Home > Vulnerability Database > CVE-2007-0080

Mend.io Vulnerability Database

CVE-2007-0080

Date: January 5, 2007

Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited "only to local administrators who have write access to the server configuration files." CVE concurs with the dispute

Severity Score

6.9

Related Resources (10)

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/31248

Url: https://security-tracker.debian.org/tracker/CVE-2007-0080

Url: http://osvdb.org/32082

Url: http://www.attrition.org/pipermail/vim/2007-February/001304.html

Url: http://securitytracker.com/id?1017463

Url: http://www.securityfocus.com/archive/1/455678/100/0/threaded

Url: http://www.securityfocus.com/archive/1/455812/100/0/threaded

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-0080

Url: http://www.freeradius.org/security.html

Url: https://www.mend.io/vulnerability-database/CVE-2007-0080

Severity Score

6.9

Weakness Type (CWE)

Buffer Errors

CWE-119

CVSS v3

Base Score:	6.9
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE

CVSS v2

Base Score:	7.4
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2007-0080

Date: January 5, 2007

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

CVSS v3

CVSS v2

Do you need more information?