LDAP: Active Directory Denial of Service
This signature detects attempts to exploit a known vulnerability against Microsoft Active Directory. Versions supplied with Windows 2000 and Windows Server 2003 are vulnerable. Attackers can send malformed LDAP queries to a vulnerable server and cause a denial-of-service condition.
Extended Description
Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to cause a denial of service (system hang or reboot) via a crafted LDAP request.
Affected Products
Microsoft windows_xp
Short Name
LDAP:AD-LDAP-DOS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
LDAP
Keywords
Active CVE-2008-1445 Denial Directory Service bid:29584 of
Release Date
06/10/2008
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.1