CVE-2002-1318

Published: Dec 11, 2002Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.

Affected (27)

Products: Samba: Samba · Sgi: Irix · Hp: Cifs 9000 Server

1 product

1 product

1 product

Cifs 9000 Server

Configuration A

24 vulnerable

Vulnerable Software	Affected Versions
Samba Samba	Version 2.2.2
Samba Samba	Version 2.2.3
Samba Samba	Version 2.2.4
Samba Samba	Version 2.2.5
Samba Samba	Version 2.2.6
Sgi Irix	Version 6.5.10
Sgi Irix	Version 6.5.11
Sgi Irix	Version 6.5.12
Sgi Irix	Version 6.5.13
Sgi Irix	Version 6.5.14
Sgi Irix	Version 6.5.15
Sgi Irix	Version 6.5.16
Sgi Irix	Version 6.5.17
Sgi Irix	Version 6.5.18
Sgi Irix	Version 6.5.1
Sgi Irix	Version 6.5.2
Sgi Irix	Version 6.5.3
Sgi Irix	Version 6.5.4
Sgi Irix	Version 6.5.5
Sgi Irix	Version 6.5.6
Sgi Irix	Version 6.5.7
Sgi Irix	Version 6.5.8
Sgi Irix	Version 6.5.9
Sgi Irix	Version 6.5

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Hp Cifs 9000 Server	Version a.01.08.01
Hp Cifs 9000 Server	Version a.01.08
Hp Cifs 9000 Server	Version a.01.09

References (34)

ftp://patches.sgi.com/support/free/security/advisories/20021204-01-I (unsafe URL)

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000550

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=103801986818076&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=103859045302448&w=2

Source: cve@mitre.org

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/53580

Source: cve@mitre.org

http://us1.samba.org/samba/whatsnew/samba-2.2.7.html

Source: cve@mitre.org

Vendor Advisory

http://www.ciac.org/ciac/bulletins/n-019.shtml

Source: cve@mitre.org

http://www.ciac.org/ciac/bulletins/n-023.shtml

Source: cve@mitre.org

http://www.ciac.org/ciac/bulletins/n-023.shtml

Source: cve@mitre.org

http://www.debian.org/security/2002/dsa-200

Source: cve@mitre.org

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/958321

Source: cve@mitre.org

US Government Resource

http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-081.php

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2002_045_samba.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2002-266.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/6210

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/10683

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1467

Source: cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20021204-01-I (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000550

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=103801986818076&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=103859045302448&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/53580

Source: af854a3a-2127-422b-91ae-364da2661108

http://us1.samba.org/samba/whatsnew/samba-2.2.7.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.ciac.org/ciac/bulletins/n-019.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ciac.org/ciac/bulletins/n-023.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ciac.org/ciac/bulletins/n-023.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2002/dsa-200

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/958321

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-081.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2002_045_samba.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2002-266.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/6210

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/10683

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1467

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.