Oval Definition:oval:org.mitre.oval:def:63
Revision Date:2011-05-16Version:46
Title:Windows 2000 Remote Access Service Phonebook Buffer Overflow
Description:Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2002-0366
Platform(s):Microsoft Windows 2000
Product(s):Remote Access Service (RAS)
Definition Synopsis
  • Software section
  • Windows 2000 is installed
  • AND RAS Phonebook
  • AND File %windir%\system32\rasman.dll version is less than 5.0.2195.4983
  • AND NOT Patch Q318138 Installed
  • AND NOT Win2K/XP/2003 service pack 3 (or later) is installed
  • AND Configuration section
  • RAS Enabled
  • BACK