| Vulnerability Name: | CVE-2002-1256 (CCN-10843) | ||||||||
| Assigned: | 2002-12-11 | ||||||||
| Published: | 2002-12-11 | ||||||||
| Updated: | 2019-04-30 | ||||||||
| Summary: | The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2002-1256 Source: CCN Type: Microsoft Security Bulletin MS15-083 Vulnerability in Server Message Block Could Allow Remote Code Execution (3073921) Source: CCN Type: Microsoft Security Bulletin MS16-114 Security Update for Windows SMBv1 Server (3185879) Source: CCN Type: Microsoft Security Bulletin MS17-010 Security Update for Windows SMB Server (4013389) Source: CCN Type: Microsoft Security Bulletin MS02-070 Flaw in SMB Signing Could Enable Group Policy to be Modified (309376) Source: CCN Type: Microsoft Security Bulletin MS05-027 Vulnerability in Server Message Block Could Allow Remote Code Execution (896422) Source: CCN Type: Microsoft Security Bulletin MS06-035 Vulnerability in Server Service Could Allow Remote Code Execution (917159) Source: CCN Type: Microsoft Security Bulletin MS06-063 Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution (923414) Source: CCN Type: Microsoft Security Bulletin MS08-063 Vulnerability in SMB Could Allow Remote Code Execution (957095) Source: CCN Type: Microsoft Security Bulletin MS09-001 Vulnerabilities in SMB Could Allow Remote Code Execution (958687) Source: CCN Type: Microsoft Security Bulletin MS10-012 Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468) Source: CCN Type: Microsoft Security Bulletin MS10-054 Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) Source: CCN Type: Microsoft Security Bulletin MS11-020 Vulnerability in SMB Server Could Allow Remote Code Execution (2508429) Source: CCN Type: OSVDB ID: 11799 Microsoft Windows SMB Signing Group Policy Modification Source: BID Type: UNKNOWN 6367 Source: CCN Type: BID-6367 Microsoft Windows SMB Signing Vulnerability Source: MS Type: UNKNOWN MS02-070 Source: XF Type: UNKNOWN win-smb-policy-modification(10843) Source: XF Type: UNKNOWN win-smb-policy-modification(10843) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:277 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||