CVE-2009-1928

Name of the Vulnerable Software and Affected Versions: Microsoft Windows 2000 version SP4 Microsoft Windows Server 2003 version SP2 Microsoft Windows Server 2008 versions Gold through SP2 Active Directory Application Mode (ADAM) on Windows XP versions SP2 through SP3 Active Directory Application Mode (ADAM) on Windows Server 2003 version SP2 Active Directory Lightweight Directory Service (AD LDS) on Windows Server 2008 versions Gold through SP2

Description: A stack consumption issue in the LDAP service within Active Directory on Microsoft Windows allows remote attackers to cause a denial of service, resulting in a system hang, by sending a malformed LDAP or LDAPS request.

Recommendations: For Microsoft Windows 2000 SP4, apply the recommended patch to resolve the issue. For Microsoft Windows Server 2003 SP2, apply the recommended patch to resolve the issue. For Microsoft Windows Server 2008 Gold and SP2, apply the recommended patch to resolve the issue. For Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2, apply the recommended patch to resolve the issue. For Active Directory Lightweight Directory Service (AD LDS) on Windows Server 2008 Gold and SP2, apply the recommended patch to resolve the issue. As a temporary workaround, consider restricting access to the LDAP service to minimize the risk of exploitation.