| Vulnerability Name: | CVE-2006-1314 (CCN-26818) | ||||||||
| Assigned: | 2006-07-11 | ||||||||
| Published: | 2006-07-11 | ||||||||
| Updated: | 2018-10-18 | ||||||||
| Summary: | Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 6.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
6.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-1314 Source: CCN Type: SA21007 Microsoft Windows Server Service Two Vulnerabilities Source: SECUNIA Type: UNKNOWN 21007 Source: SREASON Type: UNKNOWN 1212 Source: CCN Type: ASA-2006-135 Windows Security Updates for July 2006 - (MS06-033 - MS06-039) Source: CCN Type: Microsoft Security Bulletin MS15-083 Vulnerability in Server Message Block Could Allow Remote Code Execution (3073921) Source: CCN Type: Microsoft Security Bulletin MS16-114 Security Update for Windows SMBv1 Server (3185879) Source: CCN Type: Microsoft Security Bulletin MS17-010 Security Update for Windows SMB Server (4013389) Source: CCN Type: US-CERT VU#189140 Microsoft Server Service Mailslot vulnerable to heap overflow Source: CERT-VN Type: US Government Resource VU#189140 Source: CCN Type: Microsoft Security Bulletin MS06-035 Vulnerability in Server Service Could Allow Remote Code Execution (917159) Source: CCN Type: Microsoft Security Bulletin MS06-063 Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution (923414) Source: CCN Type: Microsoft Security Bulletin MS08-063 Vulnerability in SMB Could Allow Remote Code Execution (957095) Source: CCN Type: Microsoft Security Bulletin MS09-001 Vulnerabilities in SMB Could Allow Remote Code Execution (958687) Source: CCN Type: Microsoft Security Bulletin MS10-012 Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468) Source: CCN Type: Microsoft Security Bulletin MS10-054 Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) Source: CCN Type: Microsoft Security Bulletin MS11-020 Vulnerability in SMB Server Could Allow Remote Code Execution (2508429) Source: OSVDB Type: UNKNOWN 27154 Source: CCN Type: OSVDB ID: 27154 Microsoft Windows Server Service SRV.SYS First-class Mailslot Message Remote Overflow Source: BUGTRAQ Type: UNKNOWN 20060711 TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability Source: BID Type: UNKNOWN 18863 Source: CCN Type: BID-18863 Microsoft Windows Server Driver Mailslot Remote Heap Buffer Overflow Vulnerability Source: CCN Type: Tipping Point Security Research Advisory TSRT-06-02 Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability Source: MISC Type: Patch, Vendor Advisory http://www.tippingpoint.com/security/advisories/TSRT-06-02.html Source: CERT Type: US Government Resource TA06-192A Source: VUPEN Type: UNKNOWN ADV-2006-2753 Source: MS Type: UNKNOWN MS06-035 Source: XF Type: UNKNOWN win-mailslot-bo(26818) Source: XF Type: UNKNOWN win-mailslot-bo(26818) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:600 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||