Lucene search
K

4 matches found

seebug.org
seebug.org
added 2007/07/12 12:0 a.m.41 views

Microsoft Windows活动目录LDAP请求验证远程拒绝服务漏洞(MS07-039)

BUGTRAQ ID: 24796 CVECAN ID: CVE-2007-3028 Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft活动目录在处理畸形的请求数据时存在漏洞,远程攻击者可能利用此漏洞导致服务不可用。 Microsoft活动目录没有正确地验证LDAP请求中可转换属性的数量,攻击者可能通过向运行活动目录的服务器发送特制的LDAP请求来利用该漏洞,成功利用此漏洞的攻击者可能导致服务器暂时停止响应。 Microsoft Windows 2000 Server SP4 临时解决方法: 在防火墙处阻止TCP端口389和3268。...

5CVSS6.9AI score0.39668EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/07/11 12:0 a.m.30 views

MS07-039: Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122) (uncredentialed check)

The remote version of Active Directory contains a flaw in the LDAP request handler code that may allow an attacker to execute code on the remote host. On Windows 2000, an anonymous attacker can exploit this flaw by sending a specially crafted LDAP packet. Additionally, Active Directory is affecte...

10CVSS5.8AI score0.39668EPSS
Exploits1References3
CVE
CVE
added 2007/07/10 10:0 p.m.62 views

CVE-2007-3028

CVE-2007-3028 describes a denial-of-service vulnerability in Windows 2000 Server SP4 where the LDAP service in Active Directory fails to properly validate the number of convertible attributes in client-sent LDAP requests. The linked materials indicate this is a separate issue from CVE-2007-0040, ...

5CVSS6.1AI score0.39668EPSS
Exploits1References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/07/10 12:0 a.m.69 views

MS07-039: Microsoft Windows Active Directory LDAP Service Remote Code Execution (926122)

The remote version of Active Directory contains a flaw in the LDAP request handler code that allows an attacker to execute code on the remote host. On Windows 2000 an anonymous attacker can exploit this flaw by sending a specially crafted LDAP packet. On Windows 2003 valid credentials are needed ...

10CVSS6AI score0.39668EPSS
Exploits1References3
Rows per page
Query Builder