Vulnerabilities > CVE-2006-5584 - Remote Installation Service Remote Code Execution vulnerability in Microsoft Windows 2000

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

nessus

NVD

Published: 2006-12-13

Updated: 2018-10-17

Summary

The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, which allows remote attackers to upload and overwrite arbitrary files to gain privileges on systems that use RIS.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows 2000 *	1

Nessus

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS06-077.NASL
description	The remote host is running a version of TFTPD installed by the Remote Installation Service that allows everyone to overwrite files on the remote host. An attacker may exploit this flaw to replace SYSTEM files and execute arbitrary code on this host.
last seen	2020-06-01
modified	2020-06-02
plugin id	23839
published	2006-12-12
reporter	This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/23839
title	MS06-077: Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121)

Oval

accepted

2011-05-09T04:01:31.336-04:00

class

vulnerability

contributors

name Robert L. Hollis
organization ThreatGuard, Inc.
name Jeff Cheng
organization Opsware, Inc.
name Dragos Prisaca
organization Secure Elements, Inc.
name Shane Shaffer
organization G2, Inc.

definition_extensions

comment	Microsoft Windows 2000 SP4 or later is installed
oval	oval:org.mitre.oval:def:229

description

family

windows

oval:org.mitre.oval:def:375

status

accepted

submitted

2006-12-13T08:17:04

title

RIS Writable Path Vulnerability

version

Summary

Vulnerable Configurations

Nessus

Oval

References