Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:15040
HistoryDec 12, 2009 - 12:00 a.m.

Microsoft Windows LSASS服务ISAKMP消息远程拒绝服务漏洞(MS09-069)

2009-12-1200:00:00
Root
www.seebug.org
9

0.093 Low

EPSS

Percentile

94.1%

JSON

BUGTRAQ ID: 37218
CVE ID: CVE-2009-3675

Microsoft Windows是微软发布的非常流行的操作系统。

Windows系统上的本地安全权威子系统服务(LSASS)没有正确地处理特制的ISAKMP消息,如果通过认证的远程攻击者在通过IPSEC协议与受影响系统上的LSASS通讯期间发送了特制的ISAKMP消息,就可以耗尽系统资源。

Microsoft Windows XP SP3
Microsoft Windows XP SP2
Microsoft Windows Server 2003 SP2
Microsoft Windows 2000 Server SP4
临时解决方法:

  • 禁用IPSec服务。

厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS09-069)以及相应补丁:
MS09-069:Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)
链接:http://www.microsoft.com/technet/security/Bulletin/MS09-069.mspx?pf=true

Related

cvelist 1
openvas 2
securityvulns 2
cve 1
nessus 1
prion 1
cvelist
cvelist
CVE-2009-3675
2009-12-09 18:00:00
openvas
openvas
Microsoft Windows LSASS Denial of Service Vulnerability (975467)
2009-12-09 00:00:00
Microsoft Windows LSASS Denial of Service Vulnerability (975467)
2009-12-09 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS09-069 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)
2009-12-09 00:00:00
Microsoft Windows DoS
2009-12-09 00:00:00
cve
cve
CVE-2009-3675
2009-12-09 18:30:00
nessus
nessus
MS09-069: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)
2009-12-08 00:00:00
prion
prion
Design/Logic Flaw
2009-12-09 18:30:00

0.093 Low

EPSS

Percentile

94.1%

JSON
Related for SSV:15040
cvelist1openvas2securityvulns2cve1nessus1prion1