CVE-2006-3942

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot.

References

http://blogs.technet.com/msrc/archive/2006/07/28/443837.aspx

http://secunia.com/advisories/21276

http://securitytracker.com/id?1016606

http://securitytracker.com/id?1017035

http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10

http://www.osvdb.org/27644

http://www.securityfocus.com/archive/1/443287/100/200/threaded

http://www.securityfocus.com/archive/1/449179/100/0/threaded

http://www.securityfocus.com/bid/19215

http://www.vupen.com/english/advisories/2006/3037

http://xforce.iss.net/xforce/alerts/id/231

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-063

https://exchange.xforce.ibmcloud.com/vulnerabilities/27999

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A428

Details

Source: MITRE

Published: 2006-07-31

Updated: 2018-10-17

Type: CWE-20

Risk Information

CVSS v2

Base Score: 7.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (1 total)

IDNameProductFamilySeverity
22536MS06-063: Vulnerability in Server Service Could Allow Denial of Service (923414)NessusWindows : Microsoft Bulletins
high