Skip navigation

Multiple Vulnerabilities in Microsoft Windows NT 4.0 DHCP

Reported December 14, 2004, by Microsoft


·         Microsoft Windows NT Server 4.0 Service Pack 6a

·         Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

Two vulnerabilities exist in DHCP, the more serious of which could result in the execution of arbitrary code on the vulnerable system. A potential attacker who successfully exploited the more severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

Microsoft has released Security Bulletin MS04-042, "Vulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (885249)," to address these vulnerabilities and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

Discovered by Kostya Kortchinsky from CERT RENATER.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.