Site Network: | | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

Samba - Local hacker automatic control

Version: 3.0.26 and prior.
Technical Details:

As reported by Secunia Research, a buffer overflow vulnerability exists in the "reply_netbios_packet()" function in Samba, provided that the Samba server has been configured as a WINS Server. The vulnerability can be triggered by passing crafted WINS "Name Registration" requests followed by a WINS "Name Query" request.


Secunia Research have discovered a vulnerability with Samba that could lead to unprivileged accounts being able to run software of their choice on Samba servers that have been configured as a WINS Server.


Update to Samba version 3.0.27 at the earliest opportunity.




External Tracking Data:

CVE-ID: CVE-2007-5398 CVE-ID: 2007-4572

Social bookmark this page