MS.Windows.Active.Directory.LDAP.Request.Code.Execution

description-logoDescription

This indicates an attempt to exploit a remote code execution vulnerability in Microsoft Windows Active Directory.
The vulnerability is a result of the software's failure to handle specially crafted Lightweight Directory Access Protocol (LDAP) requests. A remote attacker can exploit this to execute arbitrary code with SYSTEM privileges.

affected-products-logoAffected Products

Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 x64 SP1
Microsoft Windows Server 2003 Itanium SP2
Microsoft Windows Server 2003 Itanium SP1
Microsoft Windows Server 2003 Itanium 0
Microsoft Windows 2000 Server SP4
Microsoft Windows 2000 Server SP3
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch, available from the website:
http://www.microsoft.com/technet/security/Bulletin/MS07-039.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)