Commandline.Overflow

description-logoDescription

This vulnerability affects the telnet server supplied with Microsoft Windows 2000 and Microsoft Interix 2.2. The telnet server provides a remote command shell. The vulnerability results from unchecked buffers in the code that handles the processing of telnet protocol options. A remote attacker can cause a buffer overflow, and as a result may be able to crash the telnet server or execute arbitrary code.

affected-products-logoAffected Products

Telnet Service in Microsoft Windows 2000
Telnet Daemon in Microsoft Interix 2.2

Impact logoImpact

System compromise, arbitrary code execution, Denial of service.

recomended-action-logoRecommended Actions

See MS02-004 for update information:
http://www.microsoft.com/technet/security/Bulletin/MS02-004.mspx
If the telnet service is active but not used, it should be disabled.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

1