Bug 358831 - (CVE-2007-5398) CVE-2007-5398 Samba "reply_netbios_packet()" Buffer Overflow Vulnerability
CVE-2007-5398 Samba "reply_netbios_packet()" Buffer Overflow Vulnerability
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity urgent
: ---
: ---
Assigned To: Red Hat Product Security
impact=critical,source=vendorsec,repo...
: Security
Depends On: 359091 359101 359111 359121 359131 359141 359151 359161
Blocks:
  Show dependency treegraph
 
Reported: 2007-10-30 14:38 EDT by Josh Bressers
Modified: 2010-02-23 22:34 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-14 09:55:09 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Proposed patch (554 bytes, patch)
2007-10-30 14:47 EDT, Josh Bressers
no flags Details | Diff

  None (edit)
Description Josh Bressers 2007-10-30 14:38:27 EDT
Secunia reported a buffer overflow flaw in Samba's reply_netbios_packet() function.

According to Secunia:
    This can be exploited to cause a stack-based buffer
    overflow by sending multiple specially crafted WINS "Name Registration"
    requests followed by a WINS "Name Query" request.

Acknowledgements:

Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing this issue.
Comment 3 Josh Bressers 2007-10-30 14:47:10 EDT
Created attachment 243791 [details]
Proposed patch
Comment 7 Mark J. Cox (Product Security) 2007-11-15 09:34:33 EST
Now public at 
http://us1.samba.org/samba/security/CVE-2007-5398.html
removing embargo
Comment 8 Red Hat Product Security 2008-01-14 09:55:09 EST
This issue was addressed in:

Red Hat Enterprise Linux:
  http://rhn.redhat.com/errata/RHSA-2007-1034.html
  http://rhn.redhat.com/errata/RHSA-2007-1013.html
  http://rhn.redhat.com/errata/RHSA-2007-1016.html
  http://rhn.redhat.com/errata/RHSA-2007-1017.html

Fedora:
  updated to fixed upstream version


Note You need to log in before you can comment on or make changes to this bug.