CVE-2002-1318
published 2002-12-11CVE-2002-1318: Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password…
PriorityP350critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
51.91%
98.8th percentile
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | samba | < samba 2.2.7 (bookworm) | samba 2.2.7 (bookworm) |
| hp | cifs-9000_server | — | — |
| hp | cifs-9000_server | — | — |
| hp | cifs-9000_server | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | >= 0 < 2.2.7 | 2.2.7 |
| samba | samba | >= 0 < 2.2.7 | 2.2.7 |
| samba | samba | >= 0 < 2.2.7 | 2.2.7 |
| samba | samba | >= 0 < 2.2.7 | 2.2.7 |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target Samba versions 2.2.2 through 2.2.6 are vulnerable; the overflow occurs during decryption of an encrypted password change request when a DOS codepage string is converted to a little-endian UCS2 unicode string ↗
- →The exploit vector is an NT transaction (nttrans) request carrying a malformed encrypted password change payload; monitor SMB nttrans traffic for anomalous encrypted password change requests ↗
- →The root cause is a length-checking bug in encrypted password change requests from clients; inspect SMB password change request handling for oversized payloads ↗
- ·Samba 2.2.7 resolves this vulnerability; systems still running 2.2.2–2.2.6 remain exploitable ↗
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0CRITICAL
vendor_redhat10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2002-11-20·CVSS 10.0
CVE-2002-1318 [CRITICAL] security flaw
security flaw
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
Debian
CVE-2002-1318: samba - Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a ...
vendor_debian·2002·CVSS 10.0
CVE-2002-1318 [CRITICAL] CVE-2002-1318: samba - Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a ...
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
Scope: local
bookworm: resolved (fixed in 2.2.7)
bullseye: resolved (fixed in 2.2.7)
forky: resolved (fixed in 2.2.7)
sid: resolved (fixed in 2.2.7)
trixie: resolved (fixed in 2.2.7)
GHSA
GHSA-746r-2wrh-hhjx: Buffer overflow in samba 2
ghsa_unreviewed·2022-05-03
CVE-2002-1318 [HIGH] GHSA-746r-2wrh-hhjx: Buffer overflow in samba 2
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
OSV
CVE-2002-1318: Buffer overflow in samba 2
osv·2002-12-11·CVSS 10.0
CVE-2002-1318 [CRITICAL] CVE-2002-1318: Buffer overflow in samba 2
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
No detection rules found.
ftp://patches.sgi.com/support/free/security/advisories/20021204-01-Ihttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000550http://marc.info/?l=bugtraq&m=103801986818076&w=2http://marc.info/?l=bugtraq&m=103859045302448&w=2http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/53580http://us1.samba.org/samba/whatsnew/samba-2.2.7.htmlhttp://www.ciac.org/ciac/bulletins/n-019.shtmlhttp://www.ciac.org/ciac/bulletins/n-023.shtmlhttp://www.ciac.org/ciac/bulletins/n-023.shtmlhttp://www.debian.org/security/2002/dsa-200http://www.kb.cert.org/vuls/id/958321http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-081.phphttp://www.novell.com/linux/security/advisories/2002_045_samba.htmlhttp://www.redhat.com/support/errata/RHSA-2002-266.htmlhttp://www.securityfocus.com/bid/6210https://exchange.xforce.ibmcloud.com/vulnerabilities/10683https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1467ftp://patches.sgi.com/support/free/security/advisories/20021204-01-Ihttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000550http://marc.info/?l=bugtraq&m=103801986818076&w=2http://marc.info/?l=bugtraq&m=103859045302448&w=2http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/53580http://us1.samba.org/samba/whatsnew/samba-2.2.7.htmlhttp://www.ciac.org/ciac/bulletins/n-019.shtmlhttp://www.ciac.org/ciac/bulletins/n-023.shtmlhttp://www.ciac.org/ciac/bulletins/n-023.shtmlhttp://www.debian.org/security/2002/dsa-200http://www.kb.cert.org/vuls/id/958321http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-081.phphttp://www.novell.com/linux/security/advisories/2002_045_samba.htmlhttp://www.redhat.com/support/errata/RHSA-2002-266.htmlhttp://www.securityfocus.com/bid/6210https://exchange.xforce.ibmcloud.com/vulnerabilities/10683https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1467
2002-12-11
Published