Return to CVE list

CVE-2006-3439

10.0
Critical

CVE-2006-3439

secure@microsoft.com
Deferred
View on MITREFind on GitHub

Description

Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.

Exploits

22232006-08-19remoteWindows

Microsoft Windows - CanonicalizePathName() Remote (MS06-040)

By Preddy
23552006-09-13remoteWindows

Microsoft Windows Server 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)

By Trirat Puttaraksa
163672011-02-17remoteWindows

Microsoft Server Service - NetpwPathCanonicalize Overflow (MS06-040) (Metasploit)

By Metasploit
21622006-08-10remoteWindows

Microsoft Windows - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)

By H D Moore
22652006-08-28remoteWindows

Microsoft Windows - NetpIsRemote() Remote Overflow (MS06-040) (2)

By ub3rst4r

References

secure@microsoft.com
http://secunia.com/advisories/21388
secure@microsoft.com
http://securitytracker.com/id?1016667
secure@microsoft.com
http://www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html
secure@microsoft.com
http://www.dhs.gov/dhspublic/display?content=5789
secure@microsoft.com
http://www.kb.cert.org/vuls/id/650769
secure@microsoft.com
http://www.securityfocus.com/bid/19409
secure@microsoft.com
http://www.us-cert.gov/cas/techalerts/TA06-220A.html
secure@microsoft.com
http://www.vupen.com/english/advisories/2006/3210
secure@microsoft.com
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-040
secure@microsoft.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/28002
secure@microsoft.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A492
af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/21388
af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1016667
af854a3a-2127-422b-91ae-364da2661108
http://www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html
af854a3a-2127-422b-91ae-364da2661108
http://www.dhs.gov/dhspublic/display?content=5789
af854a3a-2127-422b-91ae-364da2661108
http://www.kb.cert.org/vuls/id/650769
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/19409
af854a3a-2127-422b-91ae-364da2661108
http://www.us-cert.gov/cas/techalerts/TA06-220A.html
af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/3210
af854a3a-2127-422b-91ae-364da2661108
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-040
af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/28002
af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A492