SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#333636

Microsoft Server Service may disclose information used to store SMB traffic

Overview

A vulnerability in the Microsoft Server service may allow an attacker to view fragments of memory used to store SMB traffic.

I. Description

Microsoft Server Service
The Microsoft Server service supports file, print, and named-pipe sharing over the network.

Server Message Block
Server Message Block (SMB) is a protocol used to share files and printers, and is the default file and print sharing service on supported versions of the Windows operating system.

There is an uninitialized buffer in the Server driver that may allow an attacker to view contents of the SMB buffers.

II. Impact

This vulnerability may result in information being disclosed that would aid in launching other attacks on the affected system. An attacker could not exploit this vulnerability to run arbitrary code.


Note that per Microsoft, other protocols such as Internetwork Packet Exchange (IPX) and Sequenced Packet Exchange (SPX) could also be vulnerable to this issue.

III. Solution

Apply a Patch from the Vendor


Apply the patch supplied by Microsoft. See Microsoft Security Bulletin MS06-035 for details.

Restrict Access
Per Microsoft, restricting access to ports 139/tcp and 445/tcp to trusted hosts may prevent this vulnerability from being exploited.

Systems Affected

VendorStatusDate NotifiedDate Updated
Microsoft CorporationUnknown19-Jul-2006

References


http://www.microsoft.com/technet/security/bulletin/ms06-035.mspx

Credit

Microsoft Security reported this issue. Microsoft credits Mike Price and Rafal Wojtczuk of McAfee Avert Labs with reporting information about this issue to them.

This document was written by Ryan Giobbi.

Other Information

Date Public:2006-07-11
Date First Published:2006-07-20
Date Last Updated:2006-07-20
CERT Advisory: 
CVE-ID(s):CVE-2006-1315
NVD-ID(s):CVE-2006-1315
US-CERT Technical Alerts: 
Metric:0.39
Document Revision:15

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2006 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader