[Am-info] Telnet option handling buffer overflow, M$
Fred A. Miller
fm@cupserv.org
Fri, 15 Feb 2002 16:18:11 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Telnet option handling buffer overflow, M$
Microsoft released MS02-004 ("Telnet option handling buffer
overflow"). The handling of telnet options by the Windows 2000 telnet
service, and the telnet service included with Interix version 2.2,
allows a remote attacker to execute arbitrary code. On Windows 2000,
this code is executed with local system privileges.
FAQ and patch:
http://www.microsoft.com/technet/security/bulletin/MS02-004.asp
Source: Microsoft
http://archives.neohapsis.com/archives/vendor/2002-q1/0024.html
- --
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8bXsTIhTtc6nTZIIRArZ8AKCiTT/3ZUR+DY0b1MYjeoaC8WYS9wCdGeIY
qhpLjUwmnIzkpNrGi3rR5t8=
=tWXa
-----END PGP SIGNATURE-----