CVE-2006-0023
First published: Wed Feb 08 2006(Updated: )
Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery Protocol (SSDP), (2) Universal Plug and Play Device Host (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP, and (6) DnsCache services, aka "Permissive Windows Services DACLs." NOTE: the NetBT, SCardSvr, DHCP, DnsCache already require privileged access to exploit.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows XP | =sp1 | |
| Microsoft Windows XP | =sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
- http://www.microsoft.com/technet/security/advisory/914457.mspx
- http://www.kb.cert.org/vuls/id/953860
- http://securitytracker.com/id?1015595
- http://secunia.com/advisories/18756
- http://securitytracker.com/id?1015765
- http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=391523&RenditionID=
- http://secunia.com/advisories/19313
- http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm
- http://secunia.com/advisories/19238
- http://www.vupen.com/english/advisories/2006/0417
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24463
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1696
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1671
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-011
- http://www.securityfocus.com/archive/1/423587/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft windows xp
- version/microsoft windows xp/sp1
- version/microsoft windows xp/sp2