CVE-2006-2380

EPSS 23.28%
Veröffentlicht 13.06.2006 19:06:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Updatesp4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	23.28%	0.958

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://secunia.com/advisories/20637

Patch

Vendor Advisory

http://securitytracker.com/id?1016289

Patch

http://www.osvdb.org/26438

http://www.securityfocus.com/bid/18389

Patch

http://www.vupen.com/english/advisories/2006/2328

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-031

https://exchange.xforce.ibmcloud.com/vulnerabilities/26836

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1763

https://nvd.nist.gov/vuln/detail/CVE-2006-2380

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2380

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2380

EUVD