Mandrake Linux Security Advisory : samba (MDKSA-2007:224-3)

High Nessus Plugin ID 28274


The remote Mandrake Linux host is missing one or more security updates.


The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service (CVE-2007-4572).

As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges (CVE-2007-5398).

Update :

This update corrects all known regressions with previous Samba updates due to the security fixes to correct CVE-2007-4572.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 28274

File Name: mandrake_MDKSA-2007-224.nasl

Version: $Revision: 1.13 $

Type: local

Published: 2007/11/20

Modified: 2015/03/19

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:lib64smbclient0, p-cpe:/a:mandriva:linux:lib64smbclient0-devel, p-cpe:/a:mandriva:linux:lib64smbclient0-static-devel, p-cpe:/a:mandriva:linux:libsmbclient0, p-cpe:/a:mandriva:linux:libsmbclient0-devel, p-cpe:/a:mandriva:linux:libsmbclient0-static-devel, p-cpe:/a:mandriva:linux:mount-cifs, p-cpe:/a:mandriva:linux:nss_wins, p-cpe:/a:mandriva:linux:samba-client, p-cpe:/a:mandriva:linux:samba-common, p-cpe:/a:mandriva:linux:samba-doc, p-cpe:/a:mandriva:linux:samba-server, p-cpe:/a:mandriva:linux:samba-smbldap-tools, p-cpe:/a:mandriva:linux:samba-swat, p-cpe:/a:mandriva:linux:samba-vscan-clamav, p-cpe:/a:mandriva:linux:samba-vscan-icap, p-cpe:/a:mandriva:linux:samba-winbind, cpe:/o:mandriva:linux:2007, cpe:/o:mandriva:linux:2007.1, cpe:/o:mandriva:linux:2008.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2007/11/29

Reference Information

CVE: CVE-2007-4572, CVE-2007-5398

BID: 26454, 26455

MDKSA: 2007:224-3

CWE: 119