-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
(The following advisory is also available in PDF
format for download at:
http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_Microsoft_Windows_DHCP_Client_Service_Remote_Buffer_Overflow.pdf
CYBSEC S.A.
www.cybsec.com
http://www.cybsec.com/vulnerability_policy.pdf
A remote buffer overflow vulnerability has been
identified in Microsoft Windows DHCP-Client
service.
Technical details will be released 30 days after
publication of this pre-advisory.
This was agreed upon with Microsoft to allow
their customers to upgrade affected software prior
to technical knowledge been publicly available.
Exploiting this vulnerability, an attacker would
be able to execute code remotely with SYSTEM
privileges over DHCP-enabled Microsoft Windows
systems.
Microsoft has released a hotfix to address this
vulnerability.
Customers should apply the hotfix immediately or
upgrade their systems through Microsoft Windows
Update system.
For more information regarding the vulnerability
feel free to contact
the author at mnunez {at} cybsec.com.
For more information regarding CYBSEC:
www.cybsec.com
(c) 2006 - CYBSEC S.A. Security Systems
Mariano Nuñez Di Croce
CYBSEC S.A. Security Systems
Email: [email protected]
Tel/Fax: (54-11) 4382-1600
Web: http://www.cybsec.com
PGP:
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x26B20899
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFEs+e0bbZGNCayCJkRAtxlAJ4r6zKhP2Uv/Tq8YOoAErDXn9lc8wCfcy8W
EMk1oIYCbhnNnm1PlElLpi8=
=3ZFG
-----END PGP SIGNATURE-----