3 matches found
Microsoft Remote Installation Service Writable Path Vulnerability
Overview A vulnerability in the way Microsoft Remote Installation Service handles TFTP may allow a remote, unauthorized attacker to create or overwrite arbitrary operating system files. Description Microsoft Remote Installation Service contains a vulnerability in the way that it provides TFTP...
CVE-2006-5584
The Remote Installation Service RIS in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, which allows remote attackers to upload and overwrite arbitrary files to gain privileges on systems that use RIS...
CVE-2006-5584
CVE-2006-5584 affects Microsoft Windows 2000 SP4 with the Remote Installation Service (RIS) TFTP server, which is by default allowed to accept anonymous writes. The vulnerability arises from anonymous access to the RIS TFTP file structure, enabling remote attackers to upload and overwrite operati...