PT-2008-1743 · Microsoft · Windows 2000+4

Thomas Garnier

Published

2008-02-12

Updated

2019-04-30

CVE-2008-0088

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows XP with Active Directory Application Mode (ADAM)

Description The issue allows remote attackers to cause a denial of service, resulting in the system hanging and restarting, via a crafted LDAP request to Active Directory or Active Directory Application Mode (ADAM).

Recommendations For Microsoft Windows 2000, update to a version that includes the fix for this issue. For Microsoft Windows Server 2003, update to a version that includes the fix for this issue. For Microsoft Windows XP with Active Directory Application Mode (ADAM), update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the LDAP endpoint to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2008-0088

Affected Products

Active Directory

Active Directory Application Mode

Windows 2000

Windows Server 2003

Windows Xp

PT-2008-1743 · Microsoft · Windows 2000+4

CVE-2008-0088

Weakness Enumeration

Related Identifiers

Affected Products

References · 9