1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Unchecked Buffer in Remote Access Service Phonebook: July 2

Discussion in 'Windows XP' started by eddie5659, Jul 3, 2002.

Thread Status:
Not open for further replies.
  1. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    35,186
    Hiya

    This is an update to a patch from June, but cannot find the thread anywhere here. Not by me, anyway :p

    On June 12, 2002, Microsoft released the original version of this
    bulletin. On July 2, 2002, the bulletin was updated to reflect the
    availability of a revised patch. Although the original patch
    completely eliminated the vulnerability, it had the side effect of
    preventing non-administrative users from making VPN connections in
    some cases. The revised patch correctly handles VPN connections.
    The revised patch is immediately available from the Download Center
    and will be soon made available via WindowsUpdate.

    Issue:
    ======
    The Remote Access Service (RAS) provides dial-up connections between
    computers and networks over phone lines. RAS is delivered as a native
    system service in Windows NT 4.0, Windows 2000 and Windows XP, and
    also is included in a separately downloadable Routing and Remote
    Access Server (RRAS) for Windows NT 4.0. All of these implementations
    include a RAS phonebook, which is used to store information about
    telephone numbers, security, and network settings used to dial-up
    remote systems.

    A flaw exists in the RAS phonebook implementation: a phonebook value
    is not properly checked, and is susceptible to a buffer overrun. The
    overrun could be exploited for either of two purposes: causing a
    system failure, or running code on the system with LocalSystem
    privileges. If an attacker were able to log onto an affected server
    and modify a phonebook entry using specially malformed data, then
    made a connection using the modified phonebook entry, the specially
    malformed data could be run as code by the system.

    Maximum Severity Rating: Critical

    Affected Software:

    Microsoft Windows NT 4.0
    Microsoft Windows NT 4.0 Terminal Server Edition
    Microsoft Windows 2000
    Microsoft Windows XP
    Microsoft Routing and Remote Access Server, which can be installed on Windows NT 4.0 Service Pack 6 or NT 4.0 Terminal Server Edition Service Pack 6.

    Download locations for this patch

    Microsoft Windows NT 4.0:


    http://www.microsoft.com/ntserver/nts/downloads/security/q318138/default.asp

    Microsoft Windows NT 4.0 running RRAS (English Only):


    http://www.microsoft.com/ntserver/nts/downloads/security/q318138/default.asp

    Microsoft Windows NT 4.0 Terminal Server Edition:



    http://www.microsoft.com/ntserver/terminalserver/downloads/security/q318138/default.asp

    Microsoft Windows NT 4.0 Terminal Server Edition running RRAS


    http://www.microsoft.com/ntserver/terminalserver/downloads/security/q318138/default.asp

    Microsoft Windows 2000:


    http://www.microsoft.com/windows2000/downloads/security/q318138/default.asp

    Microsoft Windows XP:


    http://www.microsoft.com/downloads/release.asp?ReleaseID=38833

    Microsoft Windows XP 64-bit Edition:



    http://www.microsoft.com/downloads/release.asp?ReleaseID=39011

    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-029.asp

    Regards

    eddie
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/85705

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice