CVE-2008-1445

EPSS 57.92%
Published 12.06.2008 02:32:00
Last modified 09.04.2025 00:30:58
Source secure@microsoft.com
Teams watchlist Login
Open Login

Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to cause a denial of service (system hang or reboot) via a crafted LDAP request.

Affected products Warnungen 0 Metrics 2 CWE 1 References 12

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows-nt Version2008 Editionx32

Microsoft ≫ Windows-nt Version2008 Editionx64

Microsoft ≫ Windows-nt Versionxp Updatesp3 Editionpro

Microsoft ≫ Windows 2003 Server Editionx64

Microsoft ≫ Windows 2003 Server Updatesp1

Microsoft ≫ Windows 2003 Server Updatesp1 Editionitanium

Microsoft ≫ Windows 2003 Server Updatesp2

Microsoft ≫ Windows 2003 Server Updatesp2 Editionitanium

Microsoft ≫ Windows 2003 Server Updatesp2 Editionx64

Microsoft ≫ Windows Xp Updatesp2 Editionx64

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	57.92%	0.981

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.us-cert.gov/cas/techalerts/TA08-162B.html

Third Party Advisory

US Government Resource

http://secunia.com/advisories/30586

Vendor Advisory

Permissions Required

http://securitytracker.com/id?1020229

Third Party Advisory

VDB Entry

http://www.securityfocus.com/archive/1/493338/100/0/threaded

http://www.securityfocus.com/archive/1/493342/100/0/threaded

http://www.securityfocus.com/bid/29584