VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 3, 2002· Updated Apr 16, 2026

CVE-2002-0366

CVE-2002-0366

Description

Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Buffer overflow in RAS phonebook allows local users to execute arbitrary code by modifying rasphone.pbk with a long dial-up entry.

Vulnerability

Buffer overflow in the Remote Access Service (RAS) phonebook implementation in Windows NT 4.0, Windows 2000, Windows XP, and Routing and Remote Access Server (RRAS) for Windows NT 4.0. The vulnerability exists because the RAS phonebook does not properly validate a value when processing dial-up entries in the rasphone.pbk file. A local user can create a specially crafted phonebook entry with an overly long string, triggering a buffer overflow. Affected versions include all mentioned platforms as per Microsoft Security Bulletin MS02-029 [1].

Exploitation

An attacker must have local access to the system and be able to modify the rasphone.pbk file. This file is typically stored in the user's profile or system directory. The attacker creates a dial-up entry with a long string in a specific field (e.g., the phone number or entry name). When the RAS service or a user subsequently accesses the phonebook (e.g., by initiating a dial-up connection), the overflow occurs. No authentication beyond local user privileges is required; the attacker can be an unprivileged user.

Impact

Successful exploitation allows an attacker to execute arbitrary code in the context of the RAS service, which runs with system privileges. This results in local privilege escalation, giving the attacker complete control over the affected system. The vulnerability is rated Critical by Microsoft [1].

Mitigation

Microsoft released a security patch as part of MS02-029 [1] to address this vulnerability. The patch was revised on July 2, 2002 to fix a side effect that prevented non-administrative users from making VPN connections. Administrators should apply the patch to systems that allow unprivileged users to log on interactively, such as workstations and Terminal Servers. No workaround is mentioned; the only mitigation is to apply the patch.

References
  1. Microsoft Security Bulletin MS02-029 - Critical

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

41
  • Microsoft/Windows 20004 versions
    cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
    • (no CPE)
  • Microsoft/Windows Nt32 versions
    cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*+ 31 more
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*
  • Microsoft/Windows Xp4 versions
    cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*+ 3 more
    • cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
    • (no CPE)
  • Microsoft/Windows NT 4.0llm-fuzzy

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.