CVE-2002-1318
Summary
| CVE | CVE-2002-1318 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2002-12-11 05:00:00 UTC |
| Updated | 2018-05-03 01:29:00 UTC |
| Description | Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hp | Cifs-9000 Server | a.01.08 | All | All | All |
| Application | Hp | Cifs-9000 Server | a.01.08.01 | All | All | All |
| Application | Hp | Cifs-9000 Server | a.01.09 | All | All | All |
| Application | Hp | Cifs-9000 Server | a.01.08 | All | All | All |
| Application | Hp | Cifs-9000 Server | a.01.08.01 | All | All | All |
| Application | Hp | Cifs-9000 Server | a.01.09 | All | All | All |
| Application | Samba | Samba | 2.2.2 | All | All | All |
| Application | Samba | Samba | 2.2.3 | All | All | All |
| Application | Samba | Samba | 2.2.4 | All | All | All |
| Application | Samba | Samba | 2.2.5 | All | All | All |
| Application | Samba | Samba | 2.2.6 | All | All | All |
| Application | Samba | Samba | 2.2.2 | All | All | All |
| Application | Samba | Samba | 2.2.3 | All | All | All |
| Application | Samba | Samba | 2.2.4 | All | All | All |
| Application | Samba | Samba | 2.2.5 | All | All | All |
| Application | Samba | Samba | 2.2.6 | All | All | All |
| Operating System | Sgi | Irix | 6.5 | All | All | All |
| Operating System | Sgi | Irix | 6.5.1 | All | All | All |
| Operating System | Sgi | Irix | 6.5.10 | All | All | All |
| Operating System | Sgi | Irix | 6.5.11 | All | All | All |
| Operating System | Sgi | Irix | 6.5.12 | All | All | All |
| Operating System | Sgi | Irix | 6.5.13 | All | All | All |
| Operating System | Sgi | Irix | 6.5.14 | All | All | All |
| Operating System | Sgi | Irix | 6.5.15 | All | All | All |
| Operating System | Sgi | Irix | 6.5.16 | All | All | All |
| Operating System | Sgi | Irix | 6.5.17 | All | All | All |
| Operating System | Sgi | Irix | 6.5.18 | All | All | All |
| Operating System | Sgi | Irix | 6.5.2 | All | All | All |
| Operating System | Sgi | Irix | 6.5.3 | All | All | All |
| Operating System | Sgi | Irix | 6.5.4 | All | All | All |
| Operating System | Sgi | Irix | 6.5.5 | All | All | All |
| Operating System | Sgi | Irix | 6.5.6 | All | All | All |
| Operating System | Sgi | Irix | 6.5.7 | All | All | All |
| Operating System | Sgi | Irix | 6.5.8 | All | All | All |
| Operating System | Sgi | Irix | 6.5.9 | All | All | All |
| Operating System | Sgi | Irix | 6.5 | All | All | All |
| Operating System | Sgi | Irix | 6.5.1 | All | All | All |
| Operating System | Sgi | Irix | 6.5.10 | All | All | All |
| Operating System | Sgi | Irix | 6.5.11 | All | All | All |
| Operating System | Sgi | Irix | 6.5.12 | All | All | All |
| Operating System | Sgi | Irix | 6.5.13 | All | All | All |
| Operating System | Sgi | Irix | 6.5.14 | All | All | All |
| Operating System | Sgi | Irix | 6.5.15 | All | All | All |
| Operating System | Sgi | Irix | 6.5.16 | All | All | All |
| Operating System | Sgi | Irix | 6.5.17 | All | All | All |
| Operating System | Sgi | Irix | 6.5.18 | All | All | All |
| Operating System | Sgi | Irix | 6.5.2 | All | All | All |
| Operating System | Sgi | Irix | 6.5.3 | All | All | All |
| Operating System | Sgi | Irix | 6.5.4 | All | All | All |
| Operating System | Sgi | Irix | 6.5.5 | All | All | All |
| Operating System | Sgi | Irix | 6.5.6 | All | All | All |
| Operating System | Sgi | Irix | 6.5.7 | All | All | All |
| Operating System | Sgi | Irix | 6.5.8 | All | All | All |
| Operating System | Sgi | Irix | 6.5.9 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| N-023: Buffer Overrun Vulnerability in Samba Server2.2 | CIAC | www.ciac.org | |
| 'GLSA: samba' - MARC | BUGTRAQ | marc.info | |
| '[OpenPKG-SA-2002.012] OpenPKG Security Advisory (samba)' - MARC | BUGTRAQ | marc.info | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| CERT/CC Vulnerability Note VU#958321 | CERT-VN | www.kb.cert.org | US Government Resource |
| N-019: Samba Encrypted Password Buffer Overrun Vulnerability | CIAC | www.ciac.org | |
| 20021204-01-I | SGI | patches.sgi.com | |
| redhat.com | Red Hat Support | REDHAT | www.redhat.com | Patch, Vendor Advisory |
| MDKSA-2002:081 | MANDRAKE | www.linux-mandrake.com | |
| Debian -- Security Information -- DSA-200-1 samba | DEBIAN | www.debian.org | Patch, Vendor Advisory |
| SAMBA - opening windows to a wider world | CONFIRM | us1.samba.org | Vendor Advisory |
| Samba Server Encrypted Password Buffer Overrun Vulnerability | BID | www.securityfocus.com | Patch, Vendor Advisory |
| Free Sun Alert Notifications Article 53580 | SUNALERT | sunsolve.sun.com | |
| NOVELL: Broken Link - 404 Error Pages | SUSE | www.novell.com | |
| Home - Conectiva | CONECTIVA | distro.conectiva.com.br | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.