CVE-2006-2374 Information

Description

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4 XP SP1 and SP2 and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device which results in a deadlock aka the \SMB Invalid Handle Vulnerability.\

Reference

http://secunia.com/advisories/20635 http://securitytracker.com/id?1016288 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=409 http://www.osvdb.org/26439 http://www.securityfocus.com/bid/18357 http://www.vupen.com/english/advisories/2006/2327 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-030 https://exchange.xforce.ibmcloud.com/vulnerabilities/26830 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1827 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1841 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1850 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1979 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2030 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2060