PT-2006-5473 · Microsoft · Windows Server 2003+3

Peter Winter-Smith

Published

2006-11-14

Updated

2018-10-17

CVE-2006-4688

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 Microsoft Windows Server 2003 up to SP1

Description A buffer overflow issue exists in the Client Service for NetWare (CSNW) component, allowing remote attackers to execute arbitrary code through crafted messages. This issue is also known as the "Client Service for NetWare Memory Corruption" problem.

Recommendations For Microsoft Windows 2000 SP4, apply the necessary patch to fix the buffer overflow issue in CSNW. For Microsoft Windows XP SP2, apply the necessary patch to fix the buffer overflow issue in CSNW. For Microsoft Windows Server 2003 up to SP1, apply the necessary patch to fix the buffer overflow issue in CSNW.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4688

Affected Products

Client Service For Netware

Windows 2000

Windows Server 2003

Windows Xp

PT-2006-5473 · Microsoft · Windows Server 2003+3

CVE-2006-4688

Related Identifiers

Affected Products

References · 14