CVE-2006-2371

Description

Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1983

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1907

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1857

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1851

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1846

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1674

https://exchange.xforce.ibmcloud.com/vulnerabilities/26814

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-025

http://www.vupen.com/english/advisories/2006/2323

http://www.us-cert.gov/cas/techalerts/TA06-164A.html

http://www.securityfocus.com/bid/18358

http://www.securityfocus.com/archive/1/436977/100/0/threaded

http://www.osvdb.org/26436

http://www.kb.cert.org/vuls/id/814644

http://securitytracker.com/id?1016285

http://securityreason.com/securityalert/1096

http://secunia.com/advisories/20630

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3