Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: MS06-031: RPC Mutual Authentication Vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-031: RPC Mutual Authentication Vulnerability
MS06-031 - KB 917736

This looks to be an obscure bug that only affects Windows 2000.  In               
reality, the conditions for exploitation seem rare and no code execution          
is possible.  The bug only affects custom RPC applications using SSL              
with mutual authentication, which probably doesn't amount to many                 
applications out there.  Finally, the impact of this bug only                     
allows the attacker to impersonate a trusted RPC server - it doesn't              
allow code execution.                                                             
For all the overworked sysadmins, you can probably leave this at the              
bottom of your patch list. 

this vulnerability is also covered in CVE-2006-2380.

Kyle Haugsness


760 Posts
Jun 13th 2006

Sign Up for Free or Log In to start participating in the conversation!