CVE-2002-0724

Microsoft Windows 2000 - Buffer Overflow

Title source: rule

Description

Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service".

Exploits (2)

exploitdb WRITEUP VERIFIED

by zamolx3 · textdoswindows

https://www.exploit-db.com/exploits/21747

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Frederic Deletang · cdoswindows

https://www.exploit-db.com/exploits/21746

View Code ZIP pw:eip

References (6)

[Mailing List] http://marc.info/?l=bugtraq&m=103011556323184&w=2

[US Government Resource] http://www.kb.cert.org/vuls/id/342243

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A189

[Patch, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/250635

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-045

[US Government Resource] http://www.kb.cert.org/vuls/id/311619

Scores

EPSS 0.5914

EPSS Percentile 98.2%

Details

Status published

Products (3)

microsoft/windows_2000 (4 CPE variants)

microsoft/windows_nt 4.0 (24 CPE variants)

microsoft/windows_xp (2 CPE variants)

Published Sep 24, 2002

Tracked Since Feb 18, 2026