Overview
» IDS/IPS Signatures
Security Sites
Products
White Papers
Data Sheets
Case Studies
Support Login
Locate a Partner
iPolicy Networks Security Advisory
 

Microsoft Windows Active Directory Buffer Overflow Vulnerability
Date Discovered: 10/14/2008
Severity: High
Operating Systems Affected: Microsoft Windows Server 2000 SP4
Synopsis
Microsoft Active Directory is prone to buffer overflow vulnerability. The vulnerability is caused by incorrect memory allocation when receiving specially crafted LDAP or LDAPS requests.
Recommended Actions
Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-060.mspx
Threat Analysis
Active Directory is to provide central authentication and authorization services for Windows-based computers. The vulnerability is due to LDAP service incorrectly allocates memory for specially crafted LDAP or LDAPS requests.

An attacker who successfully exploited this vulnerability could take complete control of an affected system. Attacks attempting to exploit this vulnerability could also result in a denial of service condition. An attacker could also exploit this vulnerability to force the system to restart.
References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4023

Write-up by: Aditya Chaturvedi
Security Sites
 
“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”
 
Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner
 

 
Home | About Us | Products | Technology | Solutions | Support | Partners | News & Events | Resources | Contact Us
Copyright ©2008 iPolicy Networks - Security Products Division of Tech Mahindra Limited | Privacy Policy | Site Map