5

CVE-2007-3028

EPSS 65.63%
Veröffentlicht 10.07.2007 22:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly check "the number of convertible attributes", which allows remote attackers to cause a denial of service (service unavailability) via a crafted LDAP request, related to "client sent LDAP request logic," aka "Windows Active Directory Denial of Service Vulnerability".  NOTE: this is probably a different issue than CVE-2007-0040.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Updatesp4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	65.63%	0.985

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html

http://www.us-cert.gov/cas/techalerts/TA07-191A.html

US Government Resource

http://secunia.com/advisories/26002

http://www.securitytracker.com/id?1018355

http://www.vupen.com/english/advisories/2007/2481

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-039

http://www.kb.cert.org/vuls/id/348953

US Government Resource

http://www.securityfocus.com/bid/24796

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1856

https://nvd.nist.gov/vuln/detail/CVE-2007-3028

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-3028

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-3028

EUVD