Microsoft Windows LDAP Crafted Request DoS

2004-04-13T17:50:33
ID OSVDB:5249
Type osvdb
Reporter Carlos Sarraute()
Modified 2004-04-13T17:50:33

Description

Vulnerability Description

Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted LDAP request is sent to a Windows 2000 server functioning as a domain controller, and will result in loss of availability for the service.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted LDAP request is sent to a Windows 2000 server functioning as a domain controller, and will result in loss of availability for the service.

References:

US-CERT Cyber Security Alert: TA04-104A Secunia Advisory ID:11064 Related OSVDB ID: 5261 Related OSVDB ID: 5251 Related OSVDB ID: 5254 Related OSVDB ID: 5255 Related OSVDB ID: 5256 Related OSVDB ID: 5260 Related OSVDB ID: 5257 Related OSVDB ID: 5248 Related OSVDB ID: 5250 Related OSVDB ID: 5252 Related OSVDB ID: 5253 Related OSVDB ID: 5258 Related OSVDB ID: 5259 OVAL ID: 1016 Nessus Plugin ID:12209 Microsoft Security Bulletin: MS04-011 ISS X-Force ID: 15700 ISS X-Force ID: 15818 CVE-2003-0663 CIAC Advisory: o-114 CERT VU: 639428 Bugtraq ID: 10114