Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-2371

EPSS 38.61% · P97
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-2371

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows RASMAN服务 栈溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Microsoft Windows远程访问连接管理器(RASMAN)存在可远程调用的RPC接口,其中RPC接口 _RasRpcSubmitRequest存在若干安全漏洞,远程攻击者可能利用此漏洞在服务器上执行任意指令。 函数_RasRpcSubmitRequest及其子函数对作为参数的函数指针的有效性检查不足;某些子函数对参数的处理存在缓冲区溢出漏洞;这些漏洞都可能被攻击者利用在服务器上执行任意指令,从而控制系统
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-2371

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-2371

Please Login to view more intelligence information

Same Patch Batch · n/a · 2006-06-13 · 47 CVEs total

CVE-2006-1313Microsoft Jscript 内存破坏漏洞
CVE-2006-2374Microsoft Windows SMB驱动本地拒绝服务漏洞
CVE-2006-2379Microsoft Windows TCP/IP协议驱动 远程溢出漏洞
CVE-2006-2383Microsoft DXImageTransform.Microsoft.Light ActiveX控件 内存破坏漏洞
CVE-2006-2384Microsoft Internet Explorer 一致模式对话窗口 地址栏欺骗漏洞
CVE-2006-2385Microsoft Internet Explorer 多部分HTML文件处理 内存破坏漏洞
CVE-2006-3009Open Business Management 多个跨站脚本攻击漏洞
CVE-2006-3010Open Business Management 多个SQL注入漏洞
CVE-2006-2382Microsoft Internet Explorer UTF-8解码 堆溢出漏洞
CVE-2006-2370Microsoft Windows 路由和远程访问服务 缓冲区溢出漏洞
CVE-2006-2373Microsoft Windows 权限许可和访问控制问题漏洞
CVE-2006-1303Microsoft Internet Explorer COM对象实例化 内存破坏漏洞
CVE-2006-1193Microsoft Exchange Server OWA 脚本注入漏洞
CVE-2006-0025Microsoft Windows Media Player PNG块解码 栈溢出漏洞
CVE-2006-0022Microsoft PowerPoint 畸形记录 内存破坏漏洞
CVE-2006-2660PHP tempnam 缓冲区损耗漏洞
CVE-2006-2376Microsoft Windows GDI WMF处理 堆溢出漏洞
CVE-2006-3007Nullsoft SHOUTcast 多个HTML注入漏洞
CVE-2006-3006iFoto 跨站脚本攻击漏洞
CVE-2006-3005Microsoft Internet Explorer COM对象实例化 内存破坏漏洞

Showing top 20 of 47 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-2371

No comments yet

Leave a comment