CVSS: 5.0EPSS: 6%CPEs: 1EXPL: 1CVE-2006-1315 – Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)
https://notcve.org/view.php?id=CVE-2006-1315
The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka "SMB Information Disclosure Vulnerability." The Server Service (SRV.SYS driver) en Microsoft Windows 2000 SP4, XP SP1 y SP2, Server de 2003 a SP1 y otros productos, permite a atacantes remotos obtener información sensible a través de una petición manipulada que filtra información en búfers SMB, lo que no está correctamente inicializado, también conocido como "SMB Information Disclosure Vulnerability (Vulnerabilidad de Revelación de Información SMB)". • https://www.exploit-db.com/exploits/2057 http://secunia.com/advisories/21007 http://securitytracker.com/id?1016467 http://www.kb.cert.org/vuls/id/333636 http://www.osvdb.org/27155 http://www.securityfocus.com/archive/1/439881/100/0/threaded http://www.securityfocus.com/bid/18891 http://www.vupen.com/english/advisories/2006/2753 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-035 https://exchange.xforce.ibmcloud.com/vulnerabilities/26820 https: •
CVSS: 5.0EPSS: 15%CPEs: 15EXPL: 1CVE-2006-3146
https://notcve.org/view.php?id=CVE-2006-3146
The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. ... El controlador TOSRFBD.SYS para Toshiba Bluetooth Stack v4.00.29 y anteriores en Windows permite a atacantes remotos provocar una denegación de servicio (reinicio) a través de una solicitud L2CAP echo que provoca una acceso "fuera de rango" a memoria, similar al "Ping de la Muerte" tal y como lo demuestra BlueSmack. • http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 88%CPEs: 59EXPL: 1CVE-2006-2379 – Microsoft Windows - TCP/IP Protocol Driver Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2379
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. • https://www.exploit-db.com/exploits/1967 http://secunia.com/advisories/20639 http://securitytracker.com/id?1016290 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702 http://www.kb.cert.org/vuls/id/722753 http://www.osvdb.org/26433 http://www.securityfocus.com/archive/1/438482/100/0/threaded http://www.securityfocus.com/archive/1/438609/100/0/threaded http://www.securityfocus.com/bid/18374 http://www.us-cert.gov/cas/techalerts/TA06-164A.html htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 2CVE-2006-2373 – Microsoft Windows - NtClose DeadLock (MS06-030)
https://notcve.org/view.php?id=CVE-2006-2373
The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability." • https://www.exploit-db.com/exploits/1910 https://www.exploit-db.com/exploits/1911 http://secunia.com/advisories/20635 http://securitytracker.com/id?1016288 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=408 http://www.osvdb.org/26440 http://www.securityfocus.com/bid/18356 http://www.vupen.com/english/advisories/2006/2327 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-030 https://exchange.xforce.ibmcloud.com/vulnerabilities/26828 htt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 3CVE-2006-2374 – Microsoft SMB Driver - Local Denial of Service
https://notcve.org/view.php?id=CVE-2006-2374
The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability." • https://www.exploit-db.com/exploits/28001 https://www.exploit-db.com/exploits/1911 http://secunia.com/advisories/20635 http://securitytracker.com/id?1016288 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=409 http://www.osvdb.org/26439 http://www.securityfocus.com/bid/18357 http://www.vupen.com/english/advisories/2006/2327 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-030 https://exchange.xforce.ibmcloud.com/vulnerabilities/26830 ht • CWE-667: Improper Locking •