Microsoft Windows Active Directory Vulnerability( 11 June 2008 )
RISK: Medium Risk
A denial of service vulnerability exists in implementations of Active Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008. The vulnerability also exists in implementations of Active Directory Application Mode (ADAM) when installed on Windows XP and Windows Server 2003 and Active Directory Lightweight Directory Services (AD LDS) when installed on Windows Server 2008. The vulnerability is due to insufficient validation of specially crafted LDAP requests. An attacker who successfully exploited this vulnerability could cause the computer to stop responding and automatically restart.
Impact
- Denial of Service
System / Technologies affected
- Microsoft Windows 2000
- Windows XP
- Windows Server 2003
- Windows Server 2008
- Active Directory
- ADAM
- AD LDS
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch
- Microsoft Windows 2000 Server Service Pack 4
- Active Directory - Windows XP Professional Service Pack 2
- ADAM - Windows XP Professional Service Pack 3
- ADAM - Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
- ADAM - Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
- Active Directory
- ADAM - Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
- Active Directory
- ADAM - Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
- Active Directory - Windows Server 2008 for 32-bit Systems
- Active Directory
- AD LDS - Windows Server 2008 for x64-based Systems
- Active Directory
- AD LDS
Vulnerability Identifier
Source
Related Link
Share with