Executive Summary

Informations
NameCVE-2006-6296First vendor Publication2006-12-05
VendorCveLast vendor Modification2011-03-07

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score6.1Attack RangeAdjacent network
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score6.5AuthentificationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6296

CWE : Common Weakness Enumeration

idName
CWE-399Resource Management Errors

CPE : Common Platform Enumeration

TypeDescriptionCount
Os5
Os1

Milw0rm Exploits

idDescription
2006-12-01MS Windows spoolss GetPrinterData() Remote DoS Exploit (0day)

Open Source Vulnerability Database (OSVDB)

idDescription
30823Microsoft Windows Print Spooler (spoolsv.exe) RpcGetPrinterData Function DoS

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/21401
CERT-VNhttp://www.kb.cert.org/vuls/id/914617
MILW0RMhttp://milw0rm.com/exploits/2879
MISChttp://research.eeye.com/html/alerts/zeroday/20051116.html
http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2005/...
SECTRACKhttp://securitytracker.com/id?1017330
SECUNIAhttp://secunia.com/advisories/23196
VUPENhttp://www.vupen.com/english/advisories/2006/4827
XFhttp://xforce.iss.net/xforce/xfdb/30717

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2013-05-11 11:15:53
  • Multiple Updates