CVE-2006-1315

Microsoft Windows - Info Disclosure

Title source: llm

Description

The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka "SMB Information Disclosure Vulnerability."

Exploits (1)

exploitdb WORKING POC

cdoswindows

https://www.exploit-db.com/exploits/2057

View Code ZIP pw:eip

References (10)

[US Government Resource] http://www.kb.cert.org/vuls/id/333636

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-035

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/26820

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/439881/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/18891

[Third Party Advisory, VDB Entry] http://www.osvdb.org/27155

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1016467

[Third Party Advisory] http://secunia.com/advisories/21007

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/2753

Scores

EPSS 0.5765

EPSS Percentile 98.2%

Details

Status published

Products (1)

microsoft/server_service

Published Jul 11, 2006

Tracked Since Feb 18, 2026