The server driver (srv.sys) in Microsoft Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet on an SMB PIPE that triggers a null dereference.
While investigating the Microsoft Server Service Mailslot heap overflow vulnerability reported in Microsoft Security Bulletin MS06-035 we discovered a second bug in the server service. This module exploits this vulnerability.
For more info go to
http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10
While investigating the Microsoft Server Service Mailslot heap overflow vulnerability reported in Microsoft Security Bulletin MS06-035 we discovered a second bug in the server service. This module exploits this vulnerability.
For more info go to
http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name