LDAP: LSASS Heap Overflow Vulnerability
This signature detects attempts to exploit a known vulnerability in the implementation of the LDAP protocol Microsoft uses for Domain control. A malformed LDAP request can result in remote code execution.
Extended Description
Microsoft Windows Local Security Authority Subsystem Service (LSASS) is prone to a privilege-escalation vulnerability. This issue occurs in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (ADLDS). An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will facilitate in the complete compromise of affected computers.
Affected Products
Avaya messaging_application_server,Avaya meeting_exchange-webportal
Short Name
LDAP:LSASS-HEAP-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
LDAP
Keywords
CVE-2010-0820 Heap LSASS Overflow Vulnerability bid:43037
Release Date
09/14/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Avaya
Microsoft
CVSS Score
9.0