Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1315

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1315
Last Modified 07 Mar 2011 09:32:45
Published 11 Jul 2006 05:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1315

Summary

The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka "SMB Information Disclosure Vulnerability."

Vulnerable Systems

Application

  • Microsoft Server Service


References

CERT-VN - VU#333636

MS - MS06-035

VUPEN - ADV-2006-2753

XF - win-smb-information-disclosure(26820)

BID - 18891

BUGTRAQ - 20060711 SMB Information Disclosure Vulnerability

OSVDB - 27155

SECTRACK - 1016467

SECUNIA - 21007


Last Updated: 27 May 2016 10:42:01