Upstream information

CVE-2007-5398 at MITRE

Description

Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 9.3
Vector AV:N/AC:M/Au:N/C:C/I:C/A:C
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 337823 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1
  • cifs-mount >= 3.4.3-1.17.2
  • ldapsmb >= 1.34b-11.17.2
  • libsmbclient0 >= 3.4.3-1.17.2
  • libsmbclient0-32bit >= 3.4.3-1.17.2
  • libsmbclient0-x86 >= 3.4.3-1.17.2
  • libtalloc1 >= 3.4.3-1.17.2
  • libtalloc1-32bit >= 3.4.3-1.17.2
  • libtalloc1-x86 >= 3.4.3-1.17.2
  • libtdb1 >= 3.4.3-1.17.2
  • libtdb1-32bit >= 3.4.3-1.17.2
  • libtdb1-x86 >= 3.4.3-1.17.2
  • libwbclient0 >= 3.4.3-1.17.2
  • libwbclient0-32bit >= 3.4.3-1.17.2
  • libwbclient0-x86 >= 3.4.3-1.17.2
  • samba >= 3.4.3-1.17.2
  • samba-32bit >= 3.4.3-1.17.2
  • samba-client >= 3.4.3-1.17.2
  • samba-client-32bit >= 3.4.3-1.17.2
  • samba-client-x86 >= 3.4.3-1.17.2
  • samba-krb-printing >= 3.4.3-1.17.2
  • samba-winbind >= 3.4.3-1.17.2
  • samba-winbind-32bit >= 3.4.3-1.17.2
  • samba-winbind-x86 >= 3.4.3-1.17.2
  • samba-x86 >= 3.4.3-1.17.2
Patchnames:
SUSE Linux Enterprise Server 11 SP1 GA cifs-mount
SUSE Linux Enterprise Server 11 SP2
  • cifs-utils >= 5.1-0.4.9
  • ldapsmb >= 1.34b-12.18.3
  • libldb1 >= 3.6.3-0.18.3
  • libsmbclient0 >= 3.6.3-0.18.3
  • libsmbclient0-32bit >= 3.6.3-0.18.3
  • libsmbclient0-x86 >= 3.6.3-0.18.3
  • libtalloc2 >= 3.6.3-0.18.3
  • libtalloc2-32bit >= 3.6.3-0.18.3
  • libtalloc2-x86 >= 3.6.3-0.18.3
  • libtdb1 >= 3.6.3-0.18.3
  • libtdb1-32bit >= 3.6.3-0.18.3
  • libtdb1-x86 >= 3.6.3-0.18.3
  • libtevent0 >= 3.6.3-0.18.3
  • libwbclient0 >= 3.6.3-0.18.3
  • libwbclient0-32bit >= 3.6.3-0.18.3
  • libwbclient0-x86 >= 3.6.3-0.18.3
  • samba >= 3.6.3-0.18.3
  • samba-32bit >= 3.6.3-0.18.3
  • samba-client >= 3.6.3-0.18.3
  • samba-client-32bit >= 3.6.3-0.18.3
  • samba-client-x86 >= 3.6.3-0.18.3
  • samba-krb-printing >= 3.6.3-0.18.3
  • samba-winbind >= 3.6.3-0.18.3
  • samba-winbind-32bit >= 3.6.3-0.18.3
  • samba-winbind-x86 >= 3.6.3-0.18.3
  • samba-x86 >= 3.6.3-0.18.3
Patchnames:
SUSE Linux Enterprise Server 11 SP2 GA cifs-utils
SUSE Linux Enterprise Server 11 SP2 GA ldapsmb
SUSE Linux Enterprise Server 11 SP3
  • cifs-utils >= 5.1-0.11.1
  • ldapsmb >= 1.34b-12.39.1
  • libldb1 >= 3.6.3-0.39.1
  • libsmbclient0 >= 3.6.3-0.39.1
  • libsmbclient0-32bit >= 3.6.3-0.39.1
  • libsmbclient0-x86 >= 3.6.3-0.39.1
  • libtalloc2 >= 3.6.3-0.39.1
  • libtalloc2-32bit >= 3.6.3-0.39.1
  • libtalloc2-x86 >= 3.6.3-0.39.1
  • libtdb1 >= 3.6.3-0.39.1
  • libtdb1-32bit >= 3.6.3-0.39.1
  • libtdb1-x86 >= 3.6.3-0.39.1
  • libtevent0 >= 3.6.3-0.39.1
