Microsoft Windows 2000 and Interix 2.2 Telnet protocol option buffer overflow
| ms-telnet-option-bo (8094) |  High Risk |
Description:
Microsoft Windows and Microsoft Interix are vulnerable to a buffer overflow in the Telnet server, caused by improper validation of user-supplied Telnet protocol options. By connecting to the Telnet service and sending a series of malformed packets, a remote attacker could overflow a buffer and cause the Telnet service to fail or execute arbitrary code on the system with elevated privileges. For Windows 2000 systems, an attacker could execute arbitrary code with SYSTEM level privileges. For Interix systems, an attacker could execute arbitrary code under the specific privileges that were assigned to telnetd during configuration.
Consequences:
Gain Access
Remedy:
Apply the patch for this vulnerability, as listed in Microsoft Security Bulletin MS02-004. See References.
References:
- CIAC Information Bulletin M-039: Microsoft Telnet Server Buffer Overflow Vulnerability.
- Microsoft Security Bulletin MS02-004: Unchecked Buffer in Telnet Server Could Lead to Arbitrary Code Execution.
- BID-4061: Microsoft Telnet Server Buffer Overflow Vulnerability
- CVE-2002-0020: Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options.
Platforms Affected:
- Microsoft Interix 2.2
- Microsoft Windows 2000
Reported:
Feb 07, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net