Unchecked Buffer in Microsoft RAS Phonebook

Reported June 12, 2002, by Microsoft.



·         Microsoft Windows XP

·         Microsoft Windows 2000

·         Microsoft Windows NT 4.0

·         Microsoft Windows NT Server 4.0 Terminal Server Edition

·         Microsoft RRAS, which can be installed on NT 4.0 Service Pack 6 (SP6) or WTS SP6



A buffer overrun condition exists in Microsoft’s RAS phonebook implementation that can compromise the affected system. If an attacker logs on to an affected server and modifies a phonebook entry using specially malformed data and makes a connection using this modified phonebook entry, the attacker can run the data as code by the system under LocalSystem security privileges.


The vendor, Microsoft, has released Security Bulletin MS02-029 (Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution) to address this vulnerability and recommends that affected users download and apply the appropriate patch mentioned in the bulletin.


Discovered by Next Generation Security Software.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.