=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2006/VULN527
_____________________________________________________________________

DATE                      : 15/11/2006

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows 2000, Windows XP running Workstation
                                                                  Service.

======================================================================

MS06-070 - Vulnerability in Workstation Service Could Allow Remote Code
            Execution (924270)

Affected Software:
    - Microsoft Windows 2000 Service Pack 4
    - Microsoft Windows XP Service Pack 2

Full MS06-070 Advisory:
    - http://www.microsoft.com/technet/security/Bulletin/MS06-070.mspx

Vulnerability Details

Workstation Service Memory Corruption Vulnerability:
CVE-2006-4691

   A remote code execution vulnerability exists in the Workstation service
   that could allow an attacker who successfully exploited this vulnerability
   to take complete control of the affected system.

======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================