Vulnerability Details CVE-2004-0900
The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not properly validate the length of certain messages, which allows remote attackers to execute arbitrary code via a malformed DHCP message, aka the "DHCP Request Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.415
EPSS Ranking 97.2%
CVSS Severity
CVSS v2 Score 10.0
References
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-042
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18342
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3577
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4846
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-042
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18342
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3577
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4846
Products affected by CVE-2004-0900
-
cpe:2.3:o:microsoft:windows_nt:4.0