Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0366

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-0366
Last Modified 05 Sep 2008 04:27:50
Published 03 Jul 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0366

Summary

Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows Nt 4.0

  • Microsoft Windows Xp


References

BID - 4852

MS - MS02-029

MISC - http://www.nextgenss.com/vna/ms-ras.txt

BUGTRAQ - 20020620 VPN and Q318138

BUGTRAQ - 20020613 Microsoft RASAPI32.DLL


Last Updated: 27 May 2016 10:36:53