CVE-2006-4465

** DISPUTED ** Microsoft Terminal Server, when running an application session with the "Start program at logon" and "Override settings from user profile and Client Connection Manager wizard" options, allows local users to execute arbitrary code by forcing an Explorer error. NOTE: a third-party researcher has stated that the options are "a convenience to users" and were not intended to restrict execution of arbitrary code.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://wklpc.blogspot.com/2006/08/easy-ms-terminal-server-desktop-hack.html	Exploit
http://securityreason.com/securityalert/1486
http://www.securityfocus.com/archive/1/443428/100/200/threaded
http://www.securityfocus.com/archive/1/443364/100/200/threaded

Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:terminal_server:*:*:*:*:*:*:*:*

Information

Published : 2006-08-31 13:04

Updated : 2018-10-17 14:37

NVD link : CVE-2006-4465

Mitre link : CVE-2006-4465

JSON object : View

CWE

NVD-CWE-Other

Products Affected

microsoft

terminal_server

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://wklpc.blogspot.com/2006/08/easy-ms-terminal-server-desktop-hack.html", "name": "http://wklpc.blogspot.com/2006/08/easy-ms-terminal-server-desktop-hack.html", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://securityreason.com/securityalert/1486", "name": "1486", "tags": [], "refsource": "SREASON"}, {"url": "http://www.securityfocus.com/archive/1/443428/100/200/threaded", "name": "20060816 Re: MS Terminal Server application session breakout", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/443364/100/200/threaded", "name": "20060816 MS Terminal Server application session breakout", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "** DISPUTED ** Microsoft Terminal Server, when running an application session with the \"Start program at logon\" and \"Override settings from user profile and Client Connection Manager wizard\" options, allows local users to execute arbitrary code by forcing an Explorer error. NOTE: a third-party researcher has stated that the options are \"a convenience to users\" and were not intended to restrict execution of arbitrary code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-4465", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-08-31T20:04Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:terminal_server:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-17T21:37Z"}

10.0 /10