Microsoft Active Directory LDAP Modify Request Buffer Overflow (MS07-039) - Ver2 (CVE-2007-0040)

Lightweight Directory Access Protocol LDAP is Internet standard protocol designed for querying and modifying directory services. Multiple vulnerabilities have been reported in Microsoft Windows Active Directory. The flaws are in the way the Active Directory handles LDAP requests. The...

Microsoft Windows活动目录LDAP请求验证远程拒绝服务漏洞（MS07-039）

BUGTRAQ ID: 24796 CVECAN ID: CVE-2007-3028 Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft活动目录在处理畸形的请求数据时存在漏洞，远程攻击者可能利用此漏洞导致服务不可用。 Microsoft活动目录没有正确地验证LDAP请求中可转换属性的数量，攻击者可能通过向运行活动目录的服务器发送特制的LDAP请求来利用该漏洞，成功利用此漏洞的攻击者可能导致服务器暂时停止响应。 Microsoft Windows 2000 Server SP4 临时解决方法： 在防火墙处阻止TCP端口389和3268。...

Microsoft Windows Active Directory fails to properly validate client sent LDAP requests

Overview Microsoft Windows Active Directory fails to properly validate client-sent LDAP requests and may result in a denial of service condition. Description Microsoft Windows Active Directory contains a vulnerability in the way that the LDAP service validates the number of convertible attributes...

Microsoft Active Directory LDAP Modify Request Buffer Overflow (MS07-039; CVE-2007-0040)

Lightweight Directory Access Protocol LDAP is Internet standard protocol designed for querying and modifying directory services. Multiple vulnerabilities have been reported in Microsoft Windows Active Directory. The flaws are in the way the Active Directory handles LDAP requests. The...

MS07-039: Microsoft Windows Active Directory LDAP Service Remote Code Execution (926122)

The remote version of Active Directory contains a flaw in the LDAP request handler code that allows an attacker to execute code on the remote host. On Windows 2000 an anonymous attacker can exploit this flaw by sending a specially crafted LDAP packet. On Windows 2003 valid credentials are needed ...