Signature Detail
Short Name |
LDAP:OVERFLOW:DC-MEM-LEAK-DOS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
LDAP |
Keywords |
Windows Active Directory Memory Leak Denial of Service |
Release Date |
2009/06/09 |
Update Number |
1449 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
LDAP: Windows Active Directory Memory Leak Denial of Service
This signature detects attempts to exploit a known vulnerability against Windows 2000 domain controllers. A successful attack can result in a server denial of service or arbitrary code execution.
Extended Description
Microsoft Active Directory is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the server, denying access to legitimate users.
Affected Products
- Avaya Messaging Application Server MM 1.1
- Avaya Messaging Application Server MM 2.0
- Avaya Messaging Application Server MM 3.0
- Avaya Messaging Application Server MM 3.1
- Avaya Messaging Application Server
- Microsoft Windows 2000 Advanced Server SP4
- Microsoft Windows 2000 Datacenter Server SP4
- Microsoft Windows 2000 Server SP4
- Microsoft Windows Server 2003 SP2
- Microsoft Windows Server 2003 Itanium SP2
- Microsoft Windows Server 2003 x64 SP2
- Microsoft Windows XP Professional SP2
- Microsoft Windows XP Professional SP3
- Microsoft Windows XP Professional x64 Edition SP2
- Nortel Networks Self-Service - CCSS7
- Nortel Networks Self-Service CCXML
- Nortel Networks Self-Service Media Processing Server
- Nortel Networks Self-Service MPS 100
- Nortel Networks Self-Service MPS 1000
- Nortel Networks Self-Service MPS 500
- Nortel Networks Self-Service Peri Application
- Nortel Networks Self-Service Speech Server
- Nortel Networks Self Service VoiceXML
- Nortel Networks Self-Service WVADS
References
- CVE: CVE-2009-1139
- CVE: CVE-2009-1138