PT-2004-1931 · Microsoft · Windows Nt 4.0 Terminal Server Edition+1

Kostya Kortchinsky

Published

2004-12-15

Updated

2018-10-12

CVE-2004-0899

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Microsoft Windows NT 4.0 Server and Terminal Server Edition

Description: The issue is related to the DHCP Server service, where it fails to properly validate the length of certain messages when DHCP logging is enabled. This allows remote attackers to cause a denial of service, resulting in an application crash, by sending a malformed DHCP message.

Recommendations: For Microsoft Windows NT 4.0 Server and Terminal Server Edition, consider disabling DHCP logging as a temporary workaround to minimize the risk of exploitation. Restrict access to the DHCP Server service to prevent remote attackers from sending malformed messages.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0899

Affected Products

Windows Nt 4.0 Server

Windows Nt 4.0 Terminal Server Edition

PT-2004-1931 · Microsoft · Windows Nt 4.0 Terminal Server Edition+1

CVE-2004-0899

Related Identifiers

Affected Products

References · 5