| VID |
23033 |
| Severity |
20 |
| Port |
67 |
| Protocol |
UDP |
| Class |
DHCP |
| Detailed Description |
The DHCP server allows a remote user to retrieve information about the network layout.
Dynamic Host Configuration Protocol (DHCP) aids in the administration of IP networks by providing individual client computers their respective configurations. Some DHCP server provide configuration parameters such as the NIS domain name, or network layout information such as the list of the network www servers, and so on. It does not demonstrate any vulnerability, but a local attacker may use DHCP to become intimately familiar with the network in no time.
If a DHCP server gives DHCP configuration parameters to all requesting clients, then where dynamic allocation of resources is used, a malicious client could claim all available IP addresses for itself, preventing legitimate clients from obtaining an IP address.
* Platforms Affected:
Unix Any version
Windows Any version
* References:
http://www.iss.net/security_center/static/7131.php
http://www.iss.net/security_center/static/7132.php
http://www.iss.net/security_center/static/7133.php |
| Recommendation |
This issue does not directly indicate any type of vulnerability. Monitor DHCP server log files for suspicious activity.
-- AND --
Consider running a DHCP implementation that supports assignment of IP address lease only to authorized clients.
-- AND --
Apply filtering to keep this information off the untrusted network. By default the DHCP server uses UDP port 67. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
