Skip to navigation

CVE Database

CVE-2007-5398

Impact: Critical
Bugzilla: 358831: CVE-2007-5398 Samba "reply_netbios_packet()" Buffer Overflow Vulnerability

Details

The MITRE CVE dictionary describes this issue as:

Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.

Find out more about CVE-2007-5398 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux ES EUS (v. 4.5) (samba) RHSA-2007:1034 November 15, 2007
Red Hat Enterprise Linux version 2.1 (samba) RHSA-2007:1013 November 15, 2007
Red Hat Enterprise Linux version 3 (samba) RHSA-2007:1013 November 15, 2007
Red Hat Enterprise Linux version 4 (samba) RHSA-2007:1016 November 15, 2007
Red Hat Enterprise Linux version 5 (samba) RHSA-2007:1017 November 15, 2007

External References

Acknowledgements

Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing this issue.

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.