Advertisement

Latest News

[ Windows | Linux | Apple ]

· Fedora 17 released
· Chinese Windows 8 Release Preview (build 8400) leaked
· Daily Reviews Summary 05/29/12
· Microsoft Xbox 720 to feature in-game Skype integration
· Installing Lighttpd With PHP5 (PHP-FPM) And MySQL Support On Ubuntu 12.04
· CompatDB Updates 05/28/12
· Daily Reviews Summary 05/28/12
· GLSA 201205-04: Chromium, V8: Multiple vulnerabilities
· Daily Reviews Summary 05/26/12
· Microsoft Office for iPad reportedly on track for November release

Upcoming News

· [CentOS-announce] CESA-2012:0699 Moderate CentOS 6 openssl Update
· [CentOS-announce] CESA-2012:0699 Moderate CentOS 5 openssl Update
· [CentOS-announce] CESA-2012:0690 Important CentOS 5 kernel Update
· HIS HD7850 & HD 7870 GHz Edition Graphics Cards reviewed in Metku.net
· Microsoft's New User Agreement Bans Class Action Lawsuits @ NGOHQ.com
· NVIDIA claims GTX 680 sales outpace GTX 580
· Intel i7-3770K Ivy Bridge CPU reviewed in Metku.net
· [RHSA-2012:0699-01] Moderate: openssl security and bug fix update
· [RHSA-2012:0690-01] Important: kernel security and bug fix update
· Super Flower Golden Silent 500w Review - XSReviews

Windows Compatibility

· IObit Malware Fighter
· IObit SmartDefrag
· Realtek High Definition Audio for 2K/XP/03
· Advanced SystemCare with Antivirus 2012
· Samsung Drive Diagnostic Utility (Hutil)
· Google Chrome 18.0.1025.168 Final
· Skype
· Advanced SystemCare Free 5.3.0.245 Final
· IObit SmartDefrag v2 Beta 3.0
· Atheros Wireless AR5B91 Driver

New Forum Topics

· USB Not detected on any PC
by: AntNik45
on: 2012-05-09 18:37
0 replies, 0 views

· RESIDENT EVIL 2 for PC
by: elyp00
on: 2012-05-04 07:55
0 replies, 0 views

· Need to know if those graphic cards works well on Ubuntu
by: Dechiqtor
on: 2012-04-19 23:04
0 replies, 0 views

· Obtaining IE8
by: packman
on: 2012-04-14 19:46
0 replies, 0 views

· A few problems running Warcraft II Battle.net Edition on Vista
by: Lord Claremorris
on: 2012-04-08 16:15
0 replies, 0 views

News Channels

· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Windows XP
· Microsoft
· Updates
· Interviews
· Windows Server 2003
· General
· Windows Vista
· Webcasts
· Windows Server 2008
· Windows Home Server
· Windows 7
· Windows 8
· Windows Phone 7

What's New

Login to see an overview of all news stories since your last visit.

Affiliates

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution

Posted by Philipp Esselbach on: 06/13/2002 09:08 AM [ Print | 0 comment(s) ]

Microsoft has posted a security bulletin for the Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution issue

The Remote Access Service (RAS) provides dial-up connections between computers and networks over phone lines. RAS is delivered as a native system service in Windows NT 4.0, Windows 2000 and Windows XP, and
also is included in a separately downloadable Routing and Remote Access Server (RRAS) for Windows NT 4.0. All of these implementations include a RAS phonebook, which is used to store information about telephone numbers, security, and network settings used to dial-up remote systems.

A flaw exists in the RAS phonebook implementation: a phonebook value is not properly checked, and is susceptible to a buffer overrun. The overrun could be exploited for either of two purposes: causing a
system failure, or running code on the system with LocalSystem privileges. If an attacker were able to log onto an affected server and modify a phonebook entry using specially malformed data, then made a connection using the modified phonebook entry, the specially malformed data could be run as code by the system.

All products mentioned are registered trademarks or trademarks of their respective owners.
© 1998-2011 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition