ID CVE-2006-5583
Summary Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1, and possibly other versions allows remote attackers to execute arbitrary code via a crafted SNMP packet, aka "SNMP Memory Corruption Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2003_server:2000:sp4
    cpe:2.3:o:microsoft:windows_2003_server:2000:sp4
  • cpe:2.3:o:microsoft:windows_2003_server:sp1
    cpe:2.3:o:microsoft:windows_2003_server:sp1
  • cpe:2.3:o:microsoft:windows_2003_server:xp_sp2
    cpe:2.3:o:microsoft:windows_2003_server:xp_sp2
CVSS
Base: 10.0 (as of 12-12-2006 - 16:20)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS06-074.NASL
description The remote host contains a flaw in its SNMP service that could allow remote code execution.
last seen 2019-02-21
modified 2018-11-15
plugin id 23837
published 2006-12-12
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=23837
title MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution (926247)
oval via4
accepted 2011-05-09T04:00:03.324-04:00
class vulnerability
contributors
  • name Robert L. Hollis
    organization ThreatGuard, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Windows XP SP2 or later is installed
    oval oval:org.mitre.oval:def:521
  • comment Microsoft Windows XP SP1 (64-bit) is installed
    oval oval:org.mitre.oval:def:480
  • comment Microsoft Windows Server 2003 (x86) Gold is installed
    oval oval:org.mitre.oval:def:165
  • comment Microsoft Windows Server 2003 SP1 (x86) is installed
    oval oval:org.mitre.oval:def:565
description Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1, and possibly other versions allows remote attackers to execute arbitrary code via a crafted SNMP packet, aka "SNMP Memory Corruption Vulnerability."
family windows
id oval:org.mitre.oval:def:1047
status accepted
submitted 2006-12-13T08:17:04
title SNMP Memory Corruption Vulnerability
version 68
refmap via4
bid 21537
cert TA06-346A
cert-vn VU#901584
hp
  • HPSBST02180
  • SSRT061288
ms MS06-074
sectrack 1017371
secunia 23307
vupen ADV-2006-4967
Last major update 07-03-2011 - 21:43
Published 12-12-2006 - 15:28
Last modified 17-10-2018 - 17:43
Back to Top