CVE-2002-2196

Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.

Published: Dec 31, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-2196
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
samba / samba	2.2.1a	2.2.1a.x
samba / samba	2.2.3a	2.2.3a.x
samba / samba	1.9.18-p2	1.9.18-p2.x
samba / samba	1.9.17-p5	1.9.17-p5.x
samba / samba	1.9.18-p1	1.9.18-p1.x
samba / samba	1.9.18-p4	1.9.18-p4.x
samba / samba	1.9.17-p1	1.9.17-p1.x
samba / samba	1.9.18-p10	1.9.18-p10.x
samba / samba	1.9.17	1.9.17.x
samba / samba	1.9.18-p3	1.9.18-p3.x
samba / samba	2.2.1	2.2.1.x
samba / samba	1.9.18-p8	1.9.18-p8.x
samba / samba	1.9.18-p6	1.9.18-p6.x
samba / samba	1.9.18-p7	1.9.18-p7.x
samba / samba	2.2a	2.2a.x
samba / samba	1.9.17-p3	1.9.17-p3.x
samba / samba	2.0.5a	2.0.5a.x
samba / samba	-	2.2.4.x
samba / samba	2.0.0	2.0.0.x
samba / samba	1.9.18-p5	1.9.18-p5.x
samba / samba	1.9.17-p4	1.9.17-p4.x

Vulnerability Database

289,599

CVE-2002-2196