- Quick specs
- Price: Free
- Operating system: Windows NT
- Date added: June 27, 2002
- Total Downloads: 1,000
- Downloads last week: 1
- See full specifications
- Average user rating: Be the first to rate this product!
Publisher's description
From Microsoft :The Remote Access Service (RAS) provides dial-up connections between computers and networks over phone lines. RAS is delivered as a native system service in Windows NT 4.0, Windows 2000, and Windows XP, and also is included in a separately downloadable Routing and Remote Access Server (RRAS) for Windows NT 4.0. All of these implementations include a RAS phonebook, which is used to store information about telephone numbers, security, and network settings used to dial-up remote systems.
A flaw exists in the RAS phonebook implementation: a phonebook value is not properly checked, and is susceptible to a buffer overrun. The overrun could be exploited for either of two purposes: causing a system failure, or running code on the system with LocalSystem privileges. If an attacker were able to log onto an affected server and modify a phonebook entry using specially malformed data, then made a connection using the modified phonebook entry, the specially malformed data could be run as code by the system.
CNET Editor's Note: The Download Now link will take you to a page where you can get the download.
More popular Encryption Software downloads
- 52,623 downloads 1. RoboForm
- 27,875 downloads 2. Hotspot Shield
- 26,862 downloads 3. Computer Use Reporter
- 8,814 downloads 4. Easy File Encryption
- 8,095 downloads 5. Easy Private Disk
- See all Encryption Software downloads
User reviews
Write your own review Be the first one to review Windows NT Remote Access Service Phonebook Vulnerability Patch MS02-029 and share your experience with the CNET community!
Submit your review
- See more CNET content tagged:
- Microsoft Windows NT,
- Microsoft Windows NT 4.0,
- phonebook,
- remote access,
- server
