Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||Vulnerabilities in Client Service for Netware, Vulnerabilidades en el servicio de cliente para NetWare|
It is a group of important vulnerabilities in the Client Service for Netware on Windows 2003/XP/2000 computers, which allows remote code to be executed or Denial of Service attacks to be launched against the vulnerable computers.
|First detected on:||Nov. 15, 2006|
|Detection updated on:||Nov. 15, 2006|
MS06-066 is not categorized as virus, worm, Trojan or backdoor. It is a group of important vulnerabilities in the Client Service for Netware on Windows 2003/XP/2000 computers, which allows arbitrary code to be remotely executed or DoS (Denial of Service) attacks to be launched against the vulnerable computer.
The addressed vulnerabilities are:
- Client Service for Netware Memory Corruption vulnerability, which allows hackers to gain remote control of the affected computer with the same privileges as the logged on user.
- Netware Driver Denial of Service vulnerability, which could cause the affected system to stop responding.
These vulnerabilities can be exploited by creating and sending specially crafted network messages to a vulnerable system. However, in order to exploit it on Windows Server 2003, the malicious user must be authenticated. Additionally, though attacks can be launched across the Internet, a firewall could be used in order to prevent those attacks.
If you have a Windows 2003/XP/2000 computer, it is recommended to download and apply the security patch for these vulnerabilities. Click here to access the web page for downloading the patch.
Bear in mind that on Windows XP this bulletin replaces a previous one, called MS05-046.