the dispute

Severity Score

7.0

Related Resources (10)

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/31248

Url: https://security-tracker.debian.org/tracker/CVE-2007-0080

Url: http://osvdb.org/32082

Url: http://www.attrition.org/pipermail/vim/2007-February/001304.html

Url: http://securitytracker.com/id?1017463

Url: http://www.securityfocus.com/archive/1/455678/100/0/threaded

Url: http://www.securityfocus.com/archive/1/455812/100/0/threaded

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-0080

Url: http://www.freeradius.org/security.html

Url: https://www.mend.io/vulnerability-database/CVE-2007-0080

Severity Score

7.0

Weakness Type (CWE)

Buffer Errors

CWE-119

CVSS v3.1

Base Score:	7.0
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	6.6
Access Vector (AV):	LOCAL
Access Complexity (AC):	MEDIUM
Authentication (AU):	SINGLE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2007-0080

Date: January 5, 2007

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?