Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2006-4691 | First vendor Publication | 2006-11-14 |
Vendor | Cve | Last vendor Modification | 2018-10-17 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4691 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:607 | |||
Oval ID: | oval:org.mitre.oval:def:607 | ||
Title: | Workstation Service Memory Corruption Vulnerability | ||
Description: | Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-4691 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:908 | |||
Oval ID: | oval:org.mitre.oval:def:908 | ||
Title: | Microsoft Client Service for NetWare Memory Corruption Vulnerability | ||
Description: | Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-4691 | Version: | 2 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Operating System |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 1 |
SAINT Exploits
Description | Link |
---|---|
Windows Workstation service NetpManageIPCConnect buffer overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2010-10-05 | Microsoft Workstation Service NetpManageIPCConnect Overflow |
2006-11-18 | MS Windows NetpManageIPCConnect Stack Overflow Exploit (py) |
2006-11-17 | MS Windows - Wkssvc NetrJoinDomain2 Stack Overflow Exploit (MS06-070) |
2006-11-16 | MS Windows - NetpManageIPCConnect Stack Overflow Exploit (MS06-070) |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
30263 | Microsoft Windows Workstation Service Crafted Message Remote Overflow |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2006-11-17 | IAVM : 2006-A-0054 - Microsoft Windows Workstation Service Remote Code Execution Vulnerability Severity : Category I - VMSKEY : V0013115 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | DCERPC DIRECT wkssvc NetrJoinDomain2 object call overflow attempt RuleID : 9128 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT wkssvc NetrJoinDomain2 little endian object call overflow attempt RuleID : 9127 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT wkssvc NetrJoinDomain2 overflow attempt RuleID : 9126 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT wkssvc NetrJoinDomain2 little endian overflow attempt RuleID : 9125 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT v4 wkssvc NetrJoinDomain2 overflow attempt RuleID : 9124 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT v4 wkssvc NetrJoinDomain2 little endian overflow attempt RuleID : 9123 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 unicode little endian andx object call overflow at... RuleID : 9122 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX andx object call overflow attempt RuleID : 9121 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX andx object call overflow attempt RuleID : 9120 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX unicode andx object call overflow attempt RuleID : 9119 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode andx object call overflow att... RuleID : 9118 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 little endian andx object call overflow attempt RuleID : 9117 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 unicode little endian andx object call overflow... RuleID : 9116 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 unicode andx object call overflow attempt RuleID : 9115 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 andx object call overflow attempt RuleID : 9114 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx object call o... RuleID : 9113 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt RuleID : 9112 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 little endian andx overflow attempt RuleID : 9111 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow a... RuleID : 9110 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 unicode andx overflow attempt RuleID : 9109 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 little endian andx overflow attempt RuleID : 9108 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt RuleID : 9107 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflo... RuleID : 9106 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt RuleID : 9105 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 andx overflow attempt RuleID : 9104 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt RuleID : 9103 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt RuleID : 9102 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 andx overflow attempt RuleID : 9101 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 little endian andx overflow attempt RuleID : 9100 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt RuleID : 9099 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt RuleID : 9098 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt RuleID : 9097 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 andx overflow attempt RuleID : 9096 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt RuleID : 9095 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt RuleID : 9094 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt RuleID : 9093 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt RuleID : 9092 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 little endian andx overflow attempt RuleID : 9091 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt RuleID : 9090 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 unicode andx overflow attempt RuleID : 9089 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 unicode andx overflow attempt RuleID : 9088 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 unicode andx overflow attempt RuleID : 9087 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt RuleID : 9086 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX little endian andx object call overflow ... RuleID : 9085 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow a... RuleID : 9084 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt RuleID : 9083 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 andx object call overflow attempt RuleID : 9082 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow attempt RuleID : 9081 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian andx object call overfl... RuleID : 9080 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 little endian andx object call overflow attempt RuleID : 9079 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx object cal... RuleID : 9078 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 unicode andx object call overflow attempt RuleID : 9077 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt RuleID : 9076 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 andx overflow attempt RuleID : 9075 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 unicode little endian object call overflow attempt RuleID : 9074 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX object call overflow attempt RuleID : 9073 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX object call overflow attempt RuleID : 9072 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX unicode object call overflow attempt RuleID : 9071 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode object call overflow attempt RuleID : 9070 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 little endian object call overflow attempt RuleID : 9069 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 unicode little endian object call overflow attempt RuleID : 9068 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 unicode object call overflow attempt RuleID : 9067 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 object call overflow attempt RuleID : 9066 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian object call overfl... RuleID : 9065 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt RuleID : 9064 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 little endian overflow attempt RuleID : 9063 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt RuleID : 9062 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 unicode overflow attempt RuleID : 9061 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 little endian overflow attempt RuleID : 9060 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt RuleID : 9059 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow att... RuleID : 9058 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 unicode little endian overflow attempt RuleID : 9057 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 overflow attempt RuleID : 9056 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX overflow attempt RuleID : 9055 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 WriteAndX overflow attempt RuleID : 9054 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 overflow attempt RuleID : 9053 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 little endian overflow attempt RuleID : 9052 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt RuleID : 9051 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt RuleID : 9050 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 unicode little endian overflow attempt RuleID : 9049 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 overflow attempt RuleID : 9048 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX overflow attempt RuleID : 9047 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt RuleID : 9046 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt RuleID : 9045 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 unicode little endian overflow attempt RuleID : 9044 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 little endian overflow attempt RuleID : 9043 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt RuleID : 9042 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 unicode overflow attempt RuleID : 9041 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 unicode overflow attempt RuleID : 9040 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 unicode overflow attempt RuleID : 9039 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 wkssvc NetrJoinDomain2 unicode little endian overflow attempt RuleID : 9038 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX little endian object call overflow attempt RuleID : 9037 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt RuleID : 9036 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB v4 wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt RuleID : 9035 - Revision : 6 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 object call overflow attempt RuleID : 9034 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt RuleID : 9033 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian object call overflow at... RuleID : 9032 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 little endian object call overflow attempt RuleID : 9031 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian object call ove... RuleID : 9030 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 unicode object call overflow attempt RuleID : 9029 - Revision : 8 - Type : NETBIOS |
2014-01-10 | SMB-DS wkssvc NetrJoinDomain2 WriteAndX overflow attempt RuleID : 9028 - Revision : 8 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP wkssvc NetrJoinDomain2 overflow attempt RuleID : 9027 - Revision : 18 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-11-14 | Name : Arbitrary code can be executed on the remote host due to a flaw in the 'works... File : smb_nt_ms06-070.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:04:34 |
|
2021-04-22 01:05:13 |
|
2020-05-23 13:16:47 |
|
2020-05-23 00:18:22 |
|
2018-10-18 00:19:41 |
|
2018-10-13 00:22:35 |
|
2017-10-11 09:23:45 |
|
2017-07-20 09:23:53 |
|
2016-04-26 15:04:01 |
|
2014-02-17 10:37:15 |
|
2014-01-19 21:23:32 |
|
2013-11-11 12:37:37 |
|
2013-05-11 11:09:11 |
|