Update Protection against Microsoft TCP/IP DHCP Denial Of Service Vulnerability (MS08-004)
| Check Point Reference: | CPAI-2008-026 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Microsoft Security Bulletin MS08-004 | |
| Industry Reference(s): | CVE-2008-0084 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Windows Vista Windows Vista x64 Edition | ||
| Vulnerability Description A denial of service vulnerability has been reported in the Microsoft Windows TCP/IP handling of certain DHCP packets. The Dynamic Host Configuration Protocol (DHCP) provides central management of IP addresses and other details related to the IP configuration used on the network. An attacker can exploit this vulnerability by sending a specially crafted packet through a malicious DHCP server. This may result in a denial of service condition on the vulnerable host. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS08-004 |
|
|
Vulnerability Details The vulnerability is due to an error in Microsoft Windows TCP/IP that fails to properly handle malformed DHCP packets. To trigger this issue, an attacker may create a malicious DHCP server and send packets through it to a vulnerable host. Successful exploitation may create a denial of service condition on the target host. |
Protection Overview
By enabling this protection, SmartDefense will detect and block malformed DHCP packets sent from a malicious server.
In order for the protection to be activated, update your VPN-1/IPS-1 product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.