  • libwbclient0 >= 3.6.3-0.39.1
  • libwbclient0-32bit >= 3.6.3-0.39.1
  • libwbclient0-x86 >= 3.6.3-0.39.1
  • samba >= 3.6.3-0.39.1
  • samba-32bit >= 3.6.3-0.39.1
  • samba-client >= 3.6.3-0.39.1
  • samba-client-32bit >= 3.6.3-0.39.1
  • samba-client-x86 >= 3.6.3-0.39.1
  • samba-krb-printing >= 3.6.3-0.39.1
  • samba-winbind >= 3.6.3-0.39.1
  • samba-winbind-32bit >= 3.6.3-0.39.1
  • samba-winbind-x86 >= 3.6.3-0.39.1
  • samba-x86 >= 3.6.3-0.39.1
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA cifs-utils
SUSE Linux Enterprise Server 11 SP3 GA ldapsmb
SUSE Linux Enterprise Server 11 SP4
  • cifs-utils >= 5.1-0.14.46
  • ldapsmb >= 1.34b-12.58.1
  • libldb1 >= 3.6.3-0.58.1
  • libsmbclient0 >= 3.6.3-0.58.1
  • libsmbclient0-32bit >= 3.6.3-0.58.1
  • libsmbclient0-x86 >= 3.6.3-0.58.1
  • libtalloc2 >= 3.6.3-0.58.1
  • libtalloc2-32bit >= 3.6.3-0.58.1
  • libtalloc2-x86 >= 3.6.3-0.58.1
  • libtdb1 >= 3.6.3-0.58.1
  • libtdb1-32bit >= 3.6.3-0.58.1
  • libtdb1-x86 >= 3.6.3-0.58.1
  • libtevent0 >= 3.6.3-0.58.1
  • libtevent0-32bit >= 3.6.3-0.58.1
  • libtevent0-x86 >= 3.6.3-0.39.1
  • libwbclient0 >= 3.6.3-0.58.1
  • libwbclient0-32bit >= 3.6.3-0.58.1
  • libwbclient0-x86 >= 3.6.3-0.58.1
  • samba >= 3.6.3-0.58.1
  • samba-32bit >= 3.6.3-0.58.1
  • samba-client >= 3.6.3-0.58.1
  • samba-client-32bit >= 3.6.3-0.58.1
  • samba-client-x86 >= 3.6.3-0.58.1
  • samba-krb-printing >= 3.6.3-0.58.1
  • samba-winbind >= 3.6.3-0.58.1
  • samba-winbind-32bit >= 3.6.3-0.58.1
  • samba-winbind-x86 >= 3.6.3-0.58.1
  • samba-x86 >= 3.6.3-0.58.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA cifs-utils
SUSE Linux Enterprise Server 11 SP4 GA ldapsmb
SUSE Linux Enterprise Server 11 SP4 GA libtevent0-x86
SUSE Linux Enterprise Software Development Kit 11 SP4
  • libldb-devel >= 3.6.3-0.58.1
  • libnetapi-devel >= 3.6.3-0.58.1
  • libnetapi0 >= 3.6.3-0.58.1
  • libsmbclient-devel >= 3.6.3-0.58.1
  • libsmbsharemodes-devel >= 3.6.3-0.58.1
  • libsmbsharemodes0 >= 3.6.3-0.58.1
  • libtalloc-devel >= 3.6.3-0.58.1
  • libtdb-devel >= 3.6.3-0.58.1
  • libtevent-devel >= 3.6.3-0.58.1
  • libwbclient-devel >= 3.6.3-0.58.1
  • samba-devel >= 3.6.3-0.58.1
  • samba-test >= 3.6.3-0.58.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA libldb-devel
SuSE Linux Desktop 1.0
  • samba >= 2.2.8a-249
  • samba-client >= 2.2.8a-249
slrs8.x86
ul1.s390
YOU Patch Nr: 11994
SUSE LINUX Retail Solution 8
SuSE Linux Enterprise Server 8 for AMD64
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
SuSE Linux Enterprise Server 8 for IBM zSeries
SuSE Linux Enterprise Server 8 for IPF
SuSE Linux Openexchange Server 4
SuSE Linux School Server for i386
SuSE Linux Standard Server 8
UnitedLinux 1.0
  • samba >= 2.2.8a-249
  • samba-client >= 2.2.8a-249
  • samba-vscan >= 0.3.2a-301
slrs8.x86
ul1.s390
YOU Patch Nr: 11994
SUSE LINUX 10.0
  • cifs-mount >= 3.0.20b-3.17
  • ldapsmb >= 1.33-6.17
  • libsmbclient >= 3.0.20b-3.17
  • libsmbclient-32bit >= 3.0.20b-3.17
  • libsmbclient-64bit >= 3.0.20b-3.17
  • libsmbclient-devel >= 3.0.20b-3.17
  • samba >= 3.0.20b-3.17
  • samba-client >= 3.0.20b-3.17
  • samba-doc >= 3.0.20b-3.17
  • samba-pdb >= 3.0.20b-3.17
  • samba-python >= 3.0.20b-3.17
  • samba-vscan >= 0.3.6b-4.16
  • samba-winbind >= 3.0.20b-3.17
SUSE LINUX 10.1
  • cifs-mount >= 3.0.22-13.36
  • ldapsmb >= 1.34a-18.32
  • libmsrpc >= 3.0.22-13.36
  • libmsrpc-devel >= 3.0.22-13.36
  • libsmbclient >= 3.0.22-13.36
  • libsmbclient-32bit >= 3.0.22-13.36
  • libsmbclient-64bit >= 3.0.22-13.36
  • libsmbclient-devel >= 3.0.22-13.36
  • samba >= 3.0.22-13.36
  • samba-32bit >= 3.0.22-13.36
  • samba-64bit >= 3.0.22-13.36
  • samba-client >= 3.0.22-13.36
  • samba-client-32bit >= 3.0.22-13.36
  • samba-client-64bit >= 3.0.22-13.36
  • samba-doc >= 3.0.22-20.50
  • samba-pdb >= 3.0.22-13.36
  • samba-python >= 3.0.22-13.36
  • samba-vscan >= 0.3.6b-42.63
  • samba-winbind >= 3.0.22-13.36
  • samba-winbind-32bit >= 3.0.22-13.36
  • samba-winbind-64bit >= 3.0.22-13.36
Novell Linux Desktop 9 for x86
  • ldapsmb >= 1.33-6.27
  • libsmbclient >= 3.0.20b-3.24
  • libsmbclient-devel >= 3.0.20b-3.24
  • samba >= 3.0.20b-3.24
  • samba-client >= 3.0.20b-3.24
  • samba-doc >= 3.0.20b-3.24
  • samba-pdb >= 3.0.20b-3.24
  • samba-python >= 3.0.20b-3.24
  • samba-vscan >= 0.3.6b-0.26.3
  • samba-winbind >= 3.0.20b-3.24
core9.x86
core9.s390
YOU Patch Nr: 11996
Novell Linux Desktop 9 for x86_64
  • ldapsmb >= 1.33-6.27
  • libsmbclient >= 3.0.20b-3.24
  • libsmbclient-32bit >= 9-200711231829
  • libsmbclient-devel >= 3.0.20b-3.24
  • samba >= 3.0.20b-3.24
  • samba-32bit >= 9-200711231829
  • samba-client >= 3.0.20b-3.24
  • samba-client-32bit >= 9-200711231829
  • samba-doc >= 3.0.20b-3.24
  • samba-pdb >= 3.0.20b-3.24
  • samba-python >= 3.0.20b-3.24
  • samba-vscan >= 0.3.6b-0.26.3
  • samba-winbind >= 3.0.20b-3.24
  • samba-winbind-32bit >= 9-200711231829
core9.x86
core9.s390
YOU Patch Nr: 11996
Open Enterprise Server
  • libsmbclient >= 3.0.20b-3.24
  • libsmbclient-devel >= 3.0.20b-3.24
  • samba >= 3.0.20b-3.24
  • samba-client >= 3.0.20b-3.24
  • samba-doc >= 3.0.20b-3.24
  • samba-pdb >= 3.0.20b-3.24
  • samba-python >= 3.0.20b-3.24
  • samba-vscan >= 0.3.6b-0.26.3
  • samba-winbind >= 3.0.20b-3.24
core9.x86
core9.s390
YOU Patch Nr: 11996