[email protected]CVE-2006-1315

HistoryJul 11, 2006 - 9:05 p.m.

CVE-2006-1315

2006-07-1121:05:00

[email protected]

web.nvd.nist.gov

microsoft

windows

srv.sys driver

smb

information disclosure

vulnerability

cve-2006-1315

nvd

5.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.06 Low

EPSS

Percentile

93.5%

JSON

The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka “SMB Information Disclosure Vulnerability.”

Affected configurations

NVD

Node

microsoftserver_service

CPENameOperatorVersion
microsoft:server_servicemicrosoft server serviceeq*

CPE	Name	Operator	Version
microsoft:server_service	microsoft server service	eq	*

References

secunia.com/advisories/21007

securitytracker.com/id?1016467

www.kb.cert.org/vuls/id/333636

www.osvdb.org/27155

www.securityfocus.com/archive/1/439881/100/0/threaded

www.securityfocus.com/bid/18891

www.vupen.com/english/advisories/2006/2753

docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-035

exchange.xforce.ibmcloud.com/vulnerabilities/26820

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3

5.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.06 Low

EPSS

Percentile

93.5%

JSON

Related for CVE-2006-1315

prion1 securityvulns2 cvelist1 cert1 nvd1 nessus3