PT-2013-4701 · Microsoft · Windows Vista+6
Published
2013-09-11
·
Updated
2023-12-07
·
CVE-2013-3868
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Microsoft Active Directory Lightweight Directory Service (AD LDS) versions on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8
Active Directory Services versions on Windows Server 2008 SP2 and R2 SP1 and Server 2012
Description
The issue allows remote attackers to cause a denial of service, resulting in an LDAP directory-service outage, via a crafted LDAP query.
Recommendations
For Microsoft Active Directory Lightweight Directory Service (AD LDS) on affected versions, apply the recommended patch to resolve the issue.
For Active Directory Services on affected versions, apply the recommended patch to resolve the issue.
As a temporary workaround, consider restricting access to the LDAP service to minimize the risk of exploitation.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Active Directory Lightweight Directory Service
Active Directory Services
Windows 7
Windows 8
Windows Server 2008
Windows Server 2012
Windows Vista