FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-5398

This CVE name corresponds to:

Entered Topic
2007-11-21 samba -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-5398 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-5398
Phase Assigned(20071012)

Description

Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.

References

Source Reference
BUGTRAQ 20071115 Secunia Research: Samba "reply_netbios_packet()" Buffer OverflowVulnerability
BUGTRAQ 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
BUGTRAQ 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
MLIST [Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
MISC http://secunia.com/secunia_research/2007-90/advisory/
CONFIRM http://us1.samba.org/samba/security/CVE-2007-5398.html
CONFIRM https://issues.rpath.com/browse/RPL-1894
CONFIRM http://docs.info.apple.com/article.html?artnum=307179
CONFIRM http://www.vmware.com/security/advisories/VMSA-2008-0001.html
APPLE APPLE-SA-2007-12-17
DEBIAN DSA-1409
FEDORA FEDORA-2007-3402
GENTOO GLSA-200711-29
HP HPSBUX02316
HP SSRT071495
MANDRIVA MDKSA-2007:224
REDHAT RHSA-2007:1013
REDHAT RHSA-2007:1016
REDHAT RHSA-2007:1017
SLACKWARE SSA:2007-320-01
SUSE SUSE-SA:2007:065
UBUNTU USN-544-1
CERT TA07-352A
BID 26455
FRSIRT ADV-2007-3869
FRSIRT ADV-2007-4238
FRSIRT ADV-2008-0064
FRSIRT ADV-2008-0859
SECTRACK 1018953
SECUNIA 27450
SECUNIA 27679
SECUNIA 27682
SECUNIA 27691
SECUNIA 27701
SECUNIA 27720
SECUNIA 27731
SECUNIA 27742
SECUNIA 27787
SECUNIA 27927
SECUNIA 28136
SECUNIA 28368
SECUNIA 29341
SREASON 3372
XF samba-replynetbiospacket-bo(38502)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.