ID CVE-2009-1928
Summary Stack consumption vulnerability in the LDAP service in Active Directory on Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2; Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) on Windows Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via a malformed (1) LDAP or (2) LDAPS request, aka "LSASS Recursive Stack Overflow Vulnerability."
References
Vulnerable Configurations
  • Microsoft Windows 2000 Service Pack 4
    cpe:2.3:o:microsoft:windows_2000:-:sp4
  • Microsoft Windows 2003 Server Service Pack 2
    cpe:2.3:o:microsoft:windows_2003_server:-:sp2
  • Microsoft Windows 2003 Server Service Pack 2 Itanium
    cpe:2.3:o:microsoft:windows_2003_server:-:sp2:itanium
  • Microsoft Windows 2003 Server Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64
  • cpe:2.3:o:microsoft:windows_server_2008:-:x32
    cpe:2.3:o:microsoft:windows_server_2008:-:x32
  • cpe:2.3:o:microsoft:windows_server_2008:-:x64
    cpe:2.3:o:microsoft:windows_server_2008:-:x64
  • Windows Server 2008 Service Pack 2 for 32-bit systems
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x32
  • Microsoft Windows Server 2008 Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64
  • Microsoft Windows Server 2008 (gold) for Itanium-Based Systems
    cpe:2.3:o:microsoft:windows_server_2008:-:gold:itanium
  • Microsoft Windows Server 2008 Service Pack 2 for Itanium-Based Systems
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium
  • Microsoft Windows Vista
    cpe:2.3:o:microsoft:windows_vista
  • cpe:2.3:o:microsoft:windows_vista:-:x64
    cpe:2.3:o:microsoft:windows_vista:-:x64
  • Microsoft Windows Vista Service Pack 1 (initial release)
    cpe:2.3:o:microsoft:windows_vista:-:sp1
  • Microsoft Windows Vista Service Pack 1 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_vista:-:sp1:x64
  • Microsoft Windows Vista Service Pack 2
    cpe:2.3:o:microsoft:windows_vista:-:sp2
  • Microsoft Windows Vista Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_vista:-:sp2:x64
  • Microsoft Windows XP Service Pack 2
    cpe:2.3:o:microsoft:windows_xp:-:sp2
  • Microsoft Windows XP Service Pack 3
    cpe:2.3:o:microsoft:windows_xp:-:sp3
  • Microsoft Windows XP Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_xp:-:sp2:x64
CVSS
Base: 7.8 (as of 12-11-2009 - 08:07)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
msbulletin via4
bulletin_id MS09-066
bulletin_url
date 2009-11-10T00:00:00
impact Denial of Service
knowledgebase_id 973309
knowledgebase_url
severity Important
title Vulnerability in Active Directory Could Allow Denial of Service
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS09-066.NASL
description The installed version of Microsoft Active Directory / Active Directory Application Mode / Active Directory Lightweight Directory Service has a buffer overflow vulnerability. By sending specially crafted LDAP or LDAPS requests, a remote attacker can exhaust stack space and cause the affected host to stop responding until it is restarted.
last seen 2019-02-21
modified 2018-11-15
plugin id 42440
published 2009-11-10
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=42440
title MS09-066: Vulnerability in Active Directory Could Allow Denial of Service (973309)
oval via4
accepted 2014-04-07T04:06:55.345-04:00
class vulnerability
contributors
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
  • name Sharath S
    organization SecPod Technologies
  • name Rachana Shetty
    organization SecPod Technologies
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Pooja Shetty
    organization SecPod Technologies
definition_extensions
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Windows Server 2003 SP2 (x86) is installed
    oval oval:org.mitre.oval:def:1935
  • comment Microsoft Windows Server 2003 SP2 (x64) is installed
    oval oval:org.mitre.oval:def:2161
  • comment Microsoft Windows Server 2003 (ia64) SP2 is installed
    oval oval:org.mitre.oval:def:1442
  • comment Microsoft Windows XP (x86) SP2 is installed
    oval oval:org.mitre.oval:def:754
  • comment Microsoft Windows XP (x86) SP3 is installed
    oval oval:org.mitre.oval:def:5631
  • comment Microsoft Windows XP x64 Edition SP2 is installed
    oval oval:org.mitre.oval:def:4193
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
    oval oval:org.mitre.oval:def:5653
  • comment Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
    oval oval:org.mitre.oval:def:6216
description Stack consumption vulnerability in the LDAP service in Active Directory on Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2; Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) on Windows Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via a malformed (1) LDAP or (2) LDAPS request, aka "LSASS Recursive Stack Overflow Vulnerability."
family windows
id oval:org.mitre.oval:def:5890
status accepted
submitted 2009-11-10T13:00:00
title LSASS Recursive Stack Overflow Vulnerability
version 75
refmap via4
cert TA09-314A
ms MS09-066
Last major update 21-08-2010 - 01:33
Published 11-11-2009 - 14:30
Last modified 30-04-2019 - 10:27
Back to Top