← back
CVE-2006-6296

CVE-2006-6296

EPSS 22.9%
The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/2879unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://research.eeye.com/html/alerts/zeroday/20051116.htmlhttp://secunia.com/advisories/23196http://securitytracker.com/id?1017330https://exchange.xforce.ibmcloud.com/vulnerabilities/30717https://www.exploit-db.com/exploits/2879http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2005/20051116http://www.kb.cert.org/vuls/id/914617http://www.securityfocus.com/bid/21401http://www.vupen.com/english/advisories/2006/4827