CVE-2006-2371 Information

Description

Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4 XP SP1 and SP2 and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted \RPC related requests\ that lead to registry corruption and stack corruption aka the \RASMAN Registry Corruption Vulnerability.\

Reference

http://secunia.com/advisories/20630 http://securityreason.com/securityalert/1096 http://securitytracker.com/id?1016285 http://www.kb.cert.org/vuls/id/814644 http://www.osvdb.org/26436 http://www.securityfocus.com/archive/1/436977/100/0/threaded http://www.securityfocus.com/bid/18358 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2323 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-025 https://exchange.xforce.ibmcloud.com/vulnerabilities/26814 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1674 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1846 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1851 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1857 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1907 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1983