26437 : Microsoft Windows RRAS RASMAN Remote Overflow
Printer | http://osvdb.org/26437 | Email This | Edit Vulnerability

Views This Week	Views All Time	Added to OSVDB	Last Modified	Modified (since 2008)	Percent Complete
12	2208	almost 7 years ago	10 months ago	12 times	100%

Timeline

Disclosure Date
2006-06-13

Days of Exposure
30 days

Description

An unspecified remote overflow exists in Windows. The RASMAN component of RRAS fails to validate unspecified network traffic resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Commercial
Disclosure: Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	2000 SP4
		XP SP1
		XP SP2
		XP Professional x64 Edition
	Windows Server	2003
		2003 SP1
		2003 for Itanium
		2003 SP1 for Itanium
		2003 x64 Edition

References

Bugtraq ID: 18325
Milw0rm: 1965
Exploit Database: 1965
CVE ID: 2006-2370 (see also: NVD)
Secunia Advisory ID: 20630
SCIP VulDB ID: 2309
Related OSVDB ID: 26436
Metasploit ID: 26437
Microsoft Knowledge Base Article: 911280
VUPEN Advisory: ADV-2006-2323
Keyword: aka the "RRAS Memory Corruption Vulnerability." Routing and Remote Access service
Generic Exploit URL: http://metasploit.com/projects/Framework/modules/exploits/rras_ms06_025.pm
http://www.coresecurity.com/content/msrpc-rras-exploit
http://www.saintcorporation.com/cgi-bin/exploit_info/windows_rras
http://www.securiteam.com/exploits/5TP0L20IUK.html
News Article: http://www.networkworld.com/news/2006/062606-microsoft-warns-of-exploit-code.html
Microsoft Security Bulletin: MS06-025

Tools & Filters

21689 21696

Snort

6584 6585 6586 6587 6588 6589 6590 6591 6592 6593 6594 6595 6596 6597 6598 6599 6600 6601 6602 6603 6604 6605 6606 6607 6608 6609 6610 6611 6612 6613 6614 6615 6616 6617 6618 6619 6620 6621 6622 6623 6624 6625 6626 6627 6628 6629 6630 6631 6632 6633 6634 6635 6636 6637 6638 6639 6640 6641 6642 6643 6644 6645 6646 6647 6648 6649 6650 6651 6652 6653 6654 6655 6656 6657 6658 6659 6660 6661 6662 6663 6664 ... and 16 more

Credit

Peter Winter-Smith - NGS Software

CVSSv2 Score

CVSSv2 Base Score = 7.5
Source: nvd.nist.gov | Generated: 2006-06-14 | Disagree?

Comments

Add Comment Hide Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.