Vulnerabilities
By Date By Type Known Exploited Assigners CVSS Scores EPSS Scores Search
Vulnerable Software
Vendors Products Version Search
Metasploit Modules CWE Definitions
Articles Blog

Vulnerability Details : CVE-2006-2370

Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability."
Vulnerability category: OverflowMemory CorruptionExecute code
Published 2006-06-13 19:06:00
Updated 2019-04-30 14:27:14
Source Microsoft Corporation
View at NVD,   CVE.org
At least one public exploit which can be used to exploit this vulnerability exists!

Exploit prediction scoring system (EPSS) score for CVE-2006-2370

Probability of exploitation activity in the next 30 days: 94.57%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2006-2370

  • MS06-025 Microsoft RRAS Service RASMAN Registry Overflow
    Disclosure Date : 2006-06-13
    exploit/windows/smb/ms06_025_rasmans_reg
    This module exploits a registry-based stack buffer overflow in the Windows Routing and Remote Access Service. Since the service is hosted inside svchost.exe, a failed exploit attempt can cause other system services to fail as well. A valid username and password is required to exploit this flaw on Windows 2000. When attacking XP SP1, the SMBPIPE option needs to be set to 'SRVSVC'. Exploiting this flaw involves two distinct steps - creating the registry key and then triggering an overwrite based on a read of this key. Once the key is created, it cannot be recreated. This means that for any given system, you only get one chance to exploit this flaw. Picking the wrong target will require a manual removal of the following registry key before you can try again: HKEY_USERS\.DEFAULT\Software\Microsoft\RAS Phonebook Authors: - pusscat <[email protected]> - hdm <[email protected]>
  • MS06-025 Microsoft RRAS Service Overflow
    Disclosure Date : 2006-06-13
    exploit/windows/smb/ms06_025_rras
    This module exploits a stack buffer overflow in the Windows Routing and Remote Access Service. Since the service is hosted inside svchost.exe, a failed exploit attempt can cause other system services to fail as well. A valid username and password is required to exploit this flaw on Windows 2000. When attacking XP SP1, the SMBPIPE option needs to be set to 'SRVSVC'. Authors: - Nicolas Pouvesle <[email protected]> - hdm <[email protected]>

CVSS scores for CVE-2006-2370

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Source
7.5
 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
 [email protected]

References for CVE-2006-2370

Products affected by CVE-2006-2370

This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close