Windows RRAS memory corruption vulnerabilityAdded: 06/30/2006
BackgroundThe Routing and Remote Access Service (RRAS) allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator.
ProblemA buffer overflow in RRAS allows remote attackers to execute arbitrary commands.
ResolutionApply the patch referenced in Microsoft Security Bulletin 06-025.
LimitationsThe Remote Access Connection Manager service must be running in order for this exploit to succeed.
On Windows 2000, the Routing and Remote Access service must also be running and configured, and valid Windows login credentials are required. (Credentials are not required on Windows XP.)
The Crypt::DES, Digest::MD4, and Digest::MD5 packages are required for performing Windows authentication, which is a requirement for successful exploitation on Windows 2000. These packages are available from http://cpan.org/modules/by-module/.
Back to exploit index