Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4023

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-4023
Last Modified 07 Mar 2011 10:11:49
Published 14 Oct 2008 08:12:15
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4023

Summary

Active Directory in Microsoft Windows 2000 SP4 does not properly allocate memory for (1) LDAP and (2) LDAPS requests, which allows remote attackers to execute arbitrary code via a crafted request, aka "Active Directory Overflow Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


References

CERT - TA08-288A

BID - 31609

SECUNIA - 32242

XF - win-active-directory-ldap-bo(45585)

VUPEN - ADV-2008-2811

SECTRACK - 1021042

MS - MS08-060

HP - HPSBST02379

HP - SSRT080143


Last Updated: 27 May 2016 10:49:56