ID CVE-2006-3444
Summary Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, probably a buffer overflow, allows local users to obtain privileges via unspecified vectors involving an "unchecked buffer."
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2000:-:sp4:-:fr
    cpe:2.3:o:microsoft:windows_2000:-:sp4:-:fr
  • Microsoft Windows 2000 Advanced Server SP4
    cpe:2.3:o:microsoft:windows_2000:-:sp4:advanced_server
  • Microsoft Windows 2000 Datacenter Server SP4
    cpe:2.3:o:microsoft:windows_2000:-:sp4:datacenter_server
  • Microsoft Windows 2000 Professional SP4
    cpe:2.3:o:microsoft:windows_2000:-:sp4:professional
  • Microsoft Windows 2000 Server SP4
    cpe:2.3:o:microsoft:windows_2000:-:sp4:server
CVSS
Base: 7.5 (as of 09-08-2006 - 11:22)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description MS Windows (Windows Kernel) Privilege Escalation Exploit (MS06-049). CVE-2006-3444. Local exploit for windows platform
id EDB-ID:2412
last seen 2016-01-31
modified 2006-09-21
published 2006-09-21
reporter SoBeIt
source https://www.exploit-db.com/download/2412/
title Microsoft Windows - Kernel Privilege Escalation Exploit MS06-049
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS06-049.NASL
description The remote host contains a version of the Windows kernel that could allow a local user to elevate his privileges or to crash it (therefore causing a denial of service).
last seen 2019-02-21
modified 2018-11-15
plugin id 22191
published 2006-08-08
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=22191
title MS06-049: Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)
oval via4
accepted 2011-05-09T04:01:40.449-04:00
class vulnerability
contributors
  • name Robert L. Hollis
    organization ThreatGuard, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment Microsoft Windows 2000 SP4 or later is installed
oval oval:org.mitre.oval:def:229
description Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, probably a buffer overflow, allows local users to obtain privileges via unspecified vectors involving an "unchecked buffer."
family windows
id oval:org.mitre.oval:def:673
status accepted
submitted 2006-08-11T12:53:40
title Windows 2000 Kernel Elevation of Privilege Vulnerability
version 68
refmap via4
bid 19388
ms MS06-049
sectrack 1016658
secunia 21415
vupen ADV-2006-3215
Last major update 07-03-2011 - 21:38
Published 08-08-2006 - 20:04
Last modified 12-10-2018 - 17:40
Back to Top