CVE-2006-4691

Published: Nov 14, 2006Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname.

Affected (2)

Products: Microsoft: Windows 2000, Windows Xp

2 products

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows Xp	All versions

References (24)

http://research.eeye.com/html/advisories/published/AD20061114.html

Source: secure@microsoft.com

http://secunia.com/advisories/22883

Source: secure@microsoft.com

PatchVendor Advisory

http://securitytracker.com/id?1017221

Source: secure@microsoft.com

http://www.kb.cert.org/vuls/id/778036

Source: secure@microsoft.com

US Government Resource

http://www.securityfocus.com/archive/1/451588/100/0/threaded

Source: secure@microsoft.com

http://www.securityfocus.com/bid/20985

Source: secure@microsoft.com

http://www.us-cert.gov/cas/techalerts/TA06-318A.html

Source: secure@microsoft.com

US Government Resource

http://www.vupen.com/english/advisories/2006/4508

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-070

Source: secure@microsoft.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/29948

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A607

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A908

Source: secure@microsoft.com

http://research.eeye.com/html/advisories/published/AD20061114.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22883

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://securitytracker.com/id?1017221

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/778036

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.securityfocus.com/archive/1/451588/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/20985

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA06-318A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2006/4508

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-070

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/29948

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A607

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A908

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.