CVE-2002-2196

{"id": "CVE-2002-2196", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2002-12-31T05:00:00.000", "references": [{"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc", "source": "cve@mitre.org"}, {"url": "http://lists.samba.org/archive/samba-technical/2002-June/022075.html", "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHBA-2002-209.html", "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/10010.php", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/5587", "tags": ["Patch"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack."}], "lastModified": "2008-09-05T20:32:35.087", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F69ED4B5-C485-4996-8AAE-F3800D37170F", "versionEndIncluding": "2.2.4"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3B50D9E-EA43-44BF-9176-610EC808B986"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.17:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCBBF662-40C3-4280-BE79-9D7C36A6DF5C"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.17:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDD6A6AE-C636-4131-807B-59F7784B7AB7"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.17:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C6D63F5-B72C-445A-BC61-D52D6022481B"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.17:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1ADD724A-1747-4678-A659-0A528B728C66"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.18:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3ABEA3A-8F88-4947-80A5-CF1459F5AC8F"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.18:p10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86F85E94-9F94-457A-A606-35DB558484A3"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.18:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1ED4704B-2422-43C9-A2E0-9851F56D4CEC"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.18:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "158D175A-E0D7-45EF-BDD2-D86F2E8F7766"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.18:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7854FCEF-D1F8-4DEC-A6CB-C4470899F71C"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.18:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36D8B675-C209-4D5A-8EA7-1B3515E930FC"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.18:p6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BCECF31-4C73-4ABA-9F84-D5DBA1DB1F50"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.18:p7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C5A1382-D147-43E5-8DB7-93B7A3B9AA0E"}, {"criteria": "cpe:2.3:a:samba:samba:1.9.18:p8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A497A5D-96FC-490E-87EB-94C1BE7338A3"}, {"criteria": "cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F681E4CC-B8D3-48A2-B93E-0363B22B059E"}, {"criteria": "cpe:2.3:a:samba:samba:2.0.5a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BDD0125-4C47-404A-9DC0-2E923C66B4D5"}, {"criteria": "cpe:2.3:a:samba:samba:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCACECDD-40F1-4A9B-8B8A-20565FEE3627"}, {"criteria": "cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19F65FF3-71F8-4278-A823-A6E0FF65D9F1"}, {"criteria": "cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "614547F5-9C3F-489B-9B72-91B0FF646CCC"}, {"criteria": "cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC2AE5A9-62C5-4DCE-85B3-16F48695B3B4"}], "operator": "OR"}]}], "vendorComments": [{"comment": "This issue did not affect the versions of Samba as distributed with Red Hat Enterprise Linux 2.1, 3, or 4.", "lastModified": "2006-08-30T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "cve@mitre.org"}