MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow DoS (913580) (uncredentialed check)

This script is Copyright (C) 2006-2017 Tenable Network Security, Inc.


Synopsis :

A vulnerability in MSDTC could allow remote code execution.

Description :

The remote version of Windows contains a version of MSDTC (Microsoft
Data Transaction Coordinator) service that is affected by several
remote code execution and denial of service vulnerabilities.

An attacker may exploit these flaws to obtain complete control of the
remote host (2000, NT4) or to crash the remote service (XP, 2003).

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms06-018

Solution :

Microsoft has released a set of patches for Windows 2000, XP and 2003.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 21334 ()

Bugtraq ID: 17905
17906

CVE ID: CVE-2006-0034
CVE-2006-1184

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now