CVE-2002-2196

Published Dec 31, 2002

Last updated 16 years ago

CVSS info 7.5

Overview

Description: Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Vendor comments

Red HatThis issue did not affect the versions of Samba as distributed with Red Hat Enterprise Linux 2.1, 3, or 4.

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F69ED4B5-C485-4996-8AAE-F3800D37170F",
            "versionEndIncluding": "2.2.4"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3B50D9E-EA43-44BF-9176-610EC808B986"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.17:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCBBF662-40C3-4280-BE79-9D7C36A6DF5C"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.17:p3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDD6A6AE-C636-4131-807B-59F7784B7AB7"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.17:p4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C6D63F5-B72C-445A-BC61-D52D6022481B"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.17:p5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1ADD724A-1747-4678-A659-0A528B728C66"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.18:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3ABEA3A-8F88-4947-80A5-CF1459F5AC8F"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.18:p10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86F85E94-9F94-457A-A606-35DB558484A3"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.18:p2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1ED4704B-2422-43C9-A2E0-9851F56D4CEC"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.18:p3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "158D175A-E0D7-45EF-BDD2-D86F2E8F7766"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.18:p4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7854FCEF-D1F8-4DEC-A6CB-C4470899F71C"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.18:p5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36D8B675-C209-4D5A-8EA7-1B3515E930FC"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.18:p6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BCECF31-4C73-4ABA-9F84-D5DBA1DB1F50"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.18:p7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C5A1382-D147-43E5-8DB7-93B7A3B9AA0E"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:1.9.18:p8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A497A5D-96FC-490E-87EB-94C1BE7338A3"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F681E4CC-B8D3-48A2-B93E-0363B22B059E"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:2.0.5a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BDD0125-4C47-404A-9DC0-2E923C66B4D5"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:2.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCACECDD-40F1-4A9B-8B8A-20565FEE3627"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19F65FF3-71F8-4278-A823-A6E0FF65D9F1"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "614547F5-9C3F-489B-9B72-91B0FF646CCC"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC2AE5A9-62C5-4DCE-85B3-16F48695B3B4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References