CVE-2006-2371

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to Windows 2000 SP4, XP SP3, and Server 2003 SP2

Description A buffer overflow issue exists in the Remote Access Connection Manager service (RASMAN) of Microsoft Windows, allowing remote attackers to execute arbitrary code via crafted RPC related requests. This leads to registry corruption and stack corruption.

Recommendations For Windows 2000 SP4 and earlier, XP SP1 and SP2, and Server 2003 SP1 and earlier, apply the necessary patches to update to a non-vulnerable version, such as Windows 2000 SP4, XP SP3, or Server 2003 SP2. As a temporary workaround, consider restricting access to the RASMAN service until a patch is available.