Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:2907
HistoryFeb 20, 2008 - 12:00 a.m.

Microsoft Windows Vista DHCP远程拒绝服务漏洞(MS08-004)

2008-02-2000:00:00
Root
www.seebug.org
9

0.946 High

EPSS

Percentile

99.0%

JSON

BUGTRAQ ID: 27634
CVE(CAN) ID: CVE-2008-0084

Windows Vista是微软发布的最新版本的操作系统。

Windows Vista的TCP/IP栈处理从DHCP服务器接收到报文的方式存在拒绝服务漏洞,攻击者可以创建特制的DHCP服务器,该服务器会向主机返回特制报文,破坏TCP/IP结构,导致受影响系统停止响应并自动重启。

Microsoft Windows Vista
临时解决方法:

  • 为客户端机器分配静态的IP地址而不是自动请求IP地址:

    1. 在客户端机器上,点击“控制面板”,然后点击“网络和共享中心”
    2. “本地连接”然后点击“查看状态”
    3. 点击“属性”
    4. 点击“Internet协议版本4(TCP/IPv4)”然后点击“属性”
    5. 选择“使用下面的IP地址”然后输入IP地址、子网掩码、默认网关和首选DNS服
      务器
    6. 点击“确定”

厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS08-004)以及相应补丁:
MS08-004:Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)
链接:<a href=“http://www.microsoft.com/technet/security/Bulletin/MS08-004.mspx?pf=true” target=“_blank”>http://www.microsoft.com/technet/security/Bulletin/MS08-004.mspx?pf=true</a>

补丁下载:
<a href=“http://www.microsoft.com/downloads/details.aspx?familyid=8ce9608b-7049-47cd-adc4-22a803877d33” target=“_blank”>http://www.microsoft.com/downloads/details.aspx?familyid=8ce9608b-7049-47cd-adc4-22a803877d33</a>
<a href=“http://www.microsoft.com/downloads/details.aspx?familyid=d7b9c3d1-9c23-4e05-bac6-d0b327feaf53” target=“_blank”>http://www.microsoft.com/downloads/details.aspx?familyid=d7b9c3d1-9c23-4e05-bac6-d0b327feaf53</a>

Related

cve 1
openvas 2
checkpoint_advisories 1
securityvulns 2
prion 1
nessus 1
cve
cve
CVE-2008-0084
2008-02-12 21:00:00
openvas
openvas
Microsoft Windows TCP/IP Denial of Service Vulnerability (946456)
2011-01-13 00:00:00
Microsoft Windows TCP/IP Denial of Service Vulnerability (946456)
2011-01-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows DHCP Packets Handling Denial of Service (MS08-004; CVE-2008-0084)
2008-01-31 00:00:00
securityvulns
securityvulns
Microsoft Windows Vista DoS
2008-02-12 00:00:00
Microsoft Security Bulletin MS08-004 – Important Vulnerability in Windows TCP/IP Could Allow Denial of Service &#40;946456&#41;
2008-02-12 00:00:00
prion
prion
Code injection
2008-02-12 21:00:00
nessus
nessus
MS08-004: Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)
2008-02-12 00:00:00

0.946 High

EPSS

Percentile

99.0%

JSON
Related for SSV:2907
cve1openvas2checkpoint_advisories1securityvulns2prion1nessus1