CVE-2009-3675

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions 2000 SP4, XP SP2, XP SP3, and Server 2003 SP2

Description A denial of service issue exists due to the improper handling of specially crafted ISAKMP messages by the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows. This can be exploited via a malformed ISAKMP request over IPsec, allowing remote authenticated users to cause a denial of service through CPU consumption.

Recommendations For Microsoft Windows 2000 SP4, XP SP2, XP SP3, and Server 2003 SP2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.