CVE-2006-2373

Description

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."

Related CPE's

Could not find any relations

References

20060613 Windows MRXSMB.SYS MRxSmbCscIoctlOpenForCopyChunk Overflow

Third Party Advisory

18356

PatchThird Party AdvisoryVDB Entry

20635

Third Party Advisory

1016288

Third Party AdvisoryVDB Entry

26440

Broken Link

ADV-2006-2327

Vendor Advisory

win-smb-privilege-escalation(26828)

Third Party AdvisoryVDB Entry

oval:org.mitre.oval:def:2007

Third Party Advisory

oval:org.mitre.oval:def:1942

Third Party Advisory

oval:org.mitre.oval:def:1904

Third Party Advisory

oval:org.mitre.oval:def:1792

Third Party Advisory

oval:org.mitre.oval:def:1730

Third Party Advisory

oval:org.mitre.oval:def:1137

Third Party Advisory

MS06-030

PatchVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version	2.0
VectorString	AV:N/AC:L/Au:N/C:C/I:C/A:C
AccessVector	NETWORK
AccessComplexity	LOW
Authentication	NONE
ConfidentialityImpact	COMPLETE
IntegrityImpact	COMPLETE
AvailabilityImpact	COMPLETE
BaseScore	10

Created by Yello

About Severity.io