Unrated severityNVD Advisory· Published Nov 16, 2007· Updated Apr 23, 2026
CVE-2007-5398
CVE-2007-5398
Description
Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.
Affected products
48cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*+ 47 more
- cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:pre1:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:rc1:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:rc2:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25:rc3:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25b:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.25c:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.26:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.26a:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
51- secunia.com/advisories/27450nvdVendor Advisory
- www.us-cert.gov/cas/techalerts/TA07-352A.htmlnvdUS Government Resource
- docs.info.apple.com/article.htmlnvd
- lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlnvd
- lists.vmware.com/pipermail/security-announce/2008/000002.htmlnvd
- marc.infonvd
- secunia.com/advisories/27679nvd
- secunia.com/advisories/27682nvd
- secunia.com/advisories/27691nvd
- secunia.com/advisories/27701nvd
- secunia.com/advisories/27720nvd
- secunia.com/advisories/27731nvd
- secunia.com/advisories/27742nvd
- secunia.com/advisories/27787nvd
- secunia.com/advisories/27927nvd
- secunia.com/advisories/28136nvd
- secunia.com/advisories/28368nvd
- secunia.com/advisories/29341nvd
- secunia.com/advisories/30484nvd
- secunia.com/advisories/30835nvd
- secunia.com/secunia_research/2007-90/advisory/nvd
- securityreason.com/securityalert/3372nvd
- securitytracker.com/idnvd
- slackware.com/security/viewer.phpnvd
- sunsolve.sun.com/search/document.donvd
- us1.samba.org/samba/security/CVE-2007-5398.htmlnvd
- www.debian.org/security/2007/dsa-1409nvd
- www.gentoo.org/security/en/glsa/glsa-200711-29.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2007_65_samba.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-1013.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-1016.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-1017.htmlnvd
- www.securityfocus.com/archive/1/483744/100/0/threadednvd
- www.securityfocus.com/archive/1/485936/100/0/threadednvd
- www.securityfocus.com/archive/1/486859/100/0/threadednvd
- www.securityfocus.com/bid/26455nvd
- www.vmware.com/security/advisories/VMSA-2008-0001.htmlnvd
- www.vupen.com/english/advisories/2007/3869nvd
- www.vupen.com/english/advisories/2007/4238nvd
- www.vupen.com/english/advisories/2008/0064nvd
- www.vupen.com/english/advisories/2008/0859/referencesnvd
- www.vupen.com/english/advisories/2008/1712/referencesnvd
- www.vupen.com/english/advisories/2008/1908nvd
- www11.itrc.hp.com/service/cki/docDisplay.donvd
- exchange.xforce.ibmcloud.com/vulnerabilities/38502nvd
- issues.rpath.com/browse/RPL-1894nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10230nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5811nvd
- usn.ubuntu.com/544-1/nvd
- www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.htmlnvd
News mentions
0No linked articles in our index yet.