Release DateMar 14, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a buffer-overflow vulnerability in the Windows RRAS service.The vulnerability is caused by a boundary checking error when handling certain DCERPC requests. This can be exploited by attackers to execute arbitrary code via certain crafted DCERPC requests. |
Affected ProductsMicrosoft Windows 2000Microsoft Windows XP Microsoft Windows Server 2003 |
Recommended ActionsApply the patch, available from the vendor's website:http://www.microsoft.com/technet/security/Bulletin/MS06-025.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-2370 |
Reference/shttp://www.securityfocus.com/bid/18325 (BugTraq)http://technet.microsoft.com/en-us/security/bulletin/MS06-025.mspx (MS-ID) |
