CVE-2007-5398
EPSS 40.7%
Description
Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.
How to fix CVE-2007-5398
To remediate CVE-2007-5398, upgrade the affected package to a fixed version below.
- Debian/samba—upgrade to 3.0.27-1 or later
Is CVE-2007-5398 being exploited?
Moderate — EPSS is 40.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 3.0.27-1