CVE-2006-2372
7.8 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.963 High
EPSS
Percentile
99.5%
Buffer overflow in the DHCP Client service for Microsoft Windows 2000 SP4, Windows XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a crafted DHCP response.
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft:dhcp_client_service | microsoft dhcp client service | eq | * |
References
archives.neohapsis.com/archives/fulldisclosure/2006-07/0222.html
secunia.com/advisories/21010
securityreason.com/securityalert/1201
securitytracker.com/id?1016468
www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_Microsoft_Windows_DHCP_Client_Service_Remote_Buffer_Overflow.pdf
www.kb.cert.org/vuls/id/257164
www.osvdb.org/27151
www.securityfocus.com/archive/1/439675/100/0/threaded
www.securityfocus.com/archive/1/444631/100/0/threaded
www.securityfocus.com/bid/18923
www.us-cert.gov/cas/techalerts/TA06-192A.html
www.vupen.com/english/advisories/2006/2754
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-036
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A232
www.exploit-db.com/exploits/2054
Related
7.8 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.963 High
EPSS
Percentile
99.5%