Re: How can I solve This?
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 02/12/04
- Next message: Shenan Stanley: "Re: Choose from multiple domains in logon box?"
- Previous message: removethis: "Am I in control?"
- In reply to: KMILO: "How can I solve This?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 11 Feb 2004 22:57:01 -0700
Perhaps you would entertain using the MS DNS server
and the DHCP client that is built into all recent versions
of Windows ??
-- Roger Abell Microsoft MVP (Windows Server System: Security) MCSE (W2k3,W2k,Nt4) MCDBA "KMILO" <dcmilo@hotmail.com> wrote in message news:f05901c3f0ed$03f2b920$a501280a@phx.gbl... > Internet Software Consortium (ISC) Dynamic Host > Configuration Protocol (DHCP) daemon versions 3 through > 3.0.1rc8 are vulnerable to a format string attack that > could allow a remote attacker to gain root privileges on > the system. The NSUPDATE option that is installed with > DHCPD by default returns a DNS (Domain Name System) update > request after processing a DHCP request. Once the request > is received by the DNS server, a response is returned, > which is logged by the DHCP server. A remote attacker > could supply a malicious format string as part of the > hostname in the DNS response, which could allow the > attacker to execute arbitrary code on the system with root > privileges, once the response is logged
- Next message: Shenan Stanley: "Re: Choose from multiple domains in logon box?"
- Previous message: removethis: "Am I in control?"
- In reply to: KMILO: "How can I solve This?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
