Vulnerability in SMB Signing of Microsoft Windows 2000 and XP
CVE-2002-1256

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2000 Terminal Services; Windows Xp; Windows 2000
Vendor: CVE Published:; 23 December 2002

What is CVE-2002-1256?

The SMB signing vulnerability within Microsoft Windows 2000 and Windows XP allows attackers to bypass digital signing settings in SMB sessions. This exploitation enables unauthorized data injection and manipulation without detection, posing risks such as altering critical group policy information transmitted from domain controllers. Attackers can thus compromise the integrity of network communications and potentially gain unauthorized access to sensitive information.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.securityfocus.com/bid/6367

vdb-entryx_refsource_BID

EPSS Score

31% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 23, 2002
Vulnerability Reserved
Nov 4, 2002

JSON