Signature Detail
Short Name |
MS-RPC:INV:WKSTA-SVC |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
MS-RPC |
Keywords |
Microsoft Windows Invalid Workstation Service |
Release Date |
2010/06/16 |
Update Number |
1714 |
Supported Platforms |
idp-4.1.110110609+, isg-3.5.141421+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
MSRPC: Microsoft Windows Invalid Workstation Service
This signature detects attempts to exploit a known vulnerability against Microsoft Windows Workstation Service RPC Interface. A successful attack can lead to arbitrary code execution.
Extended Description
Microsoft Windows Workstation service is prone to a remote code-execution vulnerability. Exploiting this issue allows remote, anonymous attackers to execute arbitrary machine code on affected computers with SYSTEM-level privileges. This facilitates the complete compromise of affected computers. Attackers require administrative privileges to exploit this issue on Windows XP SP2 computers. Anonymous attackers may exploit this issue on Windows 2000 computers.
Affected Products
- Avaya Messaging Application Server
- Avaya S8100 Media Servers R10
- Avaya S8100 Media Servers R11
- Avaya S8100 Media Servers R12
- Avaya S8100 Media Servers R6
- Avaya S8100 Media Servers R7
- Avaya S8100 Media Servers R8
- Avaya S8100 Media Servers R9
- Avaya S8100 Media Servers
- HP Storage Management Appliance 2.1
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP3
- Microsoft Windows 2000 Advanced Server SP4
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP3
- Microsoft Windows 2000 Datacenter Server SP4
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP4
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP3
- Microsoft Windows 2000 Server SP4
- Microsoft Windows 2000 Server
- Microsoft Windows XP
- Microsoft Windows XP Gold
- Microsoft Windows XP Home SP1
- Microsoft Windows XP Home SP2
- Microsoft Windows XP Home
- Microsoft Windows XP Media Center Edition SP1
- Microsoft Windows XP Media Center Edition SP2
- Microsoft Windows XP Media Center Edition
- Microsoft Windows XP Professional SP1
- Microsoft Windows XP Professional SP2
- Microsoft Windows XP Professional
- Microsoft Windows XP Tablet PC Edition SP1
- Microsoft Windows XP Tablet PC Edition SP2
- Microsoft Windows XP Tablet PC Edition
- Nortel Networks Centrex IP Element Manager 7.0.0
- Nortel Networks Centrex IP Element Manager 8.0.0
- Nortel Networks Centrex IP Element Manager 9.0.0
- Nortel Networks Contact Center Manager Server
- Nortel Networks Enterprise Network Management System
- Nortel Networks Enterprise VoIP TM-CS1000
- Nortel Networks MCS5100 - Sun Platform
- Nortel Networks Self-Service MPS 100
- Nortel Networks Self-Service MPS 1000
- Nortel Networks Self-Service MPS 500
- Nortel Networks Self-Service Peri Application
- Nortel Networks Self-Service Speech Server
- Nortel Networks Web Centric Self-Svc CCXML
- Nortel Networks Web Centric Self-Svc VoiceXML
- Nortel Networks Web-Centric Voice Application Development Suite
References
- BugTraq: 20985
- CVE: CVE-2006-4691