Published: 13/06/2006 Updated: 26/03/2019

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Windows 2000

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and previous versions allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 2000 -
microsoft windows xp -
microsoft windows server 2003 -

//////////////////////////////////////////////////////////////////////////////// ///////// MRXSMBSYS NtClose DEADLOCK exploit/////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// //November 19,2005 //////////////////////////////////////////////////////////////////////////////// /////// ...

/////////////////////////////////////////////////////////////////////////////////////// // Mrxsmbsys XP & 2K Ring0 Exploit (6/12/2005) // Tested on XP SP2 && 2K SP4 // Disable ReadOnly Memory protection // HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\EnforceWriteProtection = 0 // ---------------------------- ...

CWE-264 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=408 http://www.securityfocus.com/bid/18356 http://secunia.com/advisories/20635 http://securitytracker.com/id?1016288 http://www.osvdb.org/26440 http://www.vupen.com/english/advisories/2006/2327 https://exchange.xforce.ibmcloud.com/vulnerabilities/26828 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2007 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1942 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1904 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1792 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1730 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1137 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-030 https://nvd.nist.gov https://www.exploit-db.com/exploits/1910/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-2373

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect