CVE-2008-1445

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000 Server version SP4 Microsoft Windows XP Professional versions SP2 through SP3 Microsoft Windows Server 2003 versions SP1 through SP2 Microsoft Windows Server 2008 (affected versions not specified)

Description The issue allows remote authenticated users to cause a denial of service, resulting in a system hang or reboot, by sending a crafted LDAP request.

Recommendations For Microsoft Windows 2000 Server SP4, apply the recommended configuration changes to prevent the denial of service. For Microsoft Windows XP Professional SP2 and SP3, restrict access to the LDAP service to minimize the risk of exploitation. For Microsoft Windows Server 2003 SP1 and SP2, consider disabling the LDAP service until a fix is available. For Microsoft Windows Server 2008, at the moment, there is no information about a newer version that contains a fix for this vulnerability.