Thread-topic: [SA26002] Microsoft Windows Active Directory Two Vulnerabilities
>
> TITLE:
> Microsoft Windows Active Directory Two Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA26002
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/26002/
>
> CRITICAL:
> Moderately critical
>
> IMPACT:
> DoS, System access
>
> WHERE:
> From local network
>
> OPERATING SYSTEM:
> Microsoft Windows 2000 Server
> http://secunia.com/product/20/
> Microsoft Windows Server 2003 Datacenter Edition
> http://secunia.com/product/1175/
> Microsoft Windows Server 2003 Enterprise Edition
> http://secunia.com/product/1174/
> Microsoft Windows Server 2003 Standard Edition
> http://secunia.com/product/1173/
> Microsoft Windows Server 2003 Web Edition
> http://secunia.com/product/1176/
> Microsoft Windows Storage Server 2003
> http://secunia.com/product/12399/
> Microsoft Windows 2000 Advanced Server
> http://secunia.com/product/21/
> Microsoft Windows 2000 Datacenter Server
> http://secunia.com/product/1177/
>
> DESCRIPTION:
> Two vulnerabilities have been reported in Windows Active Directory,
> which can be exploited by malicious users and malicious people to
> cause a DoS (Denial of Service) or compromise a vulnerable system.
>
> 1) An error within the handling of the number of convertible
> attributes in LDAP requests can be exploited to cause a DoS or
> potentially allow execution of arbitrary code via a specially crafted
> request.
>
> Successful exploitation of this vulnerability requires valid logon
> credentials on Windows Server 2003.
>
> 2) An error in the handling of LDAP requests can be exploited to
> cause the service to temporarily stop responding by sending a
> specially crafted LDAP request.
>
> SOLUTION:
> Apply patches.
>
> Microsoft Windows 2000 Server SP4:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=812e6
> 2c5-6e19-4b3b-8a10-861b871e1b41
>
> Windows Server 2003 SP1/SP2:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=28e84
> 603-8159-4429-aaff-a1020531e84f
>
> Windows Server 2003 x64 Edition (optionally with SP2):
> http://www.microsoft.com/downloads/details.aspx?FamilyId=10790
> 2f9-be94-457f-a936-519efbd64779
>
> Windows Server 2003 for Itanium-based systems SP1/SP2:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=e5e5b
> 425-fe7d-49d5-973f-f3fd7a1e04eb
>
> PROVIDED AND/OR DISCOVERED BY:
> 1) The vendor credits Neel Mehta, IBM Internet Security Systems
> X-Force.
> 2) The vendor credits Peter Winter-Smith, NGSSoftware.
>
> ORIGINAL ADVISORY:
> MS07-039 (KB926122):
> http://www.microsoft.com/technet/security/Bulletin/MS07-039.mspx
>