Microsoft Windows DHCP Client Service Remote Buffer Overflow

原创 2007年09月23日 14:29:00
 

HTML Tags and JavaScript tutorial



Microsoft Windows DHCP Client Service Remote Buffer Overflow





 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
(The following advisory is also available in PDF format for download at:
http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_Microsoft_Windows_DHCP_Client_Service_Remote_Buffer_Overflow.pdf
)
CYBSEC S.A.
www.cybsec.com
Pre-Advisory Name: Microsoft Windows DHCP Client Service Remote Buffer Overflow
==================
Vulnerability Class: Buffer Overflow
====================
Release Date: 07/11/2006
=============
Affected Platforms:
===================
* Microsoft Windows 2000 (<= SP4)
* Microsoft Windows XP (<= SP2)
* Microsoft Windows 2003 (<= SP1)
Local / Remote: Remote
===============
Severity: High
=========
Author: Mariano Nuñez Di Croce
=======
Vendor Status:
==============
* Confirmed, update released.
Reference to Vulnerability Disclosure Policy:
=============================================
http://www.cybsec.com/vulnerability_policy.pdf
Vulnerability Description:
==========================
A remote buffer overflow vulnerability has been identified in Microsoft Windows DHCP-Client service.
Technical Details:
==================
Technical details will be released 30 days after publication of this pre-advisory.
This was agreed upon with Microsoft to allow their customers to upgrade affected software prior to technical knowledge been publicly available.
Impact:
=======
Exploiting this vulnerability, an attacker would be able to execute code remotely with SYSTEM privileges over DHCP-enabled Microsoft Windows systems.
Solutions:
==========
Microsoft has released a hotfix to address this vulnerability.
Customers should apply the hotfix immediately or upgrade their systems through Microsoft Windows Update system.
Vendor Response:
================
* 12/26/2005: Initial Vendor Contact.
* 01/19/2006: Vendor Confirmed Vulnerability.
* 07/11/2006: Vendor Releases Update.
* 07/11/2006: Pre-Advisory Public Disclosure.
Contact Information:
====================
For more information regarding the vulnerability feel free to contact
the author at mnunez {at} cybsec.com.
For more information regarding CYBSEC: www.cybsec.com
(c) 2006 - CYBSEC S.A. Security Systems
- --
- ------------------------------
Mariano Nuñez Di Croce
CYBSEC S.A. Security Systems
Email: mnunez@xxxxxxxxxx
Tel/Fax: (54-11) 4382-1600
Web:
http://www.cybsec.com
PGP:
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x26B20899
- ------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFEs+e0bbZGNCayCJkRAtxlAJ4r6zKhP2Uv/Tq8YOoAErDXn9lc8wCfcy8W
EMk1oIYCbhnNnm1PlElLpi8=
=3ZFG
-----END PGP SIGNATURE-----


Microsoft IIS FTP Service Remote Buffer Overflow Vulnerability

Microsoft IIS is prone to a buffer-overflow vulnerability affecting the application's FTP service. ...
  • xhydra
  • xhydra
  • 2012年02月20日 00:44
  • 392

DHCP Client服务(位于本计算机上)错误5:拒绝访问的解决方法

【本文原创作者:书生的学习笔记】 链接地址: http://www.gscholar.cn/2014/04/dhcp-client-error5.html一台Windows 7(32位)的笔记本通过...
  • ageovb
  • ageovb
  • 2016年10月24日 21:36
  • 4004

解决Win7系统DHCP Client服务已设置为“自动”开机仍然无法启动问题

【前言】 问题描述:由于使用了管家、360等软件进行过网络优化,导致每次开机不能正常获取IP连接网络,并且系统服务项DHCP Client已设置为“自动”,但是开机仍无法正常启动。网上大部分解决方法千...
  • w47_csdn
  • w47_csdn
  • 2017年09月29日 20:06
  • 1278

audioFlinger提示recordThread:buffer overflow错误解决

今天解决领导遇到的一个问题,在使用audiorecord读取语音数据的时候提示audioFlinger audioThread:buffer overflow,使用的机器是MOTO G的。 操作系统...
  • wz19870429
  • wz19870429
  • 2016年11月15日 22:55
  • 1876

适用于 Microsoft Windows(32 位)的 Instant Client

适用于 Microsoft Windows(32 位)的 Instant Client 安装步骤: 1.下载instantclient-basic-win32-11.2.0...
  • jojojojo2002
  • jojojojo2002
  • 2014年06月04日 14:13
  • 1414

无法启动DHCP CLient服务,错误 5

新部署的Windows Server 2003系统,在更新了114个更新重启后发现DHCP Client 服务无法启动,错误代码5:访问被拒绝。于是Google+Baidu,发现微软已有解决的办法:h...
  • kinber
  • kinber
  • 2010年02月05日 11:35
  • 8695

关于buffer overflow detected 程序崩溃的思考

我是在使用别人源码(DBT2 benchmark)的时候,编译成功一运行就出现了这个问题。本以为像这种开源的软件应该没什么bug,但是仔细想想,buffer overflow暗示着指针操作内存不当导致...
  • hustsselbj
  • hustsselbj
  • 2015年07月09日 08:45
  • 5202

应用程序运行***buffer overflow detected*** terminated Aborted异常退出问题

今天运行程序,改了一段代码!然后每次一运行程序就异常退出,打印如下信息: *** buffer overflow detected ***: ./shm_costomer terminated Abo...
  • coding__madman
  • coding__madman
  • 2016年05月26日 15:03
  • 2421

Microsoft Windows NetDDE Remote Buffer Overflow Exploit (MS04-031)

Date : 31/12/2004/* HOD-ms04031-netdde-expl.c: 2004-12-30: PUBLIC v.0.2 * * Copyright (c) 2004 h...
  • dcboy
  • dcboy
  • 2005年01月01日 12:36
  • 929

关于buffer overflow

可能是唯一一篇gb的写overflow的文章,好像译至aleph1的那篇文章 zer9提到后我才想起来把他贴上来,呵呵 Buffer Overflow 机理剖析 使用Buffer Overflow 方...
  • eroswang
  • eroswang
  • 2009年05月19日 23:18
  • 5467
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:Microsoft Windows DHCP Client Service Remote Buffer Overflow
举报原因:
原因补充:

(最多只允许输入30个字)