CVE

Id
25585  
CVE No.
CVE-2007-2228  
Status
Candidate  
Description
rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via an RPC request that uses NTLMSSP PACKET authentication with a zero-valued verification trailer signature, which triggers an invalid dereference. NOTE: this also affects Windows 2000 SP4, although the impact is an information leak.  
Phase
Assigned (20070424)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
255590 25585 CVE-2007-2228 BUGTRAQ:20071010 ZDI-07-055: Microsoft Windows DCERPC Authentication Denial of Service Vulnerability  View
255591 25585 CVE-2007-2228 URL:http://www.securityfocus.com/archive/1/archive/1/482023/100/0/threaded  View
255592 25585 CVE-2007-2228 MISC:http://www.zerodayinitiative.com/advisories/ZDI-07-055.html  View
255593 25585 CVE-2007-2228 HP:HPSBST02280  View
255594 25585 CVE-2007-2228 URL:http://www.securityfocus.com/archive/1/archive/1/482366/100/0/threaded  View
255595 25585 CVE-2007-2228 HP:SSRT071480  View
255596 25585 CVE-2007-2228 URL:http://www.securityfocus.com/archive/1/archive/1/482366/100/0/threaded  View
255597 25585 CVE-2007-2228 MS:MS07-058  View
255598 25585 CVE-2007-2228 URL:http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx  View
255599 25585 CVE-2007-2228 CERT:TA07-282A  View
255600 25585 CVE-2007-2228 URL:http://www.us-cert.gov/cas/techalerts/TA07-282A.html  View
255601 25585 CVE-2007-2228 BID:25974  View
255602 25585 CVE-2007-2228 URL:http://www.securityfocus.com/bid/25974  View
255603 25585 CVE-2007-2228 VUPEN:ADV-2007-3438  View
255604 25585 CVE-2007-2228 URL:http://www.vupen.com/english/advisories/2007/3438  View
255605 25585 CVE-2007-2228 OVAL:oval:org.mitre.oval:def:2310  View
255606 25585 CVE-2007-2228 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2310  View
255607 25585 CVE-2007-2228 SECTRACK:1018787  View
255608 25585 CVE-2007-2228 URL:http://securitytracker.com/id?1018787  View
255609 25585 CVE-2007-2228 SECUNIA:27134  View
255610 25585 CVE-2007-2228 URL:http://secunia.com/advisories/27134  View
255611 25585 CVE-2007-2228 SECUNIA:27153  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
53188 JVNDB-2007-001880 CA Clever Path Portal における SQL インジェクションの脆弱性 CA Clever Path Portal には、SQL インジェクションの脆弱性が存在します。 CVE-2007-2230 25585 6.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001880.html  View