| Check Point Reference: |
CPAI-2006-101 |
| Date Published: |
12 Sep 2006 |
| Severity: |
High
|
| Last Updated: |
Wednesday 14 February, 2007 |
| Source: |
Microsoft Security Bulletin MS06-036
FrSIRT/ADV-2006-2754
|
| Industry Reference: | CVE-2006-2372
US-CERT VU#257164 |
| Protection Provided by: |
|
| Who is Vulnerable? | Microsoft Windows 2000 SP4
Microsoft Windows XP SP1
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition |
| Vulnerability Description |
Microsoft Windows contains a vulnerability in the way that it processes and logs DHCP messages. The Dynamic Host Configuration Protocol (DHCP) provides central management of IP addresses and other details related to the IP configuration used on the network. A remote user can exploit this vulnerability by sending a specially crafted DHCP message to a vulnerable DHCP server. This may result in remote code execution on the affected system. |
| Update/Patch Avaliable | Apply patches:
Microsoft Security Bulletin MS06-036 |
| Vulnerability Details | The vulnerability is caused due to a buffer overflow error in the way that DHCP validates a value from specially crafted network packets. A remote attacker can trigger the vulnerability by sending a malicious DHCP response to a DHCP request. Successful exploitation could result in arbitrary code execution and in the attacker?s complete control of an affected system. |
Feedback