Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2380

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-2380
Last Modified 07 Mar 2011 12:00:00
Published 13 Jun 2006 03:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2380

Summary

Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


References

BID - 18389

SECTRACK - 1016289

SECUNIA - 20637

XF - win-rpc-mutual-authentication-spoofing(26836)

VUPEN - ADV-2006-2328

OSVDB - 26438

MS - MS06-031


Last Updated: 27 May 2016 10:42:26