SB2019081327 - Multiple vulnerabilities in Microsoft Windows DHCP server

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2019-1206)

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. A remote attacker can send a specially crafted request to the affected service, trigger memory corruption and perform denial of service attack.

Note, the DHCP server must be set to failover mode for the attack to succeed.

2) Buffer overflow (CVE-ID: CVE-2019-1212)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error the Windows Server DHCP service when processing DHCP packets. A remote attacker can create specially crafted DHCP packets to the affected service, trigger memory corruption and perform denial of service attack.

3) Buffer overflow (CVE-ID: CVE-2019-1213)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error the Windows Server DHCP service when processing DHCP packets. A remote attacker can send specially crafted DHCP packets to the affected service, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1206
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1212
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1213