New exploit in the wild.
The exploit claims to add the user “bl4ck” with a very insecure password and might cause the service to terminate. The author left some suggestions for “improvement” in the source code, so expect potentially nastier versions to be used in real life.
If you still have not patched your Windows client systems, it is a very good time to do so now.
The nature of DHCP makes it so that any device on a LAN can answer any and all DHCP request. So be sure people understand there is no need to attack or compromise any server first. Detecting this is helped slightly by DHCP’s use of broadcasts (the client doesn’t have an IP address).
Not sure how many people still use Windows 2000 but, no doubt it’s a large number.
[tags]Windows 2000, DHCP Exploit, MS06-036 Exploit, DHCP Client Exploit[/tags]
