|
|
| |
Credit:
The information has been provided by Microsoft Product Security.
The original article can be found at: http://www.microsoft.com/technet/security/Bulletin/ms07-039.mspx
|
| |
Vulnerable Systems:
* Microsoft Windows 2000 Server Service Pack 4
* Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
* Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
* Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Immune Systems:
* Windows 2000 Professional Service Pack 4
* Windows XP Service Pack 2
* Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
* Windows Vista
* Windows Vista x64 Edition
* Active Directory Application Mode (ADAM) Service Pack 1
Windows Active Directory Remote Code Execution Vulnerability - CVE-2007-0040
A remote code execution vulnerability exists in the way that Active Directory validates a LDAP request. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
CVE Information:
CVE-2007-0040
Windows Active Directory Denial of Service Vulnerability - CVE-2007-3028
A denial of service vulnerability exists in the way that Microsoft Active Directory validates a client-sent LDAP request. An attacker could exploit the vulnerability by sending a specially crafted LDAP request to a server running Active Directory. An attacker who successfully exploited this vulnerability could cause the server to temporarily stop responding.
CVE Information:
CVE-2007-3028
|
|
|
