Vulnerability Name:

CVE-2006-4688 (CCN-29952)

Assigned:2006-11-14
Published:2006-11-14
Updated:2018-10-17
Summary:Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Client Service for NetWare Memory Corruption Vulnerability."
CVSS v3 Severity:9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2006-4688

Source: CCN
Type: SA22866
Microsoft Windows Client Service for Netware Vulnerabilities

Source: SECUNIA
Type: Patch
22866

Source: CCN
Type: SECTRACK ID: 1017224
Microsoft Client Service for Netware Buffer Overflows Let Remote Users Execute Arbitrary Code and Crash the System

Source: SECTRACK
Type: UNKNOWN
1017224

Source: CCN
Type: ASA-2006-253
Microsoft Security Bulletin Summary for November 2006 (MS06-66 - MS06-71)

Source: CCN
Type: Microsoft Security Bulletin MS06-066
Vulnerabilities in NetWare Client Service Could Allow Remote Code Execution (923980)

Source: BUGTRAQ
Type: UNKNOWN
20061116 Vulnerabilities in Client Service for NetWare

Source: BID
Type: UNKNOWN
21023

Source: CCN
Type: BID-21023
Microsoft Windows Client Service For Netware Remote Code Execution Vulnerability

Source: CERT
Type: US Government Resource
TA06-318A

Source: VUPEN
Type: UNKNOWN
ADV-2006-4504

Source: MS
Type: UNKNOWN
MS06-066

Source: XF
Type: UNKNOWN
ms-csnw-bo(29952)

Source: XF
Type: UNKNOWN
ms-csnw-bo(29952)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:404

Source: CCN
Type: Rapid7 Vulnerability and Exploit Database [11-14-2006]
MS06-066 Microsoft Services nwapi32.dll Module Exploit

Source: CCN
Type: Rapid7 Vulnerability and Exploit Database [11-14-2006]
MS06-066 Microsoft Services nwwks.dll Module Exploit

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:404
    V
    		Microsoft Client Service for NetWare Memory Corruption Vulnerability
    2007-02-20
    BACK
    microsoft windows 2000 * sp4
    microsoft windows 2003 server sp1
    microsoft windows xp * sp2
    microsoft windows 2000 sp4
    microsoft windows xp sp2
    microsoft windows 2003_server sp1
    microsoft windows 2003 -