This application requires Javascript for optimal performance.

LSASS.LDAP.Stack.Overflow

Release Date Nov 12, 2009
Severity high
Impact Denial of Service: Remote attackers can crash vulnerable systems.
Description This indicates an attack attempt against a denial of service vulnerability in Microsoft Active Directory. The vulnerability is caused by an error when the vulnerable software handles a malicious LDAP request. It allows a remote attacker to cause DoS via sending crafted LDAP request.
Affected Products Active Directory: Microsoft Windows 2000 Server Service Pack 4 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2* Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2* Active Directory Application Mode (ADAM) Windows XP Service Pack 2 and Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Active Directory Lightweight Directory Service (AD LDS) Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2* Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2*
Recommended Actions Apply patch, available from the web site: http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2009-1928
Reference/s http://www.microsoft.com/technet/security/Bulletin/MS09-066.mspx (MS-ID)

Reference: VID-17928

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2011 Fortinet Inc. All Rights Reserved