Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2002-0724 | First vendor Publication | 2002-09-24 |
| Vendor | Cve | Last vendor Modification | 2024-11-20 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service". |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0724 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:189 | |||
| Oval ID: | oval:org.mitre.oval:def:189 | ||
| Title: | Network Share Provider Buffer Overflow | ||
| Description: | Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service". | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2002-0724 | Version: | 6 |
| Platform(s): | Microsoft Windows 2000 | Product(s): | SMB (Server Message Block) |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
ExploitDB Exploits
| id | Description |
|---|---|
| 2002-08-22 | MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (1) |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 2074 | Microsoft Windows Server Message Block (SMB) Protocol SMB_COM_TRANSACTION Pac... A vulnerability has been discovered in the Windows Network Share Provider service (Lanman server) that would allow an attacker to remotely crash the operating system of an affected platform. This vulnerability can be triggered through an anonymous null session as well as a valid user account and requires network access to either port 139/tcp or 445/tcp. |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Windows SMB Trans unicode andx Max Param/Count attempt RuleID : 5726 - Revision : 11 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB Trans andx Max Param/Count attempt RuleID : 5725 - Revision : 11 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB-DS Trans unicode andx Max Param/Count attempt RuleID : 5724 - Revision : 11 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB-DS Trans andx Max Param/Count attempt RuleID : 5723 - Revision : 12 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB Trans unicode andx Max Param/Count attempt RuleID : 5722 - Revision : 11 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB Trans andx Max Param/Count attempt RuleID : 5721 - Revision : 11 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB Trans unicode Max Param/Count attempt RuleID : 5720 - Revision : 11 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB Trans Max Param/Count attempt RuleID : 5719 - Revision : 11 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB-DS Trans unicode Max Param/Count attempt RuleID : 5718 - Revision : 13 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB-DS Trans Max Param/Count attempt RuleID : 5717 - Revision : 12 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB Trans unicode Max Param/Count attempt RuleID : 5716 - Revision : 11 - Type : OS-WINDOWS |
| 2014-01-10 | SMB SMB_COM_TRANSACTION Max Data Count of 0 DOS Attempt RuleID : 2102 - Revision : 12 - Type : NETBIOS |
| 2014-01-10 | Microsoft Windows SMB Trans Max Param/Count attempt RuleID : 2101-community - Revision : 23 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows SMB Trans Max Param/Count attempt RuleID : 2101 - Revision : 23 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2003-03-01 | Name : It is possible to crash the remote host. File : smb_nt_ms02-045.nasl - Type : ACT_GATHER_INFO |
| 2002-08-23 | Name : The remote host is vulnerable to a denial of service attack. File : smb_null_params_dos.nasl - Type : ACT_ATTACK |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:23:50 |
|
| 2024-11-28 12:05:05 |
|
| 2024-08-02 12:02:13 |
|
| 2024-08-02 01:01:20 |
|
| 2024-02-02 01:02:01 |
|
| 2024-02-01 12:01:21 |
|
| 2023-09-05 12:01:55 |
|
| 2023-09-05 01:01:13 |
|
| 2023-09-02 12:01:57 |
|
| 2023-09-02 01:01:13 |
|
| 2023-08-12 12:02:18 |
|
| 2023-08-12 01:01:13 |
|
| 2023-08-11 12:02:01 |
|
| 2023-08-11 01:01:14 |
|
| 2023-08-06 12:01:51 |
|
| 2023-08-06 01:01:14 |
|
| 2023-08-04 12:01:55 |
|
| 2023-08-04 01:01:13 |
|
| 2023-07-14 12:01:53 |
|
| 2023-07-14 01:01:14 |
|
| 2023-03-29 01:01:52 |
|
| 2023-03-28 12:01:19 |
|
| 2022-10-11 12:01:41 |
|
| 2022-10-11 01:01:07 |
|
| 2021-05-04 12:01:42 |
|
| 2021-04-22 01:01:50 |
|
| 2020-05-23 00:15:01 |
|
| 2019-05-09 12:01:12 |
|
| 2019-04-30 21:19:17 |
|
| 2018-10-13 00:22:25 |
|
| 2017-10-11 09:23:15 |
|
| 2016-10-18 12:01:02 |
|
| 2016-04-26 12:11:50 |
|
| 2014-02-17 10:24:49 |
|
| 2014-01-19 21:21:43 |
|
| 2013-05-11 12:10:22 |
|
