From: Secunia Security Advisories (sec-advsecunia.com)
Date: Tue Jul 10 2007 - 16:02:13 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----------------------------------------------------------------------

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

The Full Featured Secunia Network Software Inspector (NSI) is now
available:
http://secunia.com/network_software_inspector/

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,000 different Windows applications.

----------------------------------------------------------------------

TITLE:
Microsoft Windows Active Directory Two Vulnerabilities

SECUNIA ADVISORY ID:
SA26002

VERIFY ADVISORY:
http://secunia.com/advisories/26002/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
From local network

OPERATING SYSTEM:
Microsoft Windows 2000 Server
http://secunia.com/product/20/
Microsoft Windows Server 2003 Datacenter Edition
http://secunia.com/product/1175/
Microsoft Windows Server 2003 Enterprise Edition
http://secunia.com/product/1174/
Microsoft Windows Server 2003 Standard Edition
http://secunia.com/product/1173/
Microsoft Windows Server 2003 Web Edition
http://secunia.com/product/1176/
Microsoft Windows Storage Server 2003
http://secunia.com/product/12399/
Microsoft Windows 2000 Advanced Server
http://secunia.com/product/21/
Microsoft Windows 2000 Datacenter Server
http://secunia.com/product/1177/

DESCRIPTION:
Two vulnerabilities have been reported in Windows Active Directory,
which can be exploited by malicious users and malicious people to
cause a DoS (Denial of Service) or compromise a vulnerable system.

1) An error within the handling of the number of convertible
attributes in LDAP requests can be exploited to cause a DoS or
potentially allow execution of arbitrary code via a specially crafted
request.

Successful exploitation of this vulnerability requires valid logon
credentials on Windows Server 2003.

2) An error in the handling of LDAP requests can be exploited to
cause the service to temporarily stop responding by sending a
specially crafted LDAP request.

SOLUTION:
Apply patches.

Microsoft Windows 2000 Server SP4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=812e62c5-6e19-4b3b-8a10-861b871e1b41

Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=28e84603-8159-4429-aaff-a1020531e84f

Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyId=107902f9-be94-457f-a936-519efbd64779

Windows Server 2003 for Itanium-based systems SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=e5e5b425-fe7d-49d5-973f-f3fd7a1e04eb

PROVIDED AND/OR DISCOVERED BY:
1) The vendor credits Neel Mehta, IBM Internet Security Systems
X-Force.
2) The vendor credits Peter Winter-Smith, NGSSoftware.

ORIGINAL ADVISORY:
MS07-039 (KB926122):
http://www.microsoft.com/technet/security/Bulletin/MS07-039.mspx

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]