Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2370

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2370
Last Modified 07 Mar 2011 09:36:04
Published 13 Jun 2006 03:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2370

Summary

Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2003 Server Datacenter Edition

  • Microsoft Windows 2003 Server Datacenter Edition 64-bit

  • Microsoft Windows 2003 Server Enterprise 64-bit

  • Microsoft Windows 2003 Server Enterprise Edition

  • Microsoft Windows 2003 Server Enterprise Edition 64-bit

  • Microsoft Windows 2003 Server R2

  • Microsoft Windows 2003 Server Sp1

  • Microsoft Windows 2003 Server Standard

  • Microsoft Windows 2003 Server Standard 64-bit

  • Microsoft Windows 2003 Server Web

  • Microsoft Windows Xp


References

CERT - TA06-164A

CERT-VN - VU#631516

BID - 18325

OSVDB - 26437

MS - MS06-025

SECUNIA - 20630

VUPEN - ADV-2006-2323

SECTRACK - 1016285

XF - win-rras-bo(26812)


Last Updated: 27 May 2016 10:42:26