Commandline.Overflow
Description
This vulnerability affects the telnet server supplied with Microsoft Windows 2000 and Microsoft Interix 2.2. The telnet server provides a remote command shell. The vulnerability results from unchecked buffers in the code that handles the processing of telnet protocol options. A remote attacker can cause a buffer overflow, and as a result may be able to crash the telnet server or execute arbitrary code.
Affected Products
Telnet Service in Microsoft Windows 2000
Telnet Daemon in Microsoft Interix 2.2
Impact
System compromise, arbitrary code execution, Denial of service.
Recommended Actions
See MS02-004 for update information:
http://www.microsoft.com/technet/security/Bulletin/MS02-004.mspx
If the telnet service is active but not used, it should be disabled.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |