Oval Definition:oval:org.mitre.oval:def:4846
Revision Date:2008-03-24Version:44
Title:Windows NT DHCP Request Code Execution Vulnerability (Terminal Server)
Description:The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not properly validate the length of certain messages, which allows remote attackers to execute arbitrary code via a malformed DHCP message, aka the "DHCP Request Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0900
Platform(s):Microsoft Windows NT
Product(s):DHCP
Definition Synopsis
  • Microsoft Windows NT is installed
  • AND this is an NT Terminal Server
  • AND NOT the patch KB885249 is installed (Hotfix key)
  • AND the version of Dhcpssvc.dll is less than 4.0.1381.33587
  • BACK