Published: 13/06/2006 Updated: 15/02/2024

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 220

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and previous versions allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows xp -
microsoft windows 2000 -
microsoft windows 2003 server -

/////////////////////////////////////////////////////////////////////////////////////// // Mrxsmbsys XP & 2K Ring0 Exploit (6/12/2005) // Tested on XP SP2 && 2K SP4 // Disable ReadOnly Memory protection // HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\EnforceWriteProtection = 0 // ---------------------------- ...

source: wwwsecurityfocuscom/bid/18357/info The Microsoft SMB driver is prone to a local denial-of-service vulnerability A local attacker can exploit this issue to create processes that cannot be killed in affected operating systems, potentially denying service to legitimate users and other software on affected computers This may aid th ...

CWE-667 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=409 http://www.securityfocus.com/bid/18357 http://secunia.com/advisories/20635 http://securitytracker.com/id?1016288 http://www.osvdb.org/26439 http://www.vupen.com/english/advisories/2006/2327 https://exchange.xforce.ibmcloud.com/vulnerabilities/26830 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2060 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1979 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1850 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1841 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1827 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-030 https://nvd.nist.gov https://www.exploit-db.com/exploits/1911/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-2374

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect