CVE-2006-2374

Опубликовано: 13 июн. 2006

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability."

Ссылки

http://secunia.com/advisories/20635
Broken Link
Third Party Advisory
http://securitytracker.com/id?1016288
Broken Link
Third Party Advisory
VDB Entry
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=409
Not Applicable
http://www.osvdb.org/26439
Broken Link
http://www.securityfocus.com/bid/18357
Broken Link
Exploit
Patch
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2006/2327
Broken Link
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-030
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/26830
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1827
Broken Link
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1841
Broken Link
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1850
Broken Link
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1979
Broken Link
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2030
Broken Link
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2060
Broken Link
Third Party Advisory
http://secunia.com/advisories/20635
Broken Link
Third Party Advisory
http://securitytracker.com/id?1016288
Broken Link
Third Party Advisory
VDB Entry
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=409
Not Applicable
http://www.osvdb.org/26439
Broken Link
http://www.securityfocus.com/bid/18357
Broken Link
Exploit
Patch
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2006/2327
Broken Link
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:itanium:*

cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_2003_server:-:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:-:sp1:*:*:*:*:itanium:*

cpe:2.3:o:microsoft:windows_xp:-:*:*:*:professional:*:x64:*

cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00562

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-667

Связанные уязвимости

GHSA-3rmc-m2pw-8q44