| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.0 | $0-$5k | 0.00 |
Summary
A vulnerability classified as problematic was found in Microsoft Windows NT 4.0. This affects an unknown part of the component Server. Executing a manipulation as part of Network Packet can lead to memory corruption. This vulnerability is handled as CVE-2004-0899. The attack can be executed remotely. There is not any exploit available. It is advisable to implement a patch to correct this issue.
Details
A vulnerability classified as critical was found in Microsoft Windows NT 4.0 (Operating System). This vulnerability affects an unknown function of the component Server. The manipulation as part of a Network Packet leads to a memory corruption vulnerability. The CWE definition for the vulnerability is CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. As an impact it is known to affect confidentiality, integrity, and availability.
The bug was discovered 12/14/2004. The weakness was released 12/14/2004 by Kostya Kortchinsky with CERT Renater as MS04-042 as confirmed bulletin (Technet). The advisory is shared for download at microsoft.com. This vulnerability was named CVE-2004-0899 since 09/22/2004. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. There are neither technical details nor an exploit publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 20368 (MS04-042: Windows NT Multiple DHCP Vulnerabilities (885249) (uncredentialed check)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows and running in the context r. The commercial vulnerability scanner Qualys is able to test this issue with plugin 90203 (Microsoft DHCP Remote Code Execution and Denial of Service (MS04-042)).
Applying the patch MS04-042 is able to eliminate this problem. The bugfix is ready for download at microsoft.com. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 31771.
The vulnerability is also documented in the databases at X-Force (18341), Tenable (20368), SecurityFocus (BID 11919†), OSVDB (12371†) and Secunia (SA13463†). Entry connected to this vulnerability is available at VDB-1037. Once again VulDB remains the best source for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.microsoft.com/
- Product: https://www.microsoft.com/en-us/windows
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.3VulDB Meta Temp Score: 7.0
VulDB Base Score: 7.3
VulDB Temp Score: 7.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Memory corruptionCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 20368
Nessus Name: MS04-042: Windows NT Multiple DHCP Vulnerabilities (885249) (uncredentialed check)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
0-Day Time: 🔍
Patch: MS04-042
TippingPoint: 🔍
McAfee IPS: 🔍
McAfee IPS Version: 🔍
PaloAlto IPS: 🔍
Fortigate IPS: 🔍
Timeline
09/22/2004 🔍12/14/2004 🔍
12/14/2004 🔍
12/14/2004 🔍
12/14/2004 🔍
12/14/2004 🔍
12/14/2004 🔍
12/15/2004 🔍
12/17/2004 🔍
01/10/2005 🔍
01/03/2006 🔍
03/10/2021 🔍
Sources
Vendor: microsoft.comProduct: microsoft.com
Advisory: MS04-042
Researcher: Kostya Kortchinsky
Organization: CERT Renater
Status: Confirmed
CVE: CVE-2004-0899 (🔍)
GCVE (CVE): GCVE-0-2004-0899
GCVE (VulDB): GCVE-100-1036
OVAL: 🔍
X-Force: 18341 - Microsoft Windows NT DHCP MachineName denial of service, Medium Risk
SecurityFocus: 11919 - Microsoft Windows DHCP Server Logging Remote Denial Of Service Vulnerability
Secunia: 13463 - Microsoft Windows NT DHCP Buffer Overflow Vulnerabilities, Moderately Critical
OSVDB: 12371 - Microsoft Windows NT Malformed DHCP Packet Remote Overflow DoS
SecuriTeam: securiteam.com
Vulnerability Center: 6496 - [MS04-042] DoS in Microsoft Windows NT DHCP Service via Malformed Logging Message, Medium
See also: 🔍
Entry
Created: 12/17/2004 14:46Updated: 03/10/2021 11:26
Changes: 12/17/2004 14:46 (99), 06/30/2019 14:36 (3), 03/10/2021 11:26 (2)
Complete: 🔍
Cache ID: 216::103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.