The vulnerability of the DHCP service in Windows operating systems allows a perpetrator to execute arbitrary code on the DHCP failure-tolerant server or cause a service failure.

🗓️ 11 Oct 2017 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 3 Views

Windows dynamic host configuration vulnerability allows arbitrary code execution or service failure on the failover server due to memory corruption.

Reporter	Title	Published	Views	Family All 24
CNVD	Microsoft Windows DHCP Server Remote Code Execution Vulnerability	13 Sep 201700:00	–	cnvd
CVE	CVE-2017-8686	13 Sep 201701:00	–	cve
Cvelist	CVE-2017-8686	13 Sep 201701:00	–	cvelist
EUVD	EUVD-2017-17633	7 Oct 202500:30	–	euvd
Microsoft KB	September 12, 2017—KB4038782 (OS Build 14393.1715)	12 Sep 201707:00	–	mskb
Microsoft KB	September 12, 2017—KB4038786 (Security-only update)	12 Sep 201707:00	–	mskb
Microsoft KB	September 12, 2017—KB4038792 (OS Build Monthly Rollup)	12 Sep 201707:00	–	mskb
Microsoft KB	September 12, 2017—KB4038793 (Security-only update)	10 Oct 201707:00	–	mskb
Microsoft KB	September 12, 2017—KB4038799 (Monthly Rollup)	12 Sep 201707:00	–	mskb
Kaspersky	KLA11099 Multiple vulnerabilities in Microsoft Windows	12 Sep 201700:00	–	kaspersky

Source	Link
securityfocus	www.securityfocus.com/bid/100730
securitytracker	www.securitytracker.com/id/1039337
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8686
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

8.4High risk

Vulners AI Score8.4

CVSS 27.5

CVSS 39.8

EPSS0.27499

dynamic host configuration memory corruption buffer overflow arbitrary code execution failover server service failure