Vulnerability Name:

CVE-2002-1318 (CCN-10683)

Assigned:2002-11-20
Published:2002-11-20
Updated:2018-05-03
Summary:Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2003-017.0
OpenLinux: Various serious Samba vulnerabilities

Source: CCN
Type: SCO Security Advisory CSSA-2003-017.0
OpenLinux: Various serious Samba vulnerabilities

Source: CCN
Type: SGI Security Advisory 20021204-01-I
Samba Security Vulnerability

Source: SGI
Type: UNKNOWN
20021204-01-I

Source: CCN
Type: Gentoo Linux Security Announcement 200211-007
samba

Source: MITRE
Type: CNA
CVE-2002-1318

Source: CONECTIVA
Type: UNKNOWN
CLA-2002:550

Source: CCN
Type: Conectiva Linux Announcement CLSA-2002:550
samba

Source: BUGTRAQ
Type: UNKNOWN
20021121 GLSA: samba

Source: BUGTRAQ
Type: UNKNOWN
20021129 [OpenPKG-SA-2002.012] OpenPKG Security Advisory (samba)

Source: CCN
Type: RHSA-2002-266
New samba packages available to fix potential security vulnerability

Source: CCN
Type: Samba Web site
Release Notes for Samba

Source: CCN
Type: Sun Alert ID: 53580
Security Vulnerability in Samba(7) Versions 2.2.2 Through 2.2.6 May Allow Remote User Unauthorized Privileges

Source: SUNALERT
Type: UNKNOWN
53580

Source: CONFIRM
Type: Vendor Advisory
http://us1.samba.org/samba/whatsnew/samba-2.2.7.html

Source: CCN
Type: CIAC Information Bulletin N-019
Samba Encrypted Password Buffer Overrun Vulnerability

Source: CIAC
Type: UNKNOWN
N-019

Source: CCN
Type: CIAC information Bulletin N-023
HP - Vulnerability in CIFS/9000 Samba Server2.2

Source: CIAC
Type: UNKNOWN
N-023

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-200

Source: DEBIAN
Type: DSA-200
samba -- remote exploit

Source: CCN
Type: US-CERT VU#958321
Samba contains a remotely exploitable stack buffer overflow

Source: CERT-VN
Type: US Government Resource
VU#958321

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2002:081

Source: SUSE
Type: UNKNOWN
SuSE-SA:2002:045

Source: CCN
Type: OpenPKG-SA-2002.012
Samba

Source: CCN
Type: OSVDB ID: 14525
Samba Encrypted Password String Conversion Decryption Overflow DoS

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2002:266

Source: BID
Type: Patch, Vendor Advisory
6210

Source: CCN
Type: BID-6210
Samba Server Encrypted Password Buffer Overrun Vulnerability

Source: CCN
Type: Trustix Secure Linux Security Advisory #2002-0080
samba - Remote hole

Source: CCN
Type: Hewlett-Packard Company Security Bulletin HPSBUX0212-230
SSRT2437 Sec. Vulnerability in CIFS/9000 Samba Server2 2

Source: XF
Type: UNKNOWN
samba-password-change-bo(10683)

Source: XF
Type: UNKNOWN
samba-password-change-bo(10683)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1467

