DHCP: Invalid HW Length Error
This protocol anomaly is a DHCP message that has an invalid HW length. For Ethernet, the HW length should be 6 (the length of a MAC address).
Extended Description
Microsoft Windows DHCP server on NT 4 server platforms is reported susceptible to a remote buffer overflow vulnerability. This issue is due to insufficient bounds checking of user-supplied network data. This vulnerability allows remote attackers to execute arbitrary code in the context of the affected service. The DHCP server is running with administrative privileges, allowing remote attackers to gain administrative access, or to crash the affected service, denying service to legitimate users. This may allow attackers to interrupt network services to an entire network. It is noted that the service is not installed by default.
Affected Products
Microsoft windows_nt
References
BugTraq: 11920
CVE: CVE-2004-0900
URL: http://www.ietf.org/rfc/rfc2131.txt http://www.microsoft.com/technet/security/Bulletin/MS04-042.mspx
Short Name
DHCP:ERROR:INV-HW-LEN
Severity
Major
Recommended
False
Recommended Action
None
Category
DHCP
Keywords
CVE-2004-0900 MS04-42 bid:11920
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
CVSS Score
10.0