CVE-2006-2371 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-2371
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2371

Description: Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability."

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/26814 ST 1016285 SREASON http://securityreason.com/securityalert/1096 SAID Secunia Advisory: SA20630 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1907 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1857 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1846 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1851 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1674 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1983 OSVDB 26436 MS http://www.microsoft.com/technet/security/bulletin/ms06-025.mspx CERT-VN 814644 CERT http://www.us-cert.gov/cas/techalerts/TA06-164A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/436977/100/0/threaded BID 18358

Return to the previous page.