CVSS: 7.5EPSS: 90%CPEs: 9EXPL: 1CVE-2006-1314 – Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)
https://notcve.org/view.php?id=CVE-2006-1314
Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages. Desbordamiento de búfer basado en montículo en Server Service (SRV.SYS driver) de Microsoft Windows 2000 SP4, XP SP1 y SP2, Server de 2003 a SP1 y otros productos, permite a atacantes remotos ejecutar código de su elección a través de mensajes Mailslot de primera clase manipulados lo que dispara una corrupción de memoria y evita las restricciones de tamaño en mensajes Mailslot de segunda clase. • https://www.exploit-db.com/exploits/2057 http://secunia.com/advisories/21007 http://securityreason.com/securityalert/1212 http://www.kb.cert.org/vuls/id/189140 http://www.osvdb.org/27154 http://www.securityfocus.com/archive/1/439773/100/0/threaded http://www.securityfocus.com/bid/18863 http://www.tippingpoint.com/security/advisories/TSRT-06-02.html http://www.us-cert.gov/cas/techalerts/TA06-192A.html http://www.vupen.com/english/advisories/2006/2753 https:// •
CVSS: 7.5EPSS: 84%CPEs: 29EXPL: 0CVE-2006-2371
https://notcve.org/view.php?id=CVE-2006-2371
Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability." • http://secunia.com/advisories/20630 http://securityreason.com/securityalert/1096 http://securitytracker.com/id?1016285 http://www.kb.cert.org/vuls/id/814644 http://www.osvdb.org/26436 http://www.securityfocus.com/archive/1/436977/100/0/threaded http://www.securityfocus.com/bid/18358 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2323 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-025 https& •
CVSS: 4.3EPSS: 27%CPEs: 1EXPL: 0CVE-2006-2380
https://notcve.org/view.php?id=CVE-2006-2380
Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability." • http://secunia.com/advisories/20637 http://securitytracker.com/id?1016289 http://www.osvdb.org/26438 http://www.securityfocus.com/bid/18389 http://www.vupen.com/english/advisories/2006/2328 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-031 https://exchange.xforce.ibmcloud.com/vulnerabilities/26836 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1763 • CWE-287: Improper Authentication •
CVSS: 9.3EPSS: 88%CPEs: 59EXPL: 1CVE-2006-2379 – Microsoft Windows - TCP/IP Protocol Driver Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2379
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. • https://www.exploit-db.com/exploits/1967 http://secunia.com/advisories/20639 http://securitytracker.com/id?1016290 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702 http://www.kb.cert.org/vuls/id/722753 http://www.osvdb.org/26433 http://www.securityfocus.com/archive/1/438482/100/0/threaded http://www.securityfocus.com/archive/1/438609/100/0/threaded http://www.securityfocus.com/bid/18374 http://www.us-cert.gov/cas/techalerts/TA06-164A.html htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 93%CPEs: 29EXPL: 4CVE-2006-2370 – Microsoft RRAS Service - RASMAN Registry Overflow (MS06-025)
https://notcve.org/view.php?id=CVE-2006-2370
Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." • https://www.exploit-db.com/exploits/16375 https://www.exploit-db.com/exploits/16364 https://www.exploit-db.com/exploits/1965 https://www.exploit-db.com/exploits/1940 http://secunia.com/advisories/20630 http://securitytracker.com/id?1016285 http://www.kb.cert.org/vuls/id/631516 http://www.osvdb.org/26437 http://www.securityfocus.com/bid/18325 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2323 https:/&#x •