CVE-2002-2077 Information

Description

The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an \alter context\ request which may allow remote attackers to obtain sensitive information by sniffing the session.

Reference

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q300367 http://www.bindview.com/Services/razor/Advisories/2002/adv_dcom.cfm http://www.iss.net/security_center/static/8739.php http://www.securityfocus.com/bid/4410