MS.Windows.Active.Directory.LDAP.Request.Code.Execution
Description
This indicates an attempt to exploit a remote code execution vulnerability in Microsoft Windows Active Directory.
The vulnerability is a result of the software's failure to handle specially crafted Lightweight Directory Access Protocol (LDAP) requests. A remote attacker can exploit this to execute arbitrary code with SYSTEM privileges.
Affected Products
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 x64 SP1
Microsoft Windows Server 2003 Itanium SP2
Microsoft Windows Server 2003 Itanium SP1
Microsoft Windows Server 2003 Itanium 0
Microsoft Windows 2000 Server SP4
Microsoft Windows 2000 Server SP3
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch, available from the website:
http://www.microsoft.com/technet/security/Bulletin/MS07-039.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |