Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0724Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows NT

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents5 sources
Severity
7.5HIGHNVD
EPSS
59.1%
top 1.76%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Windows NT
Timeline
PublishedSep 24
Latest updateApr 30

Description

Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service".

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

Patches

Patch: www.kb.cert.orgPatch: www.kb.cert.org

🔴Vulnerability Details

2
GHSA
GHSA-w6f5-h26h-f4gj: Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of ser2022-04-30
CVEList
CVE-2002-0724: Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of ser2002-08-24

💥Exploits & PoCs

2
Exploit-DB
Microsoft Windows XP/2000/NT 4.0 - Network Share Provider SMB Request Buffer Overflow (1)2002-08-22
Exploit-DB
Microsoft Windows XP/2000/NT 4.0 - Network Share Provider SMB Request Buffer Overflow (2)2002-08-22

📋Vendor Advisories

1
Cisco
Microsoft Windows SMB Denial of Service Vulnerabilities in Cisco Products - MS02-0452002-09-18
CVE-2002-0724 — Microsoft Windows NT vulnerability | cvebase