CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 1CVE-2006-1315 – Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)
https://notcve.org/view.php?id=CVE-2006-1315
The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka "SMB Information Disclosure Vulnerability." The Server Service (SRV.SYS driver) en Microsoft Windows 2000 SP4, XP SP1 y SP2, Server de 2003 a SP1 y otros productos, permite a atacantes remotos obtener información sensible a través de una petición manipulada que filtra información en búfers SMB, lo que no está correctamente inicializado, también conocido como "SMB Information Disclosure Vulnerability (Vulnerabilidad de Revelación de Información SMB)". • https://www.exploit-db.com/exploits/2057 http://secunia.com/advisories/21007 http://securitytracker.com/id?1016467 http://www.kb.cert.org/vuls/id/333636 http://www.osvdb.org/27155 http://www.securityfocus.com/archive/1/439881/100/0/threaded http://www.securityfocus.com/bid/18891 http://www.vupen.com/english/advisories/2006/2753 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-035 https://exchange.xforce.ibmcloud.com/vulnerabilities/26820 https: •
CVSS: 7.5EPSS: 80%CPEs: 9EXPL: 1CVE-2006-1314 – Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)
https://notcve.org/view.php?id=CVE-2006-1314
Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages. Desbordamiento de búfer basado en montículo en Server Service (SRV.SYS driver) de Microsoft Windows 2000 SP4, XP SP1 y SP2, Server de 2003 a SP1 y otros productos, permite a atacantes remotos ejecutar código de su elección a través de mensajes Mailslot de primera clase manipulados lo que dispara una corrupción de memoria y evita las restricciones de tamaño en mensajes Mailslot de segunda clase. • https://www.exploit-db.com/exploits/2057 http://secunia.com/advisories/21007 http://securityreason.com/securityalert/1212 http://www.kb.cert.org/vuls/id/189140 http://www.osvdb.org/27154 http://www.securityfocus.com/archive/1/439773/100/0/threaded http://www.securityfocus.com/bid/18863 http://www.tippingpoint.com/security/advisories/TSRT-06-02.html http://www.us-cert.gov/cas/techalerts/TA06-192A.html http://www.vupen.com/english/advisories/2006/2753 https:// •
CVSS: 5.0EPSS: 27%CPEs: 15EXPL: 1CVE-2006-3146
https://notcve.org/view.php?id=CVE-2006-3146
The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. ... El controlador TOSRFBD.SYS para Toshiba Bluetooth Stack v4.00.29 y anteriores en Windows permite a atacantes remotos provocar una denegación de servicio (reinicio) a través de una solicitud L2CAP echo que provoca una acceso "fuera de rango" a memoria, similar al "Ping de la Muerte" tal y como lo demuestra BlueSmack. • http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 94%CPEs: 59EXPL: 1CVE-2006-2379 – Microsoft Windows - TCP/IP Protocol Driver Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2379
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. • https://www.exploit-db.com/exploits/1967 http://secunia.com/advisories/20639 http://securitytracker.com/id?1016290 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702 http://www.kb.cert.org/vuls/id/722753 http://www.osvdb.org/26433 http://www.securityfocus.com/archive/1/438482/100/0/threaded http://www.securityfocus.com/archive/1/438609/100/0/threaded http://www.securityfocus.com/bid/18374 http://www.us-cert.gov/cas/techalerts/TA06-164A.html htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 3CVE-2006-2374 – Microsoft SMB Driver - Local Denial of Service
https://notcve.org/view.php?id=CVE-2006-2374
The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability." • https://www.exploit-db.com/exploits/28001 https://www.exploit-db.com/exploits/1911 http://secunia.com/advisories/20635 http://securitytracker.com/id?1016288 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=409 http://www.osvdb.org/26439 http://www.securityfocus.com/bid/18357 http://www.vupen.com/english/advisories/2006/2327 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-030 https://exchange.xforce.ibmcloud.com/vulnerabilities/26830 ht • CWE-667: Improper Locking •