Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:DD83D855CF0A40ABA774977F9EACCC69
HistoryJun 30, 2006 - 12:00 a.m.

Windows RRAS memory corruption vulnerability

2006-06-3000:00:00
SAINT Corporation
download.saintcorporation.com
12

0.926 High

EPSS

Percentile

99.0%

JSON

Added: 06/30/2006
CVE: CVE-2006-2370
BID: 18325
OSVDB: 26437

Background

The Routing and Remote Access Service (RRAS) allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator.

Problem

A buffer overflow in RRAS allows remote attackers to execute arbitrary commands.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 06-025.

References

<http://www.kb.cert.org/vuls/id/631516&gt;

Limitations

The Remote Access Connection Manager service must be running in order for this exploit to succeed.

On Windows 2000, the Routing and Remote Access service must also be running and configured, and valid Windows login credentials are required. (Credentials are not required on Windows XP.)

The Crypt::DES, Digest::MD4, and Digest::MD5 packages are required for performing Windows authentication, which is a requirement for successful exploitation on Windows 2000. These packages are available from <http://cpan.org/modules/by-module/&gt;.

Platforms

Windows 2000
Windows XP

Related

packetstorm 2
cvelist 1
saint 3
prion 1
cve 1
cert 1
checkpoint_advisories 1
securityvulns 1
nessus 2
nmap 1
openvas 2
packetstorm
packetstorm
Microsoft RRAS Service Overflow
2009-11-26 00:00:00
Microsoft RRAS Service RASMAN Registry Overflow
2009-11-26 00:00:00
cvelist
cvelist
CVE-2006-2370
2006-06-13 19:00:00
saint
saint
Windows RRAS memory corruption vulnerability
2006-06-30 00:00:00
Windows RRAS memory corruption vulnerability
2006-06-30 00:00:00
Windows RRAS memory corruption vulnerability
2006-06-30 00:00:00
prion
prion
Memory corruption
2006-06-13 19:06:00
cve
cve
CVE-2006-2370
2006-06-13 19:06:00
cert
cert
Microsoft Routing and Remote Access does not properly handle RPC requests
2006-06-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows RRAS Memory Corruption (CVE-2006-2370)
2010-08-18 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS06-025 Vulnerability in Routing and Remote Access Could Allow Remote Code Execution &#40;911280&#41;
2006-06-13 00:00:00
nessus
nessus
MS06-025: Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280) (uncredentialed check)
2006-06-13 00:00:00
MS06-025: Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280)
2006-06-13 00:00:00
nmap
nmap
smb-vuln-ms06-025 NSE Script
2015-10-03 06:07:49
openvas
openvas
Nmap NSE 6.01: smb-check-vulns
2013-02-28 00:00:00
Nmap NSE: SMB Check Vulnerabilities
2010-09-23 00:00:00

0.926 High

EPSS

Percentile

99.0%

JSON
Related for SAINT:DD83D855CF0A40ABA774977F9EACCC69
packetstorm2cvelist1saint3prion1cve1cert1checkpoint_advisories1securityvulns1nessus2nmap1openvas2