Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1256

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1256
Last Modified 10 Sep 2008 03:14:10
Published 23 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1256

Summary

The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2000 Terminal Services

  • Microsoft Windows Xp


References

MS - MS02-070

XF - win-smb-policy-modification(10843)

BID - 6367


Last Updated: 27 May 2016 10:37:15