CVE-2002-0366 Information

Description

Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0 2000 XP and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.

Reference

http://online.securityfocus.com/archive/1/276776 http://online.securityfocus.com/archive/1/278145 http://www.nextgenss.com/vna/ms-ras.txt http://www.securityfocus.com/bid/4852 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-029 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A61 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A63