CVE-2007-5398

Samba 3.0.0-3.0.26a - Remote Code Execution via WINS Name Registration Request

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.

References (51)

Core 51
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27691
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10230
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-1016.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/544-1/
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/4238
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30835
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29341
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=120524782005154&w=2
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5811
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28136
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3869
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27679
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27682
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27701
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1018953
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-1013.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1908
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27720
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27742
Various Sources vendor-advisory x_refsource_hp
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30484
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/485936/100/0/threaded
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2007/dsa-1409
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27450
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27731
Various Sources mailing-list x_refsource_mlist
http://lists.vmware.com/pipermail/security-announce/2008/000002.html
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:224
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27787
Vendor Advisory x_refsource_confirm
http://docs.info.apple.com/article.html?artnum=307179
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28368
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26455
Issue Tracking x_refsource_confirm
https://issues.rpath.com/browse/RPL-1894
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/483744/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27927
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1712/references
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0859/references
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3372
Vendor Advisory vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1
Various Sources x_refsource_confirm
http://us1.samba.org/samba/security/CVE-2007-5398.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-1017.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0064
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38502
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_65_samba.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/486859/100/0/threaded

Scores

EPSS 0.4072
EPSS Percentile 97.4%

Details

CWE
CWE-119
Status published
Products (42)
samba/samba 3.0.0
samba/samba 3.0.1
samba/samba 3.0.2
samba/samba 3.0.2a
samba/samba 3.0.3
samba/samba 3.0.4 (2 CPE variants)
samba/samba 3.0.5
samba/samba 3.0.6
samba/samba 3.0.7
samba/samba 3.0.8
... and 32 more
Published Nov 16, 2007
Tracked Since Feb 18, 2026