Strike ID:
E19-0r8p1
CVSS:
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
False Positive:
t
Variants:
1
Year:
2019

Description

This strike reproduces an attack on Microsoft Windows DHCP client, on a buffer overflow vulnerability. The flaw results from the lack of field counting when parsing Options fields in a DHCP ACK packet, resulting in overwrite of memory areas. As a consequence of exploiting this bug, a remote attacker controlling a DHCP server may take advantage and gain control of vulnerable Windows-based DHCP clients.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}