Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Windows_2000 | Microsoft | * | * |
| Windows_nt | Microsoft | 4.0 (including) | 4.0 (including) |
| Windows_nt | Microsoft | 4.0-sp1 (including) | 4.0-sp1 (including) |
| Windows_nt | Microsoft | 4.0-sp2 (including) | 4.0-sp2 (including) |
| Windows_nt | Microsoft | 4.0-sp3 (including) | 4.0-sp3 (including) |
| Windows_nt | Microsoft | 4.0-sp4 (including) | 4.0-sp4 (including) |
| Windows_nt | Microsoft | 4.0-sp5 (including) | 4.0-sp5 (including) |
| Windows_nt | Microsoft | 4.0-sp6 (including) | 4.0-sp6 (including) |
| Windows_nt | Microsoft | 4.0-sp6a (including) | 4.0-sp6a (including) |
| Windows_xp | Microsoft | * | * |
References
- http://online.securityfocus.com/archive/1/276776
- http://online.securityfocus.com/archive/1/278145
- http://www.nextgenss.com/vna/ms-ras.txt
- http://www.securityfocus.com/bid/4852
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-029
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A61
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A63
- http://online.securityfocus.com/archive/1/276776
- http://online.securityfocus.com/archive/1/278145
- http://www.nextgenss.com/vna/ms-ras.txt
- http://www.securityfocus.com/bid/4852
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-029
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A61
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A63