CVE-2006-2373 Information

Feb 14, 2021 cve

Description

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4 XP SP1 and SP2 and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address possibly for kernel memory aka the \SMB Driver Elevation of Privilege Vulnerability.\

Reference

http://secunia.com/advisories/20635 http://securitytracker.com/id?1016288 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=408 http://www.osvdb.org/26440 http://www.securityfocus.com/bid/18356 http://www.vupen.com/english/advisories/2006/2327 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-030 https://exchange.xforce.ibmcloud.com/vulnerabilities/26828 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1137 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1730 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1792 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1904 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1942 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2007

Share on: