CVE-2006-2380
Microsoft Windows 2000 SP4 - Improper Authentication via RPC Mutual Authentication
Title source: llmDescription
Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability."
References (8)
Core 8
Core References
Patch vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1016289
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1763
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/18389
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2328
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/26438
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20637
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-031
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26836
Scores
EPSS
0.1775
EPSS Percentile
96.8%
Details
CWE
CWE-287
Status
published
Products (1)
microsoft/windows_2000
Published
Jun 13, 2006
Tracked Since
Feb 18, 2026