CVE-2006-2374

Severity

21%

Complexity

39%

Confidentiality

48%

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability."

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability."

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:P).

Overview

Type

Microsoft Windows

First reported 18 years ago

2006-06-13 19:06:00

Last updated 6 years ago

2018-10-12 21:39:00

Affected Software

Microsoft Windows 2000 Service Pack 4

Microsoft Windows Server 2003

Microsoft Windows 2003 Server Service Pack 1

Microsoft Windows XP Service Pack 1

Microsoft Windows XP Service Pack 2

References

20635

Third Party Advisory

1016288

Third Party Advisory, VDB Entry

20060613 Windows MRXSMB.SYS MrxSmbCscIoctlCloseForCopyChunk DoS

Not Applicable

26439

Broken Link

18357

Exploit, Patch, Third Party Advisory, VDB Entry

ADV-2006-2327

Vendor Advisory

MS06-030

win-smb-dos(26830)

Third Party Advisory, VDB Entry

oval:org.mitre.oval:def:1827

Third Party Advisory

oval:org.mitre.oval:def:1841

Third Party Advisory

oval:org.mitre.oval:def:1850

Third Party Advisory

oval:org.mitre.oval:def:1979

Third Party Advisory

oval:org.mitre.oval:def:2030

Third Party Advisory

oval:org.mitre.oval:def:2060

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.