The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka “SMB Information Disclosure Vulnerability.”
secunia.com/advisories/21007
securitytracker.com/id?1016467
www.kb.cert.org/vuls/id/333636
www.osvdb.org/27155
www.securityfocus.com/archive/1/439881/100/0/threaded
www.securityfocus.com/bid/18891
www.vupen.com/english/advisories/2006/2753
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-035
exchange.xforce.ibmcloud.com/vulnerabilities/26820
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3