Vulnerability Details CVE-2004-0899
The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP message, aka "Logging Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.373
EPSS Ranking 97.0%
CVSS Severity
CVSS v2 Score 5.0
References
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-042
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18341
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2280
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4282
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-042
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18341
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2280
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4282
Products affected by CVE-2004-0899
-
cpe:2.3:o:microsoft:windows_nt:4.0