|
|
|
|
| |
Credit:
The information has been provided by Microsoft Product Security.
The original article can be found at: http://www.microsoft.com/technet/security/bulletin/ms08-035.mspx
|
| |
Affected Software:
* Microsoft Windows 2000 Server Service Pack 4 - Active Directory (KB949014) - Denial of Service - Important - MS08-003
* Windows XP Professional Service Pack 2 - ADAM (KB949269) - Denial of Service - Moderate - MS08-003
* Windows XP Professional Service Pack 3 - ADAM (KB949269) - Denial of Service - Moderate - None
* Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 - ADAM (KB949269) - Denial of Service - Moderate - MS08-003
* Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 - Active Directory (KB949014) - Denial of Service - Moderate - MS08-003
* Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 - ADAM (KB949269) - Denial of Service - Moderate - MS08-003
* Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 - Active Directory (KB949014) - Denial of Service - Moderate - MS08-003
* Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 - ADAM (KB949269) - Denial of Service - Moderate - MS08-003
* Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems - Active Directory (KB949014) - Denial of Service - Moderate - MS08-003
* Windows Server 2008 for 32-bit Systems* - Active Directory (KB949014) - Denial of Service - Moderate - None
* Windows Server 2008 for 32-bit Systems* - AD LDS (KB949014) - Denial of Service - Moderate - None
* Windows Server 2008 for x64-based Systems* - Active Directory (KB949014) - Denial of Service - Moderate - None
* Windows Server 2008 for x64-based Systems* - AD LDS (KB949014) - Denial of Service - Moderate - None
*For supported editions of Windows Server 2008, the same severity rating applies whether or not installed using the Server Core installation option. For more information on this installation option, see Server Core. Note that the Server Core installation option does not apply to certain editions of Windows Server 2008; see Compare Server Core Installation Options.
Non-Affected Software:
* Windows 2000 Professional Service Pack 4
* Windows XP Home Service Pack 2
* Windows XP Tablet Edition Service Pack 2
* Windows XP Media Center Edition Service Pack 2
* Windows Vista and Windows Vista Service Pack 1
* Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
* Windows Server 2008 for Itanium-based Systems
Note These editions of Windows are not affected because they do not include ADAM or the Active Directory server component.
Active Directory Vulnerability - CVE-2008-1445
A denial of service vulnerability exists in implementations of Active Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008. The vulnerability also exists in implementations of Active Directory Application Mode (ADAM) when installed on Windows XP and Windows Server 2003 and Active Directory Lightweight Directory Services (AD LDS) when installed on Windows Server 2008. The vulnerability is due to insufficient validation of specially crafted LDAP requests. An attacker who successfully exploited this vulnerability could cause the computer to stop responding and automatically restart.
CVE Information:
CVE-2008-1445
|
|
|
|
|
