| VID |
26105 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix (KB885249) for the 'Vulnerabilities in the DHCP' has not been applied. The DHCP (Dynamic Host Configuration Protocol) server is responsible for configuring the network settings of computers and other network devices in a LAN environment. Microsoft Windows DHCP server on NT 4 server platforms is vulnerable to the following vulnerabililties:
1. A denial of service vulnerability exists that could allow a remote attacker to cause a DHCP server with DHCP logging enabled to crash.
2. A remote buffer overflow vulnerability exists that could allow a remote attacker to execute arbitrary machine code in the context of the affected service. The DHCP server is running with administrative privileges, allowing the attacker to gain administrative access.
Due to the use of UDP datagrams, exploitation attempts may originate from spoofed source addresses.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms04-042.mspx
* Platforms Affected:
Microsoft Windows NT Server 4.0 SP 6a
Microsoft Windows NT Server 4.0 TSE SP 6 |
| Recommendation |
Apply the appropriate patch for your system, as listed in the Microsoft Security Bulletin MS04-042 at http://www.microsoft.com/technet/security/bulletin/ms04-042.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2004-0571,CVE-2004-0901 (CVE) |
| Related URL |
11927,11929 (SecurityFocus) |
| Related URL |
18337,18338 (ISS) |
|
