Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 DHCP:ERROR:INV-HW-LEN

Severity

 High

Recommended

 No

Category

 DHCP

Keywords

 MS04-42

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DHCP: Invalid HW Length Error


This protocol anomaly is a DHCP message that has an invalid HW length. For Ethernet, the HW length should be 6 (the length of a MAC address).

Extended Description

Microsoft Windows DHCP server on NT 4 server platforms is reported susceptible to a remote buffer overflow vulnerability. This issue is due to insufficient bounds checking of user-supplied network data. This vulnerability allows remote attackers to execute arbitrary code in the context of the affected service. The DHCP server is running with administrative privileges, allowing remote attackers to gain administrative access, or to crash the affected service, denying service to legitimate users. This may allow attackers to interrupt network services to an entire network. It is noted that the service is not installed by default.

Affected Products

  • Microsoft Windows NT 4.0
  • Microsoft Windows NT 4.0 alpha
  • Microsoft Windows NT 4.0 SP1
  • Microsoft Windows NT 4.0 SP1 alpha
  • Microsoft Windows NT 4.0 SP2
  • Microsoft Windows NT 4.0 SP2 alpha
  • Microsoft Windows NT 4.0 SP3
  • Microsoft Windows NT 4.0 SP3 alpha
  • Microsoft Windows NT 4.0 SP4
  • Microsoft Windows NT 4.0 SP4 alpha
  • Microsoft Windows NT 4.0 SP5
  • Microsoft Windows NT 4.0 SP5 alpha
  • Microsoft Windows NT 4.0 SP6
  • Microsoft Windows NT 4.0 SP6a
  • Microsoft Windows NT 4.0 SP6a alpha
  • Microsoft Windows NT 4.0 SP6 alpha
  • Microsoft Windows NT Enterprise Server 4.0
  • Microsoft Windows NT Enterprise Server 4.0 SP1
  • Microsoft Windows NT Enterprise Server 4.0 SP2
  • Microsoft Windows NT Enterprise Server 4.0 SP3
  • Microsoft Windows NT Enterprise Server 4.0 SP4
  • Microsoft Windows NT Enterprise Server 4.0 SP5
  • Microsoft Windows NT Enterprise Server 4.0 SP6
  • Microsoft Windows NT Enterprise Server 4.0 SP6a
  • Microsoft Windows NT Server 4.0
  • Microsoft Windows NT Server 4.0 SP1
  • Microsoft Windows NT Server 4.0 SP2
  • Microsoft Windows NT Server 4.0 SP3
  • Microsoft Windows NT Server 4.0 SP4
  • Microsoft Windows NT Server 4.0 SP5
  • Microsoft Windows NT Server 4.0 SP6
  • Microsoft Windows NT Server 4.0 SP6a
  • Microsoft Windows NT Terminal Server 4.0
  • Microsoft Windows NT Terminal Server 4.0 alpha
  • Microsoft Windows NT Terminal Server 4.0 SP1
  • Microsoft Windows NT Terminal Server 4.0 SP2
  • Microsoft Windows NT Terminal Server 4.0 SP3
  • Microsoft Windows NT Terminal Server 4.0 SP4
  • Microsoft Windows NT Terminal Server 4.0 SP5
  • Microsoft Windows NT Terminal Server 4.0 SP6
  • Microsoft Windows NT Terminal Server 4.0 SP6a
  • Microsoft Windows NT Workstation 4.0
  • Microsoft Windows NT Workstation 4.0 SP1
  • Microsoft Windows NT Workstation 4.0 SP2
  • Microsoft Windows NT Workstation 4.0 SP3
  • Microsoft Windows NT Workstation 4.0 SP4
  • Microsoft Windows NT Workstation 4.0 SP5
  • Microsoft Windows NT Workstation 4.0 SP6
  • Microsoft Windows NT Workstation 4.0 SP6a

References

  • BugTraq: 11920
  • CVE: CVE-2004-0900
  • URL: http://www.ietf.org/rfc/rfc2131.txt
  • URL: http://www.microsoft.com/technet/security/Bulletin/MS04-042.mspx

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out