CVE-2006-2371
Summary
| CVE | CVE-2006-2371 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-13 19:06:00 UTC |
| Updated | 2019-04-30 14:27:00 UTC |
| Description | Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability." |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows 2000 | All | All | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp1 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp2 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp3 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | All |
| Operating System | Microsoft | Windows 2000 | All | All | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp1 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp2 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp3 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | datacenter_64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | sp1 | All | enterprise | All |
| Operating System | Microsoft | Windows 2003 Server | standard | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | datacenter_64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | sp1 | All | enterprise | All |
| Operating System | Microsoft | Windows 2003 Server | standard | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | sp1 | All | All |
| Operating System | Microsoft | Windows Xp | All | All | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | All | home | All |
| Operating System | Microsoft | Windows Xp | All | All | media_center | All |
| Operating System | Microsoft | Windows Xp | All | gold | professional | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | tablet_pc | All |
| Operating System | Microsoft | Windows Xp | All | All | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | All | home | All |
| Operating System | Microsoft | Windows Xp | All | All | media_center | All |
| Operating System | Microsoft | Windows Xp | All | gold | professional | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | tablet_pc | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Secunia - Advisories - Microsoft Windows Routing and Remote Access Vulnerabilities | SECUNIA | secunia.com | Patch, Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Microsoft Security Bulletin MS06-025 - Critical | Microsoft Docs | MS | docs.microsoft.com | |
| US-CERT Vulnerability Note VU#814644 | CERT-VN | www.kb.cert.org | US Government Resource |
| SecurityReason - High Risk Vulnerability in Microsoft Windows RASMAN Service | SREASON | securityreason.com | |
| 26436 | OSVDB | www.osvdb.org | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Microsoft Windows Routing and Remote Access RASMAN Registry Remote Code Execution Vulnerability | BID | www.securityfocus.com | Patch |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| US-CERT Technical Cyber Security Alert TA06-164A -- Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and Exchange Vulnerabilities | CERT | www.us-cert.gov | US Government Resource |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| SecurityTracker.com Archives - Windows Routing and Remote Access Service RPC Buffer Overflows Let Remote Users Execute Arbitrary Code | SECTRACK | securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.