Check Point Advisories

Update Protection against Microsoft Windows DHCP Remote Code Execution Vulnerability (MS06-036)

Check Point Reference: CPAI-2006-101
Date Published: 12 Sep 2006
Severity: High
Last Updated: Wednesday 14 February, 2007
Source: Microsoft Security Bulletin MS06-036
Industry Reference:CVE-2006-2372
US-CERT VU#257164
Protection Provided by:
Who is Vulnerable? Microsoft Windows 2000 SP4
Microsoft Windows XP SP1
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition
Vulnerability Description Microsoft Windows contains a vulnerability in the way that it processes and logs DHCP messages. The Dynamic Host Configuration Protocol (DHCP) provides central management of IP addresses and other details related to the IP configuration used on the network. A remote user can exploit this vulnerability by sending a specially crafted DHCP message to a vulnerable DHCP server. This may result in remote code execution on the affected system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS06-036
Vulnerability DetailsThe vulnerability is caused due to a buffer overflow error in the way that DHCP validates a value from specially crafted network packets. A remote attacker can trigger the vulnerability by sending a malicious DHCP response to a DHCP request. Successful exploitation could result in arbitrary code execution and in the attacker?s complete control of an affected system.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.