Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2006-3942

Published: 31/07/2006 Updated: 17/10/2018
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 785
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Windows 2003 Server

Vulnerability Summary

The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote malicious users to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 2003 server sp1

microsoft windows xp

microsoft windows 2000

microsoft windows 2003 server 64-bit

microsoft windows 2003 server itanium

microsoft windows 2003 server r2

Exploits

Exploit DB: Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)
#include <stdioh> #include <windowsh> #include <winsockh> /******************************************************************* Microsoft SRVSYS Mailslot Ring0 Memory Corruption(MS06-035) Exploit by cocoruder(frankruder_at_hotmailcom),2006719 page:rudercdutnet ****************************************************** ...

References

CWE-20http://xforce.iss.net/xforce/alerts/id/231http://blogs.technet.com/msrc/archive/2006/07/28/443837.aspxhttp://www.securityfocus.com/bid/19215http://securitytracker.com/id?1016606http://secunia.com/advisories/21276http://www.osvdb.org/27644http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10http://securitytracker.com/id?1017035http://www.vupen.com/english/advisories/2006/3037https://exchange.xforce.ibmcloud.com/vulnerabilities/27999https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A428https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-063http://www.securityfocus.com/archive/1/449179/100/0/threadedhttp://www.securityfocus.com/archive/1/443287/100/200/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/2057/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook