CVE-2006-2334

Severity

21%

Complexity

39%

Confidentiality

48%

The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be accessed through the expected DOS path or prevent access to other similarly named files in the same directory, which prevents those files from being detected or disinfected by certain anti-virus and anti-spyware software.

The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be accessed through the expected DOS path or prevent access to other similarly named files in the same directory, which prevents those files from being detected or disinfected by certain anti-virus and anti-spyware software.

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:P/A:N).

Overview

First reported 18 years ago

2006-05-12 00:02:00

Last updated 6 years ago

2018-10-18 16:39:00

Affected Software

Microsoft windows xp_sp2 tablet_pc

References

http://www.48bits.com/advisories/rtldospath.pdf

Exploit, Vendor Advisory

25761

20060509 [48Bits.com Advisory] Path conversion design flaw in Microsoft NTDLL

17934

Exploit

win-ntdll-path-conversion(26487)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.