Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5398

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-5398
Last Modified 07 Mar 2011 10:00:37
Published 16 Nov 2007 01:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5398

Summary

Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.

Vulnerable Systems

Application

  • Samba 3.0

  • Samba 3.0.0

  • Samba 3.0.1

  • Samba 3.0.10

  • Samba 3.0.11

  • Samba 3.0.12

  • Samba 3.0.13

  • Samba 3.0.14

  • Samba 3.0.14a

  • Samba 3.0.15

  • Samba 3.0.16

  • Samba 3.0.17

  • Samba 3.0.18

  • Samba 3.0.19

  • Samba 3.0.2

  • Samba 3.0.20

  • Samba 3.0.20a

  • Samba 3.0.20b

  • Samba 3.0.21

  • Samba 3.0.21a

  • Samba 3.0.21b

  • Samba 3.0.21c

  • Samba 3.0.22

  • Samba 3.0.23

  • Samba 3.0.23a

  • Samba 3.0.23b

  • Samba 3.0.23c

  • Samba 3.0.23d

  • Samba 3.0.24

  • Samba 3.0.25

  • Samba 3.0.25a

  • Samba 3.0.25b

  • Samba 3.0.25c

  • Samba 3.0.26

  • Samba 3.0.26a

  • Samba 3.0.2a

  • Samba 3.0.3

  • Samba 3.0.4

  • Samba 3.0.5

  • Samba 3.0.6

  • Samba 3.0.7

  • Samba 3.0.8

  • Samba 3.0.9


References

CERT - TA07-352A

FEDORA - FEDORA-2007-3402

CONFIRM - https://issues.rpath.com/browse/RPL-1894

XF - samba-replynetbiospacket-bo(38502)

HP - HPSBUX02341

VUPEN - ADV-2008-1908

VUPEN - ADV-2008-1712

VUPEN - ADV-2008-0859

VUPEN - ADV-2008-0064

VUPEN - ADV-2007-4238

VUPEN - ADV-2007-3869

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0001.html

UBUNTU - USN-544-1

BID - 26455

BUGTRAQ - 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages

BUGTRAQ - 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages

BUGTRAQ - 20071115 Secunia Research: Samba "reply_netbios_packet()" Buffer OverflowVulnerability

REDHAT - RHSA-2007:1017

REDHAT - RHSA-2007:1016

REDHAT - RHSA-2007:1013

SUSE - SUSE-SA:2007:065

MANDRIVA - MDKSA-2007:224

GENTOO - GLSA-200711-29

DEBIAN - DSA-1409

CONFIRM - http://us1.samba.org/samba/security/CVE-2007-5398.html

SUNALERT - 237764

SLACKWARE - SSA:2007-320-01

SECTRACK - 1018953

SREASON - 3372

MISC - http://secunia.com/secunia_research/2007-90/advisory/

SECUNIA - 30835

SECUNIA - 28368

SECUNIA - 28136

SECUNIA - 27927

SECUNIA - 27787

SECUNIA - 27742

SECUNIA - 27731

SECUNIA - 27720

SECUNIA - 27701

SECUNIA - 27691

SECUNIA - 27682

SECUNIA - 27679

SECUNIA - 27450

HP - SSRT071495

MLIST - [Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages

APPLE - APPLE-SA-2007-12-17

CONFIRM - http://docs.info.apple.com/article.html?artnum=307179

SECUNIA - 30484

SECUNIA - 29341

HP - HPSBUX02316

HP - SSRT080075

Related Patches

Apple 2007-12-17 Security Update 2007-009 (10.4.11 PPC)

Apple 2007-12-17 Security Update 2007-009 (10.5.1)

Apple 2007-12-21 Security Update 2007-009 1.1 (10.4.11 PPC)

Apple 2007-12-21 Security Update 2007-009 1.1 (10.5.1)

Apple 2007-12-21 Security Update 2007-009 1.1 (10.4.11 Universal)


Last Updated: 27 May 2016 10:47:27