CVE-2006-2374

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to XP SP3 and Server 2003 SP2

Description The issue is related to a denial of service vulnerability in the Server Message Block (SMB) driver. It allows local users to cause a system hang by calling the MrxSmbCscIoctlCloseForCopyChunk function with the file handle of the shadow device, resulting in a deadlock. This could allow an attacker to cause an affected system to stop responding.

Recommendations For Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the MrxSmbCscIoctlCloseForCopyChunk function to minimize the risk of exploitation.