CVE-2002-0053

Current Description

Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available.

Basic Data

PublishedMarch 08, 2002
Last ModifiedOctober 12, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-119
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSMicrosoftWindows 2000********
    2.3OSMicrosoftWindows 95********
    2.3OSMicrosoftWindows 98*gold******
    2.3OSMicrosoftWindows 98se********
    2.3OSMicrosoftWindows Nt4.0*******
    2.3OSMicrosoftWindows Xp*gold******

Vulnerable Software List

VendorProductVersions
Microsoft Windows 98 *
Microsoft Windows 2000 *
Microsoft Windows 98se *
Microsoft Windows 95 *
Microsoft Windows Nt 4.0
Microsoft Windows Xp *

References

NameSourceURLTags
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0012http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0012MISC
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0013http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0013MISC
CA-2002-03http://www.cert.org/advisories/CA-2002-03.htmlCERTPatch Third Party Advisory US Government Resource
http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.htmlhttp://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.htmlMISC
VU#107186http://www.kb.cert.org/vuls/id/107186CERT-VNUS Government Resource
VU#854306http://www.kb.cert.org/vuls/id/854306CERT-VNUS Government Resource
MS02-006https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006MS
oval:org.mitre.oval:def:209https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A209OVAL
oval:org.mitre.oval:def:402https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A402OVAL