Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1318

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-1318
Last Modified 07 Mar 2011 09:09:58
Published 11 Dec 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1318

Summary

Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.

Vulnerable Systems

Operating System

  • Sgi Irix 6.5

  • Sgi Irix 6.5.1

  • Sgi Irix 6.5.10

  • Sgi Irix 6.5.11

  • Sgi Irix 6.5.12

  • Sgi Irix 6.5.13

  • Sgi Irix 6.5.14

  • Sgi Irix 6.5.15

  • Sgi Irix 6.5.16

  • Sgi Irix 6.5.17

  • Sgi Irix 6.5.18

  • Sgi Irix 6.5.2

  • Sgi Irix 6.5.3

  • Sgi Irix 6.5.4

  • Sgi Irix 6.5.5

  • Sgi Irix 6.5.6

  • Sgi Irix 6.5.7

  • Sgi Irix 6.5.8

  • Sgi Irix 6.5.9

Application

  • Hp Cifs-9000 Server A.01.08

  • Hp Cifs-9000 Server A.01.08.01

  • Hp Cifs-9000 Server A.01.09

  • Samba 2.2.2

  • Samba 2.2.3

  • Samba 2.2.4

  • Samba 2.2.5

  • Samba 2.2.6


References

CERT-VN - VU#958321

BID - 6210

REDHAT - RHSA-2002:266

DEBIAN - DSA-200

XF - samba-password-change-bo(10683)

CIAC - N-023

CONFIRM - http://us1.samba.org/samba/whatsnew/samba-2.2.7.html

SUSE - SuSE-SA:2002:045

MANDRAKE - MDKSA-2002:081

CIAC - N-019

SUNALERT - 53580

BUGTRAQ - 20021129 [OpenPKG-SA-2002.012] OpenPKG Security Advisory (samba)

BUGTRAQ - 20021121 GLSA: samba

CONECTIVA - CLA-2002:550

SGI - 20021204-01-I

HP - HPSBUX0212-230


Last Updated: 27 May 2016 10:38:10