CVE-2006-4691 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-4691
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4691

Description: Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29948 ST 1017221 SAID Secunia Advisory: SA22883 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:607 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:908 MS http://www.microsoft.com/technet/security/bulletin/ms06-070.mspx MISC http://research.eeye.com/html/advisories/published/AD20061114.html EEYE http://research.eeye.com/html/advisories/published/AD20061114.html CERT-VN 778036 CERT http://www.us-cert.gov/cas/techalerts/TA06-318A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/451588/100/0/threaded BID 20985

Return to the previous page.