Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2379

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2006-2379
Last Modified 07 Mar 2011 09:36:05
Published 13 Jun 2006 03:06:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2379

Summary

Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2003 Server Datacenter 64-bit

  • Microsoft Windows 2003 Server Enterprise

  • Microsoft Windows 2003 Server Enterprise 64-bit

  • Microsoft Windows 2003 Server R2

  • Microsoft Windows 2003 Server Standard

  • Microsoft Windows 2003 Server Standard 64-bit

  • Microsoft Windows 2003 Server Web

  • Microsoft Windows Nt 4.0

  • Microsoft Windows Xp


References

CERT-VN - VU#722753

CERT - TA06-164A

BID - 18374

MS - MS06-032

SECUNIA - 20639

XF - win-tcp-ip-driver-bo(26834)

VUPEN - ADV-2006-2329

BUGTRAQ - 20060628 Re[2]: Is Windows TCP/IP source routing PoC code available?

BUGTRAQ - 20060627 Re: Is Windows TCP/IP source routing PoC code available?

OSVDB - 26433

FULLDISC - 20060625 Is Windows TCP/IP source routing PoC code available?

SECTRACK - 1016290


Last Updated: 27 May 2016 10:42:26