Lucene search
K

6 matches found

seebug.org
seebug.org
added 2009/06/11 12:0 a.m.26 views

Microsoft活动目录服务LDAP报文内存破坏漏洞(MS09-018)

BUGTRAQ ID: 35226 CVECAN ID: CVE-2009-1138 Microsoft Windows是微软发布的非常流行的操作系统。 由于在处理特制LDAP或LDAPS请求时没有正确地释放内存,Windows 2000 Server上的Active Directory实现中存在一个远程执行代码漏洞。攻击者可能通过向运行Windows 2000 的域控制器发送特制的LDA 或LDAPS报文来利用该漏洞。任何可以访问目标网络的匿名用户均可以向受影响的系统传递特制报文以利用此漏洞。 Microsoft Windows 2000 Server SP4 临时解决方法:...

10CVSS6.9AI score0.39404EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/06/11 12:0 a.m.58 views

Microsoft Active Directory LDAP Remote Code Execution Vulnerability (969805)

This host is missing a critical security update according to Microsoft Bulletin MS09-018. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS5AI score0.39404EPSS
Exploits2References4
NVD
NVD
added 2009/06/10 6:0 p.m.19 views

CVE-2009-1138

The LDAP service in Active Directory on Microsoft Windows 2000 SP4 does not properly free memory for LDAP and LDAPS requests, which allows remote attackers to execute arbitrary code via a request that uses hexadecimal encoding, whose associated memory is not released, related to a "DN...

10CVSS7.5AI score0.39404EPSS
Exploits1References10
CVE
CVE
added 2009/06/10 5:37 p.m.60 views

CVE-2009-1138

CVE-2009-1138 concerns Microsoft Active Directory on Windows 2000 Server SP4, where the LDAP/LDAPS service fails to free memory for certain hex-encoded requests. The underlying issue, described as an invalid free/memory leak, can allow a remote attacker to cause arbitrary code execution on the ta...

10CVSS7.6AI score0.39404EPSS
Exploits1References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/06/10 12:0 a.m.33 views

MS09-018: Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055)

The version of Microsoft Active Directory / Active Directory Application Mode installed on the remote host is affected by one or both of the following vulnerabilities : - A flaw involving the way memory is freed when handling specially crafted LDAP or LDAPS requests allows a remote attacker to...

10CVSS6.5AI score0.39404EPSS
Exploits2References3
Check Point Advisories
Check Point Advisories
added 2009/06/09 12:0 a.m.16 views

Microsoft Active Directory LDAP Invalid Free Allocation (MS09-018; CVE-2009-1138)

Active Directory provides central authentication and authorization services for Windows-based systems. Active Directory Application Mode ADAM is a Lightweight Directory Access Protocol LDAP directory service that runs as a user service. A remote code execution vulnerability has been reported in...

10CVSS7.5AI score0.39404EPSS
Exploits1
Rows per page
Query Builder