CVE-2006-2373

Severity

99%

Complexity

99%

Confidentiality

165%

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Microsoft Windows

First reported 18 years ago

2006-06-13 19:06:00

Last updated 5 years ago

2019-03-26 19:17:00

Affected Software

Microsoft Windows 2000 Service Pack 4

Microsoft Windows XP Professional Edition on x64

Microsoft Windows XP Service Pack 1

Microsoft Windows XP Service Pack 2

References

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.

CVE-2006-2373

Severity

What is severity?

Complexity

What is complexity?

Confidentiality

What is confidentiality?

Overview

Type

First reported 18 years ago

Last updated 5 years ago

Affected Software

Microsoft Windows 2000 Service Pack 4

Microsoft Windows XP Professional Edition on x64

Microsoft Windows XP Service Pack 1

Microsoft Windows XP Service Pack 2

References

20635

1016288

20060613 Windows MRXSMB.SYS MRxSmbCscIoctlOpenForCopyChunk Overflow

26440

18356

ADV-2006-2327

MS06-030

win-smb-privilege-escalation(26828)

oval:org.mitre.oval:def:1137

oval:org.mitre.oval:def:1730

oval:org.mitre.oval:def:1792

oval:org.mitre.oval:def:1904

oval:org.mitre.oval:def:1942

oval:org.mitre.oval:def:2007

Stay updated

Get in touch