Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2007-5398

Published: 16/11/2007 Updated: 30/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Samba

Vulnerability Summary

Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 up to and including 3.0.26a, when operating as a WINS server, allows remote malicious users to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.

Vulnerable Product Search on Vulmon Subscribe to Product

samba samba 3.0.1

samba samba 3.0.10

samba samba 3.0.16

samba samba 3.0.17

samba samba 3.0.21

samba samba 3.0.21a

samba samba 3.0.21b

samba samba 3.0.23d

samba samba 3.0.24

samba samba 3.0.25a

samba samba 3.0.25b

samba samba 3.0.5

samba samba 3.0.6

samba samba 3.0.11

samba samba 3.0.12

samba samba 3.0.18

samba samba 3.0.19

samba samba 3.0.21c

samba samba 3.0.22

samba samba 3.0.25

samba samba 3.0.25c

samba samba 3.0.26

samba samba 3.0.7

samba samba 3.0.8

samba samba 3.0.13

samba samba 3.0.14

samba samba 3.0.2

samba samba 3.0.20

samba samba 3.0.23

samba samba 3.0.23a

samba samba 3.0.26a

samba samba 3.0.2a

samba samba 3.0.9

samba samba 3.0.0

samba samba 3.0.14a

samba samba 3.0.15

samba samba 3.0.20a

samba samba 3.0.20b

samba samba 3.0.23b

samba samba 3.0.23c

samba samba 3.0.3

samba samba 3.0.4

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2007-5398 remote code execution via NetBIOS replies
Debian Bug report logs - #451385 CVE-2007-5398 remote code execution via NetBIOS replies Package: samba; Maintainer for samba is Debian Samba Maintainers <pkg-samba-maint@listsaliothdebianorg>; Source for samba is src:samba (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 15 Nov 2007 15:5 ...
Ubuntu Security Notice: samba vulnerabilities
Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service (CVE-2007-4572) ...
Ubuntu Security Notice: samba regression
USN-544-1 fixed two vulnerabilities in Samba Fixes for CVE-2007-5398 are unchanged, but the upstream changes for CVE-2007-4572 introduced a regression in all releases which caused Linux smbfs mounts to fail Additionally, Dapper and Edgy included an incomplete patch which caused configurations using NetBIOS to fail A proper fix for these regressi ...

References

CWE-119http://secunia.com/secunia_research/2007-90/advisory/http://us1.samba.org/samba/security/CVE-2007-5398.htmlhttp://secunia.com/advisories/27450https://issues.rpath.com/browse/RPL-1894http://www.debian.org/security/2007/dsa-1409https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200711-29.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:224http://www.redhat.com/support/errata/RHSA-2007-1013.htmlhttp://www.redhat.com/support/errata/RHSA-2007-1016.htmlhttp://www.redhat.com/support/errata/RHSA-2007-1017.htmlhttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739http://www.novell.com/linux/security/advisories/2007_65_samba.htmlhttp://www.securityfocus.com/bid/26455http://securitytracker.com/id?1018953http://secunia.com/advisories/27679http://secunia.com/advisories/27682http://secunia.com/advisories/27691http://secunia.com/advisories/27701http://secunia.com/advisories/27720http://secunia.com/advisories/27731http://secunia.com/advisories/27742http://secunia.com/advisories/27787http://secunia.com/advisories/27927http://securityreason.com/securityalert/3372http://docs.info.apple.com/article.html?artnum=307179http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlhttp://www.us-cert.gov/cas/techalerts/TA07-352A.htmlhttp://secunia.com/advisories/28136http://lists.vmware.com/pipermail/security-announce/2008/000002.htmlhttp://secunia.com/advisories/28368http://www.vmware.com/security/advisories/VMSA-2008-0001.htmlhttp://secunia.com/advisories/29341http://secunia.com/advisories/30484http://secunia.com/advisories/30835http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1http://www.vupen.com/english/advisories/2007/4238http://www.vupen.com/english/advisories/2008/0859/referenceshttp://www.vupen.com/english/advisories/2008/0064http://marc.info/?l=bugtraq&m=120524782005154&w=2http://www.vupen.com/english/advisories/2008/1908http://www.vupen.com/english/advisories/2007/3869http://www.vupen.com/english/advisories/2008/1712/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/38502https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5811https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10230https://usn.ubuntu.com/544-1/http://www.securityfocus.com/archive/1/486859/100/0/threadedhttp://www.securityfocus.com/archive/1/485936/100/0/threadedhttp://www.securityfocus.com/archive/1/483744/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451385https://nvd.nist.govhttps://usn.ubuntu.com/544-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook