Info

Disclosure

Jun 13, 2006

Discovery

Unknown

Dates

Exploit

Jul 28, 2006

Solution

Jul 13, 2006

Description

Windows contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a sequence of specially crafted packets are sent to one of the RPC interfaces provided by the RASMAN service, which leads to memory corruption. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Commercial
Disclosure: Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	XP SP1
		XP SP2
		XP Professional 64-Bit Edition
	Windows Server	2003
		2003 SP1
		2003 for Itanium
		2003 SP1 for Itanium
		2003 x64 Edition
	Windows 2000	SP4

References

Bugtraq ID: 18358
CVE ID: 2006-2371 (see also: NVD)
Secunia Advisory ID: 20630
SCIP VulDB ID: 2309
Related OSVDB ID: 26437
Microsoft Knowledge Base Article: 911280
VUPEN Advisory: ADV-2006-2323
Keyword: aka the "RASMAN Registry Corruption Vulnerability." Remote Access Connection Manager
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0222.html
Generic Exploit URL: http://immunitysec.com
http://www.saintcorporation.com/cgi-bin/exploit_info/windows_rasman_registry
News Article: http://www.networkworld.com/news/2006/062606-microsoft-warns-of-exploit-code.html
Other Advisory URL: http://www.ngssoftware.com/advisories/rasman.txt
Microsoft Security Bulletin: MS06-025

Credit

Peter Winter-Smith - peterngssoftware.com - NGSSoftware

Direct URL: http://osvdb.org/26436

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows

Windows Server

Windows 2000

References

Credit