CVE-2006-2372

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000 SP4 Microsoft Windows XP SP1 and SP2 Microsoft Windows Server 2003 up to SP1

Description The issue is related to a buffer overflow in the DHCP Client service, allowing remote attackers to execute arbitrary code via a crafted DHCP response. This is a remote code execution vulnerability that could allow an attacker to take complete control of the affected system.

Recommendations For Microsoft Windows 2000 SP4, update to a newer version to mitigate the risk. For Microsoft Windows XP SP1 and SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2003 up to SP1, update to a newer version to mitigate the risk. As a temporary workaround, consider disabling the DHCP Client service until a patch is available.