Vulnerability Note VU#348953

Microsoft Windows Active Directory fails to properly validate client sent LDAP requests

Overview

Microsoft Windows Active Directory fails to properly validate client-sent LDAP requests and may result in a denial of service condition.

I. Description

Microsoft Windows Active Directory contains a vulnerability in the way that the LDAP service validates the number of convertible attributes in the client-sent request. By sending a specially crafted LDAP request to a server running Active Directory, an attacker may be able to cause the server to stop responding.

II. Impact

A remote attacker may be able to cause a denial of service condition.

III. Solution

Apply an Update

Microsoft has released updates in Microsoft Security Bulletin MS07-039 to address this issue.

Workaround

Microsoft suggests blocking port 389/tcp and port 3268/tcp at the firewall to prevent exploitation of this vulnerability. Please see Microsoft Security Bulletin MS07-039 for further information.

Systems Affected

Vendor	Status	Date Notified	Date Updated
Microsoft Corporation	Vulnerable	10-Jul-2007

References

http://www.microsoft.com/technet/security/bulletin/ms07-039.mspx

Credit

This vulnerability was reported in Microsoft Security Bulletin MS07-039. Microsoft credits Peter Winter-Smith of NGSSoftware for reporting the vulnerability to them.

This document was written by Katie Steiner.

Other Information

Date Public:	2007-07-10
Date First Published:	2007-07-11
Date Last Updated:	2007-07-11
CERT Advisory:
CVE-ID(s):	CVE-2007-3028
NVD-ID(s):	CVE-2007-3028
US-CERT Technical Alerts:
Metric:	0.39
Document Revision:	7

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Produced 2007 by US-CERT, a government organization
Disclaimers and copyright information

Get Adobe Reader