ByteOS Network

NVD Vulnerability Details :

CVE-2006-4691

Modified

Source-secure@microsoft.com

Published At-14 Nov, 2006 | 21:07

Updated At-17 Oct, 2018 | 21:39

Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C

Type: Primary

Version: 2.0

Base score: 10.0

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

Microsoft Corporation

>>windows_2000>>*

cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*

Microsoft Corporation

>>windows_xp>>*

cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://research.eeye.com/html/advisories/published/AD20061114.html	secure@microsoft.com	N/A
http://secunia.com/advisories/22883	secure@microsoft.com	Patch Vendor Advisory
http://securitytracker.com/id?1017221	secure@microsoft.com	N/A
http://www.kb.cert.org/vuls/id/778036	secure@microsoft.com	US Government Resource
http://www.securityfocus.com/archive/1/451588/100/0/threaded	secure@microsoft.com	N/A
http://www.securityfocus.com/bid/20985	secure@microsoft.com	N/A
http://www.us-cert.gov/cas/techalerts/TA06-318A.html	secure@microsoft.com	US Government Resource
http://www.vupen.com/english/advisories/2006/4508	secure@microsoft.com	N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-070	secure@microsoft.com	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/29948	secure@microsoft.com	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A607	secure@microsoft.com	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A908	secure@microsoft.com	N/A