About Us | Contact Us

 


 

VUPEN Free Resources
 
  VUPEN Security Advisories
 
  VUPEN Security Blog & News
  Zero-day Attacks Monitor
  Daily Security Mailinglist
  Explanation of Terms
  Advanced Search Engine
 
   

Microsoft Windows Active Directory Invalid Free and DoS Issues (MS09-018)

VUPEN ID VUPEN/ADV-2009-1537
CVE ID CVE-2009-1138 - CVE-2009-1139
 
CWE ID Available in VUPEN VNS Customer Area
CVSS V2 Available in VUPEN VNS Customer Area
Rated as Critical 
Impact Available in VUPEN VNS Customer Area
Authentication Level Available in VUPEN VNS Customer Area
Access Vector Available in VUPEN VNS Customer Area
Release Date 2009-06-09
Share Twitter LinkedIn Facebook Delicious Digg Slashdot

Technical Description

Two vulnerabilities have been identified in Microsoft Windows Active Directory, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system.

The first issue is caused due to the LDAP service on Windows 2000 incorrectly freeing memory upon handling specially crafted LDAP or LDAPS requests, which could be exploited by remote attackers to execute arbitrary code by sending a specially crafted LDAP or LDAPS packet to a domain controller.

The second vulnerability is caused due to the LDAP service improperly managing memory while executing LDAP or LDAPS requests that contain specific OID filters, which could allow remote attackers to cause a denial of service by sending a specially crafted LDAP or LDAPS packet to the Active Directory or ADAM server.

Affected Products

Microsoft Windows 2000 Server Service Pack 4
Microsoft Windows XP Professional Service Pack 2
Microsoft Windows XP Professional Service Pack 3
Microsoft Windows XP Professional x64 Edition Service Pack 2
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 SP2 (Itanium)

Solution 

Apply patches :
http://www.microsoft.com/technet/security/bulletin/ms09-018.mspx

References

http://www.vupen.com/english/advisories/2009/1537
http://www.microsoft.com/technet/security/bulletin/ms09-018.mspx

Credits 

Vulnerabilities reported by Joshua J. Drake (VeriSign iDefense Labs) and Justin Wyatt from (Beaverton School District).

Changelog 

2009-06-09 : Initial release

Feedback 

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Monthly Statistics 

 

 VUPEN Security Advisories By Criticality: Aug 2010


  Critical Risk

 : 0%

  High Risk		 : 0%

  Moderate Risk		 : 0%

  Low Risk		 : 100%

Get a real-time view of the vulnerabilities affecting your systems using the VUPEN VNS reporting capabilities.
 
 

Try VUPEN VNS 

 

 





© 2004-2010 VUPEN Security - Copyright - Privacy Policy