Synced 19 Jun 2026 02:21 UTC Account
← All products

CVE-2002-2196

HIGH severity · CVSS 7.5 · Memory corruption
7.5CVSS HIGH

Summary

Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.

Impact & exploitability

Attack vectorNetwork
Attack complexityLow
Privileges required
User interaction
Confidentiality impact
Integrity impact
Availability impact
Exploit probability (EPSS)7%

AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected products we track (1)

Samba

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Official patch: http://www.iss.net/security_center/static/10010.php ↗

Additional information