Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-1206

Опубликовано: 14 авг. 2019
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Средний

Описание

A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive. To exploit the vulnerability, an attacker could send a specially crafted packet to a DHCP server. However, the DHCP server must be set to failover mode for the attack to succeed. The security update addresses the vulnerability by correcting how DHCP failover servers handle network packets.

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

EPSS

Процентиль: 95%
0.16729
Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVSS3: 7.5
msrc
почти 6 лет назад

Windows DHCP Server Denial of Service Vulnerability

github
около 3 лет назад

A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server, aka 'Windows DHCP Server Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1212.

CVSS3: 7.5
fstec
почти 6 лет назад

Уязвимость службы DHCP-сервера операционных систем Windows, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 95%
0.16729
Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-787