Computer Security
[EN] securityvulns.ru no-pyccku


Multiple Microsoft Windows Server service security vulnerabilities
updated since 11.07.2006
Published:21.08.2006
Source:
SecurityVulns ID:6363
Type:remote
Threat Level:
8/10
Description:Kernel mode heap overflow on mailslots processing. Information leak from SMB buffers.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2006-0714: Microsoft SRV.SYS SMB_COM_TRANSACTION Denial of Service (16.08.2006)
 documentGerardo Richarte, Mailslot bug (MS06-035) vs non-Mailslot bug (CVE-2006-3942) (16.08.2006)
 documentEEYE, [Full-disclosure] EEYE: Free scanning tool for critical MS06-040 flaw (10.08.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-040 Vulnerability in Server Service Could Allow Remote Code Execution (921883) (08.08.2006)
 documentX-FORCE, ISS Protection Brief: Vulnerability in Server Driver could result in Denial of Service (29.07.2006)
 documentMCAFEE, [Full-disclosure] Microsoft SMB Information Disclosure Vulnerability CVE-2006-1315 (12.07.2006)
 documentTIPPINGPOINT, TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability (11.07.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-035 Vulnerability in Server Service Could Allow Remote Code Execution (917159) (11.07.2006)
Files:Microsoft SRV.SYS Mailslot Ring0 Memory Corruption(MS06-035) Exploit
 Microsoft NetpIsRemote() MSO6-040 Overflow exploit (MetaSploit)
 Microsoft Windows CanonicalizePathName() Remote Code Execution Exploit
 MS06-040 Remote Code Execution Proof of Concept
 Microsoft Security Bulletin MS06-035 Vulnerability in Server Service Could Allow Remote Code Execution (917159)
 Microsoft Security Bulletin MS06-040 Vulnerability in Server Service Could Allow Remote Code Execution (921883)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod