MS-RPC: WebClient Buffer Overflow
This signature detects attempts to exploit an integer overflow vulnerability in the WebClient service RPC interface. An attacker, using the RPC interface, can exploit this vulnerability leading to a buffer overflow and execution of arbitrary code. To exploit this vulnerability, attackers must have access authentication.
Extended Description
Microsoft Windows Web Client is prone to a buffer overflow. Successful exploitation could allow arbitrary code execution with System privileges.
Affected Products
Microsoft windows_xp_professional
References
BugTraq: 16636
CVE: CVE-2006-0013
URL: http://www.kb.cert.org/vuls/id/388900 http://www.microsoft.com/technet/security/bulletin/ms06-008.mspx
Short Name
MS-RPC:OF:WEBCLIENT
Severity
Major
Recommended
False
Recommended Action
Drop
Category
MS-RPC
Keywords
Buffer CVE-2006-0013 Overflow WebClient bid:16636
Release Date
02/14/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
CVSS Score
6.5