McAfee > Theat Center > Vulnerability Detail Page

Timeline

10/10/2006

Vendor has provided a patch.

8/14/2006

Vulnerability information has been publicly disclosed.

8/2/2006

Vulnerability information has been publicly disclosed.

7/28/2006

Vulnerability information has been publicly disclosed.

Description

The Microsoft Server Service allows for local resource sharing via RPC. A denial of service vulnerability is present in the Server Service that may allow remote attacks. The flaw lies in processing of maliciously crafted network traffic by the server service. Successful exploitation would cause the system to restart.

McAfee Product Mitigation & Recommendations

Recommendations

Download and install the patch available from Microsoft(923414): http://www.microsoft.com/technet/security/Bulletin/MS06-063.mspx

McAfee Product Mitigation

McAfee Foundstone

This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.

Signature:

(MS06-063) Microsoft Windows Server Service Denial of Service Vulnerability (923414)

Signature identifier:

4666

Release date:

10/10/2006

McAfee Intrushield

McAfee Intrushield is proactively protecting customers against all known exploits of this buffer overflow vulnerability.

Signature:

SRV.SYS Null Pointer Dereference

Signature identifier:

0x40708B00

Release date:

8/24/2006

First released in:

Sigset(s) 3.1.23, 1.8.84, 1.9.67, 2.1.50

Additional Resources

Vulnerability in Server Driver could result in Denial of Service

http://xforce.iss.net/xforce/alerts/id/231

Microsoft SRV.SYS SMB_COM_TRANSACTION Denial of Service

http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10

Microsoft Security Bulletin: Vulnerability in Server Service Could Result in Denial of Service (923414)

http://www.microsoft.com/technet/security/Bulletin/MS06-063.mspx

Vulnerability Summary CVE-2006-3942

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3942

All Information

Timeline -

10/10/2006

Vendor has provided a patch.

8/14/2006

Vulnerability information has been publicly disclosed.

8/2/2006

Vulnerability information has been publicly disclosed.

7/28/2006

Vulnerability information has been publicly disclosed.

Description -

The Microsoft Server Service allows for local resource sharing via RPC. A denial of service vulnerability is present in the Server Service that may allow remote attacks. The flaw lies in processing of maliciously crafted network traffic by the server service. Successful exploitation would cause the system to restart.

McAfee Product Mitigation & Recommendations

Recommendations -

Download and install the patch available from Microsoft(923414): http://www.microsoft.com/technet/security/Bulletin/MS06-063.mspx

McAfee Product Mitigation

McAfee Foundstone

This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.

Signature:

(MS06-063) Microsoft Windows Server Service Denial of Service Vulnerability (923414)

Signature identifier:

4666

Release date:

10/10/2006

McAfee Intrushield

McAfee Intrushield is proactively protecting customers against all known exploits of this buffer overflow vulnerability.

Signature:

SRV.SYS Null Pointer Dereference

Signature identifier:

0x40708B00

Release date:

8/24/2006

First released in:

Sigset(s) 3.1.23, 1.8.84, 1.9.67, 2.1.50

Additional Resources

Additional Resources -

Vulnerability in Server Driver could result in Denial of Service

http://xforce.iss.net/xforce/alerts/id/231

Microsoft SRV.SYS SMB_COM_TRANSACTION Denial of Service

http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10

Microsoft Security Bulletin: Vulnerability in Server Service Could Result in Denial of Service (923414)

http://www.microsoft.com/technet/security/Bulletin/MS06-063.mspx

Vulnerability Summary CVE-2006-3942

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3942