LDAP: Controls Mismatch
This anomaly triggers if the subsequent Lightweight Directory Access Protocol (LDAP) request in the Control tag's OID field contains a different value then in the first request. According to RFC 4511, this field must not change in the subsequent LDAP query requests. The server does not correctly handle this case and thus results a crash in Local Security Authority Subsystem Service (LSASS).
Extended Description
Microsoft Windows is prone to a remote denial-of-service vulnerability because Microsoft Active Directory and ADAM (Active Directory Application Mode) fail to handle specially crafted Lightweight Directory Access Protocol (LDAP) requests. An attacker can exploit this issue to cause the affected application to stop responding, denying further service to legitimate users. Note that an attacker requires valid logon credentials to exploit this issue on Windows Server 2003 and Windows XP. This issue affects Active Directory on Microsoft Windows 2000 and Windows Server 2003. The issue affects ADAM when installed on Windows XP and Windows Server 2003.
Affected Products
Avaya messaging_application_server,Microsoft windows_2000_server
Short Name
LDAP:CONTROLS-MISMATCH
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
LDAP
Keywords
CVE-2008-0088 bid:27638
Release Date
02/26/2008
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
Avaya
CVSS Score
6.8