4.3
CVE-2006-0023
- EPSS 1.28%
- Veröffentlicht 08.02.2006 02:18:00
- Zuletzt bearbeitet 16.06.2026 22:19:44
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery Protocol (SSDP), (2) Universal Plug and Play Device Host (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP, and (6) DnsCache services, aka "Permissive Windows Services DACLs." NOTE: the NetBT, SCardSvr, DHCP, DnsCache already require privileged access to exploit.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Windows Xp Updatesp1 Editiontablet_pc
Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.28% | 0.664 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 3.1 | 6.4 |
AV:L/AC:L/Au:S/C:P/I:P/A:P
|
http://secunia.com/advisories/19238
http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm
http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
http://www.kb.cert.org/vuls/id/953860
http://www.securityfocus.com/archive/1/423587/100/0/threaded
http://secunia.com/advisories/18756
http://secunia.com/advisories/19313
http://securitytracker.com/id?1015595
http://securitytracker.com/id?1015765
http://www.microsoft.com/technet/security/advisory/914457.mspx
http://www.vupen.com/english/advisories/2006/0417
http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=391523&RenditionID=
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-011
https://exchange.xforce.ibmcloud.com/vulnerabilities/24463
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1671
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1696