Strix
26.1K

CVE-2006-3942

UnknownEPSS 73.75%

Last modified

CVE-2006-3942 is a vulnerability of currently unknown severity. The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot.. EPSS estimates a 73.75% chance of exploitation in the next 30 days.

Description

The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot.

Metrics

EPSS Probability
73.75%

99.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
MicrosoftWindows 2000All versionsSp4
MicrosoftWindows 2003 Server64-bit
MicrosoftWindows 2003 Serveritanium
MicrosoftWindows 2003 Serverr2
MicrosoftWindows 2003 Serversp1
MicrosoftWindows XpAll versions

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2006-3942?
The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot.
How severe is CVE-2006-3942?
Severity scoring for CVE-2006-3942 is pending analysis. The EPSS model estimates a 73.75% probability of exploitation in the next 30 days.
How do I fix CVE-2006-3942?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-3942?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST