CVE-2006-2370
Summary
| CVE | CVE-2006-2370 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-13 19:06:00 UTC |
| Updated | 2019-04-30 14:27:00 UTC |
| Description | Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows 2000 | All | All | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp1 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp2 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp3 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | All |
| Operating System | Microsoft | Windows 2000 | All | All | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp1 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp2 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp3 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | datacenter_64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | sp1 | All | enterprise | All |
| Operating System | Microsoft | Windows 2003 Server | standard | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | datacenter_64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | sp1 | All | enterprise | All |
| Operating System | Microsoft | Windows 2003 Server | standard | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | sp1 | All | All |
| Operating System | Microsoft | Windows Xp | All | All | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | All | home | All |
| Operating System | Microsoft | Windows Xp | All | All | media_center | All |
| Operating System | Microsoft | Windows Xp | All | gold | professional | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | tablet_pc | All |
| Operating System | Microsoft | Windows Xp | All | All | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | All | home | All |
| Operating System | Microsoft | Windows Xp | All | All | media_center | All |
| Operating System | Microsoft | Windows Xp | All | gold | professional | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | tablet_pc | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| 26437 | OSVDB | www.osvdb.org | Patch |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Secunia - Advisories - Microsoft Windows Routing and Remote Access Vulnerabilities | SECUNIA | secunia.com | Patch, Vendor Advisory |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Microsoft Security Bulletin MS06-025 - Critical | Microsoft Docs | MS | docs.microsoft.com | |
| Microsoft Windows Routing and Remote Access Remote Code Execution Vulnerability | BID | www.securityfocus.com | Patch |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| US-CERT Technical Cyber Security Alert TA06-164A -- Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and Exchange Vulnerabilities | CERT | www.us-cert.gov | US Government Resource |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| SecurityTracker.com Archives - Windows Routing and Remote Access Service RPC Buffer Overflows Let Remote Users Execute Arbitrary Code | SECTRACK | securitytracker.com | |
| US-CERT Vulnerability Note VU#631516 | CERT-VN | www.kb.cert.org | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.