New Search

Windows DHCP Server Remote Code Execution Vulnerability - CVE-2019-0725

oval:org.cisecurity:def:6457

A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server. To exploit the vulnerability a remote unauthenticated attacker could send a specially crafted packet to an affected DHCP server. The security update addresses the vulnerability by correcting how DHCP servers handle network packets.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
Class:
vulnerability
Reference(s):
  • CVE-2019-0725
  • MSRC-CVE-2019-0725
  • KB4499175
  • KB4499158
  • KB4499165
  • KB4494440
  • KB4494441
Product(s):