Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Client Service for NetWare Memory Corruption Vulnerability."
Published 2006-11-14 22:07:00
Updated 2018-10-17 21:39:07
View at NVD,   CVE.org
Vulnerability category: OverflowMemory CorruptionExecute code

Products affected by CVE-2006-4688

Exploit prediction scoring system (EPSS) score for CVE-2006-4688

96.68%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2006-4688

  • MS06-066 Microsoft Services nwwks.dll Module Exploit
    Disclosure Date: 2006-11-14
    First seen: 2020-04-26
    exploit/windows/smb/ms06_066_nwwks
    This module exploits a stack buffer overflow in the svchost service, when the netware client service is running. This specific vulnerability is in the nwapi32.dll module. Authors: - pusscat <pusscat@metasploit.com>
  • MS06-066 Microsoft Services nwapi32.dll Module Exploit
    Disclosure Date: 2006-11-14
    First seen: 2020-04-26
    exploit/windows/smb/ms06_066_nwapi
    This module exploits a stack buffer overflow in the svchost service when the netware client service is running. This specific vulnerability is in the nwapi32.dll module. Authors: - pusscat <pusscat@metasploit.com>

CVSS scores for CVE-2006-4688

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.5
HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
NIST
Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!