Reported June 12, 2002, by
Microsoft.
VERSIONS AFFECTED
·
Microsoft Windows XP
·
Microsoft Windows 2000
·
Microsoft Windows NT 4.0
·
Microsoft Windows NT Server 4.0 Terminal Server Edition
·
Microsoft RRAS, which can be installed on NT 4.0 Service
Pack 6 (SP6) or WTS SP6
DESCRIPTION
A buffer overrun condition exists in Microsoft’s
RAS phonebook implementation that can compromise the affected system. If an
attacker logs on to an affected server and modifies a phonebook entry using
specially malformed data and makes a connection using this modified phonebook
entry, the attacker can run the data as code by the system under LocalSystem
security privileges.
VENDOR RESPONSE
The
vendor, Microsoft, has released Security
Bulletin MS02-029
(Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code
Execution) to address this vulnerability and recommends that affected users
download and apply the appropriate patch mentioned in the bulletin.
CREDIT
Discovered by Next
Generation Security Software.
Unchecked Buffer in Microsoft RAS Phonebook
0 comments
Hide comments