| ||||||
Search Microsoft.com for: |
Microsoft Security Program: Microsoft Security Bulletin (MS99-033)Patch Available for "Malformed Telnet Argument" VulnerabilityOriginally Posted: September 09, 1999 Summary Microsoft has released a patch that eliminates a vulnerability in the Telnet client that ships as part of Microsoft® Windows® 95 and 98. The vulnerability could allow arbitrary code to be executed on the user's computer. Frequently asked questions regarding this vulnerability can be found at http://www.microsoft.com/technet/security/bulletin/fq99-033.mspx Issue The Telnet client that ships as part of Windows 95 and 98 has an unchecked buffer. A specially-malformed argument could be passed to the client via a web page in order to cause arbitrary code to execute on the computer via a classic buffer overrun technique. Affected Software Versions
Vulnerability Identifier: CVE-1999-0749 Patch Availability
More Information Please see the following references for more information related to this issue.
Obtaining Support on this Issue This is a fully supported patch. Information on contacting Microsoft Technical Support is available at http://support.microsoft.com/support/contact/default.asp. Acknowledgments Microsoft acknowledges Jeremy Kothe for bringing this issue to our attention. Revisions
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. |