CVE-2006-0023

Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery Protocol (SSDP), (2) Universal Plug and Play Device Host (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP, and (6) DnsCache services, aka "Permissive Windows Services DACLs." NOTE: the NetBT, SCardSvr, DHCP, DnsCache already require privileged access to exploit.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 3.1 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/18756	Patch Vendor Advisory
http://secunia.com/advisories/19238	Vendor Advisory
http://secunia.com/advisories/19313	Vendor Advisory
http://securitytracker.com/id?1015595
http://securitytracker.com/id?1015765
http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm
http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
http://www.kb.cert.org/vuls/id/953860	Third Party Advisory US Government Resource
http://www.microsoft.com/technet/security/advisory/914457.mspx	Vendor Advisory
http://www.securityfocus.com/archive/1/423587/100/0/threaded
http://www.vupen.com/english/advisories/2006/0417	Vendor Advisory
http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=391523&RenditionID=
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-011
https://exchange.xforce.ibmcloud.com/vulnerabilities/24463
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1671
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1696
http://secunia.com/advisories/18756	Patch Vendor Advisory
http://secunia.com/advisories/19238	Vendor Advisory
http://secunia.com/advisories/19313	Vendor Advisory
http://securitytracker.com/id?1015595
http://securitytracker.com/id?1015765
http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm
http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
http://www.kb.cert.org/vuls/id/953860	Third Party Advisory US Government Resource
http://www.microsoft.com/technet/security/advisory/914457.mspx	Vendor Advisory
http://www.securityfocus.com/archive/1/423587/100/0/threaded
http://www.vupen.com/english/advisories/2006/0417	Vendor Advisory
http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=391523&RenditionID=
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-011
https://exchange.xforce.ibmcloud.com/vulnerabilities/24463
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1671
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1696

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:microsoft:windows_xp::sp1:tablet_pc:::::
	cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc:::::

History

21 Nov 2024, 00:05

Information

Published : 2006-02-08 02:18

Updated : 2024-11-21 00:05

NVD link : CVE-2006-0023

Mitre link : CVE-2006-0023

CVE.ORG link : CVE-2006-0023

JSON object : View

Products Affected

microsoft

windows_xp

CWE

CWE-264

Permissions, Privileges, and Access Controls

4.3 /10