Source: SUSE
Type: SUSE-SA:2002:045
samba: possible remote code execution

Vulnerable Configuration:Configuration 1:
  • cpe:/a:samba:samba:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.6:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.6:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.7:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.9:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.10:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.11:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.12:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.13:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.14:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.15:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.16:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.17:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.18:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:hp:cifs-9000_server:a.01.08:*:*:*:*:*:*:*
  • OR cpe:/a:hp:cifs-9000_server:a.01.08.01:*:*:*:*:*:*:*
  • OR cpe:/a:hp:cifs-9000_server:a.01.09:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:samba:samba:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.6:*:*:*:*:*:*:*
  • AND
  • cpe:/o:sgi:irix:6.5:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.6:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.9:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.10:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.11:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_firewall:*:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_email_server:iii:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:1.0:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.12:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.13:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.14:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.9:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.15:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.16:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:1.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_email_server:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.10f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.10m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.11f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.11m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.12f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.12m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.13f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.13m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.14f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.14m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.15f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.15m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.16f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.16m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.17:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.17f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.17m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.18:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.2f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.2m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.3f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.3m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.4f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.4m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.5f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.5m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.6f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.6m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.7f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.7m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.8f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.8m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.9f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.9m:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:1467
    V
    		Samba Encrypted Password DoS
    2005-03-09
    oval:org.debian:def:200
    V
    		remote exploit
    2002-11-22
    BACK
    samba samba 2.2.2
    samba samba 2.2.3
    samba samba 2.2.4
    samba samba 2.2.5
    samba samba 2.2.6
    sgi irix 6.5
    sgi irix 6.5.1
    sgi irix 6.5.2
    sgi irix 6.5.3
    sgi irix 6.5.4
    sgi irix 6.5.5
    sgi irix 6.5.6
    sgi irix 6.5.7
    sgi irix 6.5.8
    sgi irix 6.5.9
    sgi irix 6.5.10
    sgi irix 6.5.11
    sgi irix 6.5.12
    sgi irix 6.5.13
    sgi irix 6.5.14
    sgi irix 6.5.15
    sgi irix 6.5.16
    sgi irix 6.5.17
    sgi irix 6.5.18
    hp cifs-9000 server a.01.08
    hp cifs-9000 server a.01.08.01
    hp cifs-9000 server a.01.09
    samba samba 2.2.2
    samba samba 2.2.3
    samba samba 2.2.4
    samba samba 2.2.5
    samba samba 2.2.6
    sgi irix 6.5
    sgi irix 6.5.1
    sgi irix 6.5.3
    sgi irix 6.5.4
    redhat linux 7
    suse suse linux 7.0
    conectiva linux 6.0
    sgi irix 6.5.7
    redhat linux 7.1
    sgi irix 6.5.5
    sgi irix 6.5.6
    sgi irix 6.5.8
    suse suse linux 7.2
    conectiva linux 7.0
    trustix secure linux 1.5
    mandrakesoft mandrake linux 8.1
    redhat linux 7.2
    suse suse linux 7.3
    sgi irix 6.5.9
    sgi irix 6.5.10
    sgi irix 6.5.11
    suse suse linux firewall *
    suse suse linux database server *
    suse suse email server iii
    suse suse linux connectivity server *
    openpkg openpkg 1.0
    sgi irix 6.5.12
    sgi irix 6.5.13
    sgi irix 6.5.14
    mandrakesoft mandrake linux 8.2
    suse suse linux 8.0
    conectiva linux 8.0
    redhat linux 7.3
    sun solaris 9
    debian debian linux 3.0
    novell suse linux enterprise server *
    openpkg openpkg current
    gentoo linux *
    sgi irix 6.5.15
    sgi irix 6.5.16
    suse suse linux office server *
    redhat linux 8.0
    openpkg openpkg 1.1
    mandrakesoft mandrake linux 9.0
    suse suse email server 3.1
    suse suse linux 8.1
    sgi irix 6.5.10f
    sgi irix 6.5.10m
    sgi irix 6.5.11f
    sgi irix 6.5.11m
    sgi irix 6.5.12f
    sgi irix 6.5.12m
    sgi irix 6.5.13f
    sgi irix 6.5.13m
    sgi irix 6.5.14f
    sgi irix 6.5.14m
    sgi irix 6.5.15f
    sgi irix 6.5.15m
    sgi irix 6.5.16f
    sgi irix 6.5.16m
    sgi irix 6.5.17
    sgi irix 6.5.17f
    sgi irix 6.5.17m
    sgi irix 6.5.18
    sgi irix 6.5.2f
    sgi irix 6.5.2m
    sgi irix 6.5.3f
    sgi irix 6.5.3m
    sgi irix 6.5.4f
    sgi irix 6.5.4m
    sgi irix 6.5.5f
    sgi irix 6.5.5m
    sgi irix 6.5.6f
    sgi irix 6.5.6m
    sgi irix 6.5.7f
    sgi irix 6.5.7m
    sgi irix 6.5.8f
    sgi irix 6.5.8m
    sgi irix 6.5.9f
    sgi irix 6.5.9m