National Cyber-Alert System

Vulnerability Summary for CVE-2006-2371

Overview

Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability."

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA06-164A

Name: TA06-164A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA06-164A.html

US-CERT Vulnerability Note: VU#814644

Name: VU#814644

Hyperlink:http://www.kb.cert.org/vuls/id/814644

External Source: BID

Name: 18358

Type: Patch Information

Hyperlink:http://www.securityfocus.com/bid/18358

External Source: BUGTRAQ

Name: 20060613 High Risk Vulnerability in Microsoft Windows RASMAN Service

Type: Patch Information

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/436977/100/0/threaded

External Source: MS

Name: MS06-025

Type: Advisory; Patch Information

Hyperlink:http://www.microsoft.com/technet/security/bulletin/ms06-025.mspx

External Source: VUPEN

Name: ADV-2006-2323

Type: Advisory; Patch Information

Hyperlink:http://www.frsirt.com/english/advisories/2006/2323

External Source: SECUNIA

Name: 20630

Type: Advisory; Patch Information

Hyperlink:http://secunia.com/advisories/20630

External Source: SECTRACK

Name: 1016285

Hyperlink:http://securitytracker.com/id?1016285

External Source: XF

Name: win-rras-rasman-bo(26814)

Hyperlink:http://xforce.iss.net/xforce/xfdb/26814

External Source: OSVDB

Name: 26436

Hyperlink:http://www.osvdb.org/26436

External Source: SREASON

Name: 1096

Hyperlink:http://securityreason.com/securityalert/1096

US Government Resource: oval:org.mitre.oval:def:1983

Name: oval:org.mitre.oval:def:1983

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1983

US Government Resource: oval:org.mitre.oval:def:1907

Name: oval:org.mitre.oval:def:1907

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1907

US Government Resource: oval:org.mitre.oval:def:1857

Name: oval:org.mitre.oval:def:1857

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1857

US Government Resource: oval:org.mitre.oval:def:1851

Name: oval:org.mitre.oval:def:1851

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1851

US Government Resource: oval:org.mitre.oval:def:1846

Name: oval:org.mitre.oval:def:1846

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1846

US Government Resource: oval:org.mitre.oval:def:1674

Name: oval:org.mitre.oval:def:1674

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1674