ID CVE-2002-0724
Summary Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service".
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2000:-:advanced_server
    cpe:2.3:o:microsoft:windows_2000:-:advanced_server
  • cpe:2.3:o:microsoft:windows_2000:-:professional
    cpe:2.3:o:microsoft:windows_2000:-:professional
  • cpe:2.3:o:microsoft:windows_2000:-:server
    cpe:2.3:o:microsoft:windows_2000:-:server
  • Microsoft Windows 2000 Advanced Server SP1
    cpe:2.3:o:microsoft:windows_2000:-:sp1:advanced_server
  • Microsoft Windows 2000 Professional SP1
    cpe:2.3:o:microsoft:windows_2000:-:sp1:professional
  • Microsoft Windows 2000 Server SP1
    cpe:2.3:o:microsoft:windows_2000:-:sp1:server
  • Microsoft Windows 2000 Advanced Server SP2
    cpe:2.3:o:microsoft:windows_2000:-:sp2:advanced_server
  • Microsoft Windows 2000 Professional SP2
    cpe:2.3:o:microsoft:windows_2000:-:sp2:professional
  • Microsoft Windows 2000 Server SP2
    cpe:2.3:o:microsoft:windows_2000:-:sp2:server
  • Microsoft Windows 2000 Advanced Server SP3
    cpe:2.3:o:microsoft:windows_2000:-:sp3:advanced_server
  • Microsoft Windows 2000 Professional SP3
    cpe:2.3:o:microsoft:windows_2000:-:sp3:professional
  • Microsoft Windows 2000 Server SP3
    cpe:2.3:o:microsoft:windows_2000:-:sp3:server
  • cpe:2.3:o:microsoft:windows_nt:4.0:-:server
    cpe:2.3:o:microsoft:windows_nt:4.0:-:server
  • cpe:2.3:o:microsoft:windows_nt:4.0:-:terminal_server
    cpe:2.3:o:microsoft:windows_nt:4.0:-:terminal_server
  • cpe:2.3:o:microsoft:windows_nt:4.0:-:workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:-:workstation
  • Microsoft Windows 4.0 sp1 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server
  • Microsoft Windows NT Terminal Server 4.0 SP1
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server
  • Microsoft Windows 4.0 sp1 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation
  • Microsoft Windows 4.0 sp2 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server
  • Microsoft Windows NT Terminal Server 4.0 SP2
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server
  • Microsoft Windows 4.0 sp2 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation
  • Microsoft Windows 4.0 sp3 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server
  • Microsoft Windows NT Terminal Server 4.0 SP3
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server
  • Microsoft Windows 4.0 sp3 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation
  • Microsoft Windows 4.0 sp4 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server
  • Microsoft Windows NT Terminal Server 4.0 SP4
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server
  • Microsoft Windows 4.0 sp4 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation
  • Microsoft Windows 4.0 sp5 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server
  • Microsoft Windows NT Terminal Server 4.0 SP5
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server
  • Microsoft Windows 4.0 sp5 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation
  • Microsoft Windows 4.0 sp6 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server
  • Microsoft Windows NT Terminal Server 4.0 SP6
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server
  • Microsoft Windows 4.0 sp6 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation
  • Microsoft Windows 4.0 sp6a server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server
  • Microsoft Windows NT Terminal Server 4.0 SP6a
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server
  • Microsoft Windows 4.0 sp6a workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation
  • cpe:2.3:o:microsoft:windows_xp:-:64-bit
    cpe:2.3:o:microsoft:windows_xp:-:64-bit
  • Microsoft windows xp_gold
    cpe:2.3:o:microsoft:windows_xp:-:gold
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
  • description MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (2). CVE-2002-0724. Dos exploit for windows platform
    id EDB-ID:21747
    last seen 2016-02-02
    modified 2002-08-22
    published 2002-08-22
    reporter zamolx3
    source https://www.exploit-db.com/download/21747/
    title Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow 2
  • description MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (1). CVE-2002-0724. Dos exploit for windows platform
    id EDB-ID:21746
    last seen 2016-02-02
    modified 2002-08-22
    published 2002-08-22
    reporter Frederic Deletang
    source https://www.exploit-db.com/download/21746/
    title Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow 1
nessus via4
  • NASL family Windows
    NASL id SMB_NULL_PARAMS_DOS.NASL
    description The remote host is vulnerable to a denial of service attack in its SMB stack. An attacker may exploit this flaw to crash the remote host remotely, without any authentication.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 11110
    published 2002-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=11110
    title MS02-045: Microsoft Windows SMB Protocol SMB_COM_TRANSACTION Packet Remote Overflow DoS (326830) (uncredentialed check)
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_NT_MS02-045.NASL
    description Due to a flaw in Microsoft's SMB implementation, the remote host is vulnerable to a denial of service attack. By sending a specially crafted packet request, an attacker could launch a denial of service, causing the affected host to crash. Note that this vulnerability is not exploitable without credentials unless anonymous access has been disabled.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 11300
    published 2003-03-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=11300
    title MS02-045: Unchecked buffer in Network Share Provider (326830)
oval via4
accepted 2011-05-16T04:02:00.701-04:00
class vulnerability
contributors
  • name Christine Walzer
    organization The MITRE Corporation
  • name Christine Walzer
    organization The MITRE Corporation
  • name Shane Shaffer
    organization G2, Inc.
  • name Sudhir Gandhe
    organization Telos
  • name Shane Shaffer
    organization G2, Inc.
description Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service".
family windows
id oval:org.mitre.oval:def:189
status accepted
submitted 2003-10-10T12:00:00.000-04:00
title Network Share Provider Buffer Overflow
version 68
refmap via4
bugtraq 20020822 CORE-20020618: Vulnerabilities in Windows SMB (DoS)
cert-vn
  • VU#250635
  • VU#311619
  • VU#342243
ms MS02-045
Last major update 17-10-2016 - 22:21
Published 24-09-2002 - 00:00
Last modified 12-10-2018 - 17:31
Back to Top