5

CVE-2007-3028

EPSS 65.63%
Published 10.07.2007 22:30:00
Last modified 09.04.2025 00:30:58
Source secure@microsoft.com
Teams watchlist Login
Open Login

The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly check "the number of convertible attributes", which allows remote attackers to cause a denial of service (service unavailability) via a crafted LDAP request, related to "client sent LDAP request logic," aka "Windows Active Directory Denial of Service Vulnerability".  NOTE: this is probably a different issue than CVE-2007-0040.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Updatesp4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	65.63%	0.985

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html

http://www.us-cert.gov/cas/techalerts/TA07-191A.html

US Government Resource

http://secunia.com/advisories/26002

http://www.securitytracker.com/id?1018355

http://www.vupen.com/english/advisories/2007/2481

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-039

http://www.kb.cert.org/vuls/id/348953

US Government Resource

http://www.securityfocus.com/bid/24796

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1856

https://nvd.nist.gov/vuln/detail/CVE-2007-3028

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-3028

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-3028

EUVD