TFTP: Microsoft Remote Installation Service Access Violation
This signature detects attempts to exploit a known vulnerability against Microsoft Remote Installation Service. A successful attack can lead to arbitrary code execution on the installed nodes.
Extended Description
Microsoft Windows is prone to a remote code-execution vulnerability. A remote attacker may exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in a complete compromise of vulnerable computers. Note that this issue affects only Microsoft Windows 2000. Note also that the Remote Installation Services (RIS) is not installed by default on Microsoft Windows 2000.
Affected Products
Avaya interaction_center-voice_quick_start
References
BugTraq: 21495
CVE: CVE-2006-5584
URL: http://www.microsoft.com/technet/security/bulletin/ms06-077.mspx http://www.frsirt.com/english/advisories/2006/4970
Short Name
TFTP:MRIS-ACCESS-VIOLATE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
TFTP
Keywords
Access CVE-2006-5584 Installation Microsoft Remote Service Violation bid:21495
Release Date
12/12/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3728
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
7.5