CVE-2006-4691 : Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Wi

Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname.

Published 2006-11-14 21:07:00

Updated 2018-10-17 21:39:09

Source Microsoft Corporation

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Exploit prediction scoring system (EPSS) score for CVE-2006-4691

Probability of exploitation activity in the next 30 days: 96.35%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2006-4691

MS06-070 Microsoft Workstation Service NetpManageIPCConnect Overflow

Disclosure Date: 2006-11-14

First seen: 2020-04-26

exploit/windows/smb/ms06_070_wkssvc

This module exploits a stack buffer overflow in the NetApi32 NetpManageIPCConnect function using the Workstation service in Windows 2000 SP4 and Windows XP SP2. In order to exploit this vulnerability, you must specify the name of a valid Windows DOMAIN. It may be

More information

CVSS scores for CVE-2006-4691

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2006-4691

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A607
http://www.us-cert.gov/cas/techalerts/TA06-318A.html

US Government Resource

CVEs referencing this url
http://securitytracker.com/id?1017221
http://research.eeye.com/html/advisories/published/AD20061114.html
http://www.securityfocus.com/archive/1/451588/100/0/threaded
http://www.kb.cert.org/vuls/id/778036

US Government Resource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A908
http://www.vupen.com/english/advisories/2006/4508
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-070
http://www.securityfocus.com/bid/20985

Microsoft Windows Workstation Service NetpManageIPCConnect Remote Code Execution Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/29948

Products affected by CVE-2006-4691

Microsoft » Windows 2000 » Update SP4 Language FR
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
Matching versions
Microsoft » Windows Xp » Update SP2 Tablet Pc Edition
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2006-4691

Exploit prediction scoring system (EPSS) score for CVE-2006-4691

Metasploit modules for CVE-2006-4691

MS06-070 Microsoft Workstation Service NetpManageIPCConnect Overflow

CVSS scores for CVE-2006-4691

References for CVE-2006-4691

Products affected by CVE-2006-4691