[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-3942Date: (C)2006-07-31   (M)2023-12-22


The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.8
Exploit Score: 10.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
SECTRACK-1016606
SECTRACK-1017035
BID-19215
http://xforce.iss.net/xforce/alerts/id/231
http://www.securityfocus.com/archive/1/archive/1/443287/100/200/threaded
MILW0RM-2057
SECUNIA-21276
OSVDB-27644
ADV-2006-3037
HPSBST02161
MS06-063
SSRT061264
http://blogs.technet.com/msrc/archive/2006/07/28/443837.aspx
http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10
smb-malformed-pipe(27999)

CPE    2
cpe:/o:microsoft:windows_xp::sp1:tablet_pc
cpe:/o:microsoft:windows_xp::sp2:tablet_pc
CWE    1
CWE-20
OVAL    1
oval:org.mitre.oval:def:428

© SecPod Technologies