Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: InfoSec Handlers Diary Blog - MS06-036 - unchecked buffer Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388) InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

MS06-036 - unchecked buffer Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388)

Published: 2006-07-11
Last Updated: 2006-07-11 22:03:06 UTC
by Patrick Nolan (Version: 1)
0 comment(s)
MS06-036 has been issued, MS has said systems "Primarily" at risk are Microsoft Windows 2000, Windows XP and Windows Server 2003.

"How could an attacker exploit the vulnerability?
An attacker could exploit the vulnerability by answering a client's DHCP request on the local subnet with malformed packets."

"Could the vulnerability be exploited over the Internet?
An attacker could try to exploit this vulnerability over the Internet."

"Are Windows 98, Windows 98 Second Edition or Windows Millennium Edition critically affected by this vulnerability?
No. Although Windows 98, Windows 98 Second Edition, and Windows Millennium Edition do contain the affected component, however the vulnerability is not critical."

CVE-2006-2372

Keywords:
0 comment(s)
Diary Archives