Microsoft Windows DHCP Client Service Crafted Response Overflow

2006-07-11T14:49:06
ID OSVDB:27151
Type osvdb
Reporter Mariano Nuñez Di Croce(mnunez@cybsec.com)
Modified 2006-07-11T14:49:06

Description

Vulnerability Description

An unspecified remote overflow exists in Windows. The DHCP client fails to validate unspecified input resulting in a buffer overflow. With a specially crafted DHCP response, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

An unspecified remote overflow exists in Windows. The DHCP client fails to validate unspecified input resulting in a buffer overflow. With a specially crafted DHCP response, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Security Tracker: 1016468 Secunia Advisory ID:21010 Other Advisory URL: http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_Microsoft_Windows_DHCP_Client_Service_Remote_Buffer_Overflow.pdf News Article: http://news.com.com/Attack+code+puts+Windows+PCs+at+risk/2100-7349_3-6098293.html Microsoft Security Bulletin: MS06-036 Microsoft Knowledge Base Article: 914388 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0222.html Generic Exploit URL: http://www.milw0rm.com/exploits/2054 FrSIRT Advisory: ADV-2006-2754 CVE-2006-2372 CERT VU: 257164 Bugtraq ID: 18923