CVE-2006-3439

EXPLOITED

Microsoft Windows <2003 - Buffer Overflow

Title source: llm

Description

Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.

Exploits (6)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16367
exploitdb WORKING POC VERIFIED
by Trirat Puttaraksa · remotewindows
https://www.exploit-db.com/exploits/2355
exploitdb WORKING POC VERIFIED
by ub3rst4r · cremotewindows
https://www.exploit-db.com/exploits/2265
exploitdb WORKING POC VERIFIED
by Preddy · cremotewindows
https://www.exploit-db.com/exploits/2223
exploitdb WORKING POC VERIFIED
by H D Moore · remotewindows
https://www.exploit-db.com/exploits/2162
metasploit WORKING POC GOOD
by hdm · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/ms06_040_netapi.rb

References (11)

Scores

EPSS 0.8896
EPSS Percentile 99.5%

Details

VulnCheck KEV 2017-06-20
Status published
Products (6)
microsoft/windows_2000
microsoft/windows_2003_server 64-bit
microsoft/windows_2003_server itanium
microsoft/windows_2003_server r2
microsoft/windows_2003_server sp1 (2 CPE variants)
microsoft/windows_xp (3 CPE variants)
Published Aug 09, 2006
Tracked Since Feb 18, 2026