CVE-2006-2380

EPSS 23.28%
Published 13.06.2006 19:06:00
Last modified 03.04.2025 01:03:51
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 1 References 11

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Updatesp4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	23.28%	0.958

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://secunia.com/advisories/20637

Patch

Vendor Advisory

http://securitytracker.com/id?1016289

Patch

http://www.osvdb.org/26438

http://www.securityfocus.com/bid/18389

Patch

http://www.vupen.com/english/advisories/2006/2328

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-031

https://exchange.xforce.ibmcloud.com/vulnerabilities/26836

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1763

https://nvd.nist.gov/vuln/detail/CVE-2006-2380

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2380

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2380

EUVD